Submitted URL: https://go.recordedfuture.com/e2t/tc/VX3Xvv1wbfbrW3YzQGs4kBgMnW2C4PM94t9lBlN8hWs4_3lGnpV1-WJV7CgKkPW1yRcpj1gW0cGN84p6SvRKrXtW2...
Effective URL: https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqt...
Submission: On June 24 via api from SG

Summary

This website contacted 28 IPs in 4 countries across 21 domains to perform 106 HTTP transactions. The main IP is 2a00:1450:4001:82f::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.fromdev.com.
TLS certificate: Issued by GTS CA 1D4 on May 7th 2021. Valid for: 3 months.
This is the only time www.fromdev.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:2c40::c7... 209242 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 185.199.111.153 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 23.111.10.144 33438 (HIGHWINDS2)
1 65.9.73.38 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
5 23.111.9.22 33438 (HIGHWINDS2)
2 2a03:2880:f01... 32934 (FACEBOOK)
18 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 178.128.41.241 14061 (DIGITALOC...)
4 94.31.29.32 6461 (ZAYO-6461)
5 2a00:1450:400... 15169 (GOOGLE)
2 142.250.185.162 15169 (GOOGLE)
2 65.9.86.127 16509 (AMAZON-02)
17 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 5 2a00:1450:400... 15169 (GOOGLE)
1 2 2a03:2880:f11... 32934 (FACEBOOK)
106 28
Domain Requested by
17 pagead2.googlesyndication.com cdn4.buysellads.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
www.googletagservices.com
16 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
9 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
5 www.google.com 2 redirects tpc.googlesyndication.com
5 www.googletagservices.com go.recordedfuture.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
5 s3.buysellads.com www.fromdev.com
s3.buysellads.com
4 cdn4.buysellads.net s3.buysellads.com
4 www.blogger.com www.fromdev.com
4 www.fromdev.com go.recordedfuture.com
www.fromdev.com
ajax.googleapis.com
3 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
3 adservice.google.de securepubads.g.doubleclick.net
pagead2.googlesyndication.com
3 1.bp.blogspot.com www.fromdev.com
2 www.facebook.com 1 redirects connect.facebook.net
2 c.amazon-adsystem.com cdn4.buysellads.net
2 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2 4.bp.blogspot.com www.fromdev.com
2 2.bp.blogspot.com www.fromdev.com
2 connect.facebook.net www.fromdev.com
connect.facebook.net
2 www.google-analytics.com www.fromdev.com
www.google-analytics.com
2 lh4.googleusercontent.com www.fromdev.com
2 lh6.googleusercontent.com www.fromdev.com
2 lh5.googleusercontent.com www.fromdev.com
2 go.recordedfuture.com 1 redirects
1 351083b7c90978f7b913de88cafaedbb.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 srv.buysellads.com s3.buysellads.com
1 stats.g.doubleclick.net www.google-analytics.com
1 fonts.gstatic.com www.fromdev.com
1 z-na.amazon-adsystem.com www.fromdev.com
1 cdn.fancybar.net www.fromdev.com
1 lh3.googleusercontent.com www.fromdev.com
1 resources.blogblog.com www.fromdev.com
1 fromdev.github.io www.fromdev.com
1 ajax.googleapis.com www.fromdev.com
106 33
Subject Issuer Validity Valid
go.recordedfuture.com
Cloudflare Inc ECC CA-3
2020-08-16 -
2021-08-16
a year crt.sh
www.fromdev.com
GTS CA 1D4
2021-05-07 -
2021-08-05
3 months crt.sh
*.blogger.com
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2021-05-24 -
2021-08-16
3 months crt.sh
www.github.com
DigiCert SHA2 High Assurance Server CA
2020-05-06 -
2022-04-14
2 years crt.sh
*.googleusercontent.com
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
*.fancybar.net
COMODO RSA Domain Validation Secure Server CA
2018-09-10 -
2020-09-09
2 years crt.sh
z-na.amazon-adsystem.com
Amazon
2020-12-12 -
2022-01-10
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
*.buysellads.com
Sectigo RSA Domain Validation Secure Server CA
2020-05-18 -
2022-05-18
2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-05-26 -
2021-08-24
3 months crt.sh
misc-sni.blogspot.com
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-05-24 -
2021-08-16
3 months crt.sh
*.buysellads.net
Sectigo RSA Domain Validation Secure Server CA
2019-08-23 -
2021-08-22
2 years crt.sh
c.amazon-adsystem.com
Amazon
2020-08-04 -
2021-08-02
a year crt.sh
*.google.de
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
*.google.com
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh

This page contains 20 frames:

Primary Page: https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email
Frame ID: DD908689DC9CF236246239B81D879A9A
Requests: 48 HTTP requests in this frame

Frame: https://cdn4.buysellads.net/backfill/147/26526.html?t=1609788741
Frame ID: 71C5C27FF96BAED20793FE43AC4E65E7
Requests: 2 HTTP requests in this frame

Frame: https://cdn4.buysellads.net/backfill/147/11553.html?t=1609788741
Frame ID: 3CD052BB35065E8D3F8DBD22A6F496C2
Requests: 9 HTTP requests in this frame

Frame: https://cdn4.buysellads.net/backfill/147/2718.html?t=1609788740
Frame ID: F70DE355740C449E02A0ACAEEB76A79F
Requests: 9 HTTP requests in this frame

Frame: https://cdn4.buysellads.net/backfill/147/26995.html?t=1609788741
Frame ID: C7F80668D82301672A822A5CA4108646
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210621/r20190131/zrt_lookup.html
Frame ID: F303FB7451D444F839435359FBB2D99E
Requests: 1 HTTP requests in this frame

Frame: https://351083b7c90978f7b913de88cafaedbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 43F74676EC7B53E24E4957D9E31360A3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457071623054633&output=html&h=200&slotname=3280765981&adk=411404361&adf=3279755399&pi=t.ma~as.3280765981&w=284&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=284x200&url=https%3A%2F%2Fwww.fromdev.com%2F&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624494627700&bpp=8&bdt=240&idt=112&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=7294511556897&frm=24&ife=1&pv=2&ga_vid=219842620.1624494628&ga_sid=1624494628&ga_hid=404148892&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=8&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=194699560&scr_x=-12245933&scr_y=-12245933&eid=31060974%2C31060049&oid=3&pvsid=2314440132360903&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.f8aq807y5q48&fsb=1&dtd=128
Frame ID: 0011B7AA766712B02973EFC853189429
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457071623054633&output=html&h=200&slotname=3280765981&adk=411404361&adf=3279755396&pi=t.ma~as.3280765981&w=284&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=284x200&url=https%3A%2F%2Fwww.fromdev.com%2F&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624494627742&bpp=6&bdt=284&idt=145&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=4627718449955&frm=24&ife=1&pv=2&ga_vid=1050587725.1624494628&ga_sid=1624494628&ga_hid=1838089732&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=8&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3633909031&scr_x=-12245933&scr_y=-12245933&eid=31061383&oid=3&pvsid=2096674099047271&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.qu1dzc3j5ics&fsb=1&dtd=158
Frame ID: DC83FECB988F7E53A879E13CB7E2697E
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: C3D0F060AF2ADC15F4E0C545BF1495D0
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js
Frame ID: D34CAA43D29298E153BA52AF9B86925D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: BC8BB0482362FEF4565239B12833A2C0
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8CEAFD552E6E34D06F9A52577982EC7B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 0B65DB508B9F7B9B74A1E14E9D667B03
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df163c98bd4fd49c%2526domain%253Dwww.fromdev.com%2526origin%253Dhttps%25253A%25252F%25252Fwww.fromdev.com%25252Ffb79c9b737fd1%2526relation%253Dparent.parent%26color_scheme%3Dlight%26container_width%3D300%26header%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Ffromdevcom%26locale%3Den_US%26sdk%3Djoey%26show_border%3Dfalse%26show_faces%3Dtrue%26stream%3Dfalse
Frame ID: 11562C54A0A79F05C7E5347DB315A62D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js
Frame ID: 0A31B10CD6B9E4DB4E2C5BDFC81DCC81
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 2E13340421B9D4E63C36BAE72A4FA4A3
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 55AD88E45F1FEE5929F2B9CBD583B7CE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 09D798D97F735E1A3E02EA29BE15D807
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E059D1F8117C0FE3B8E27CAC08CE9E39
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://go.recordedfuture.com/e2t/tc/VX3Xvv1wbfbrW3YzQGs4kBgMnW2C4PM94t9lBlN8hWs4_3lGnpV1-WJV7CgKkPW1yRcpj... Page URL
  2. https://go.recordedfuture.com/events/public/v1/track/tc/VX3Xvv1wbfbrW3YzQGs4kBgMnW2C4PM94t9lBlN8hWs4_3lGnp... HTTP 307
    https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

106
Requests

99 %
HTTPS

70 %
IPv6

21
Domains

33
Subdomains

28
IPs

4
Countries

2499 kB
Transfer

4472 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://go.recordedfuture.com/e2t/tc/VX3Xvv1wbfbrW3YzQGs4kBgMnW2C4PM94t9lBlN8hWs4_3lGnpV1-WJV7CgKkPW1yRcpj1gW0cGN84p6SvRKrXtW2wD8kT13Qb2HW3mFw4J8B9RPCW4_Ddr07tH4t_Vb3gTj5xnp5jN6kmDkRspW9jW4jFP9h3GcRgcN3qK0Q3BX-2FW2fPwwZ4PZFh6W1dzNGG1Z9wTYN1H76xn1WDx8W1JFrcn2wJ7trW8h-6_x5WNg_JW9d3xFJ2890BMW79WPNR3Lrf6PW92nPqZ3MBJP8W974tTM2Pb5ZtW2_l9lp8SqzcDW7KH3qG8CfK6JW3cFvFQ3_0FrbW2dfNdK2R2N_kW2xNMFr3WLL3lW5dgl3v2mKKfQW5xdLKV6HWWxXW3sJlj789Jc4M332t1 Page URL
  2. https://go.recordedfuture.com/events/public/v1/track/tc/VX3Xvv1wbfbrW3YzQGs4kBgMnW2C4PM94t9lBlN8hWs4_3lGnpV1-WJV7CgKkPW1yRcpj1gW0cGN84p6SvRKrXtW2wD8kT13Qb2HW3mFw4J8B9RPCW4_Ddr07tH4t_Vb3gTj5xnp5jN6kmDkRspW9jW4jFP9h3GcRgcN3qK0Q3BX-2FW2fPwwZ4PZFh6W1dzNGG1Z9wTYN1H76xn1WDx8W1JFrcn2wJ7trW8h-6_x5WNg_JW9d3xFJ2890BMW79WPNR3Lrf6PW92nPqZ3MBJP8W974tTM2Pb5ZtW2_l9lp8SqzcDW7KH3qG8CfK6JW3cFvFQ3_0FrbW2dfNdK2R2N_kW2xNMFr3WLL3lW5dgl3v2mKKfQW5xdLKV6HWWxXW3sJlj789Jc4M332t1?_ud=6a2e16fa-baff-4202-99b8-f72351301577&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
    https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 90
  • https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df163c98bd4fd49c%26domain%3Dwww.fromdev.com%26origin%3Dhttps%253A%252F%252Fwww.fromdev.com%252Ffb79c9b737fd1%26relation%3Dparent.parent&color_scheme=light&container_width=300&header=false&href=https%3A%2F%2Fwww.facebook.com%2Ffromdevcom&locale=en_US&sdk=joey&show_border=false&show_faces=true&stream=false HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df163c98bd4fd49c%2526domain%253Dwww.fromdev.com%2526origin%253Dhttps%25253A%25252F%25252Fwww.fromdev.com%25252Ffb79c9b737fd1%2526relation%253Dparent.parent%26color_scheme%3Dlight%26container_width%3D300%26header%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Ffromdevcom%26locale%3Den_US%26sdk%3Djoey%26show_border%3Dfalse%26show_faces%3Dtrue%26stream%3Dfalse
Request Chain 92
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

106 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
VX3Xvv1wbfbrW3YzQGs4kBgMnW2C4PM94t9lBlN8hWs4_3lGnpV1-WJV7CgKkPW1yRcpj1gW0cGN84p6SvRKrXtW2wD8kT13Qb2HW3mFw4J8B9RPCW4_Ddr07tH4t_Vb3gTj5xnp5jN6kmDkRspW9jW4jFP9h3GcRgcN3qK0Q3BX-2FW2fPwwZ4PZFh6W1dzNGG1Z...
go.recordedfuture.com/e2t/tc/
9 KB
3 KB
Document
General
Full URL
https://go.recordedfuture.com/e2t/tc/VX3Xvv1wbfbrW3YzQGs4kBgMnW2C4PM94t9lBlN8hWs4_3lGnpV1-WJV7CgKkPW1yRcpj1gW0cGN84p6SvRKrXtW2wD8kT13Qb2HW3mFw4J8B9RPCW4_Ddr07tH4t_Vb3gTj5xnp5jN6kmDkRspW9jW4jFP9h3GcRgcN3qK0Q3BX-2FW2fPwwZ4PZFh6W1dzNGG1Z9wTYN1H76xn1WDx8W1JFrcn2wJ7trW8h-6_x5WNg_JW9d3xFJ2890BMW79WPNR3Lrf6PW92nPqZ3MBJP8W974tTM2Pb5ZtW2_l9lp8SqzcDW7KH3qG8CfK6JW3cFvFQ3_0FrbW2dfNdK2R2N_kW2xNMFr3WLL3lW5dgl3v2mKKfQW5xdLKV6HWWxXW3sJlj789Jc4M332t1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b08d96b7652d8664b3ca02ad4cb08dd63f5fdf01a4027e9ff54d6fbe8825a0c

Request headers

:method
GET
:authority
go.recordedfuture.com
:scheme
https
:path
/e2t/tc/VX3Xvv1wbfbrW3YzQGs4kBgMnW2C4PM94t9lBlN8hWs4_3lGnpV1-WJV7CgKkPW1yRcpj1gW0cGN84p6SvRKrXtW2wD8kT13Qb2HW3mFw4J8B9RPCW4_Ddr07tH4t_Vb3gTj5xnp5jN6kmDkRspW9jW4jFP9h3GcRgcN3qK0Q3BX-2FW2fPwwZ4PZFh6W1dzNGG1Z9wTYN1H76xn1WDx8W1JFrcn2wJ7trW8h-6_x5WNg_JW9d3xFJ2890BMW79WPNR3Lrf6PW92nPqZ3MBJP8W974tTM2Pb5ZtW2_l9lp8SqzcDW7KH3qG8CfK6JW3cFvFQ3_0FrbW2dfNdK2R2N_kW2xNMFr3WLL3lW5dgl3v2mKKfQW5xdLKV6HWWxXW3sJlj789Jc4M332t1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 00:30:26 GMT
content-type
text/html;charset=utf-8
cf-ray
6641d8f49ba74a6e-FRA
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
cf-request-id
0add05ece300004a6e908d6000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
no-referrer
x-hubspot-correlation-id
46e18b6a-f65b-41e5-b3bd-e0e976ab8a11
x-robots-tag
none
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=06BmnMZ7ZVI15kcNQ6tizrd%2BrGIfa0n%2BneNTgad%2Fcfsp8uTUqfi8loSMxgBLp6b54s6zYX0slnDIZ%2FaUHfMEJK8czkrim9nKJAj%2Fm6hD9uUlVmaLB%2Bxfl4sEk%2BiGalqKUSV5Zb8uro9oh9dpItY%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
set-cookie
__cfruid=3e1e41dfc1a5d623b5e67631fca6d22a382b8bbb-1624494626; path=/; domain=.go.recordedfuture.com; HttpOnly; Secure; SameSite=None
server
cloudflare
content-encoding
br
Primary Request looking-for-secure-wordpress-hosting.html
www.fromdev.com/2021/06/
Redirect Chain
  • https://go.recordedfuture.com/events/public/v1/track/tc/VX3Xvv1wbfbrW3YzQGs4kBgMnW2C4PM94t9lBlN8hWs4_3lGnpV1-WJV7CgKkPW1yRcpj1gW0cGN84p6SvRKrXtW2wD8kT13Qb2HW3mFw4J8B9RPCW4_Ddr07tH4t_Vb3gTj5xnp5jN6k...
  • https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdO...
203 KB
42 KB
Document
General
Full URL
https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email
Requested by
Host: go.recordedfuture.com
URL: https://go.recordedfuture.com/e2t/tc/VX3Xvv1wbfbrW3YzQGs4kBgMnW2C4PM94t9lBlN8hWs4_3lGnpV1-WJV7CgKkPW1yRcpj1gW0cGN84p6SvRKrXtW2wD8kT13Qb2HW3mFw4J8B9RPCW4_Ddr07tH4t_Vb3gTj5xnp5jN6kmDkRspW9jW4jFP9h3GcRgcN3qK0Q3BX-2FW2fPwwZ4PZFh6W1dzNGG1Z9wTYN1H76xn1WDx8W1JFrcn2wJ7trW8h-6_x5WNg_JW9d3xFJ2890BMW79WPNR3Lrf6PW92nPqZ3MBJP8W974tTM2Pb5ZtW2_l9lp8SqzcDW7KH3qG8CfK6JW3cFvFQ3_0FrbW2dfNdK2R2N_kW2xNMFr3WLL3lW5dgl3v2mKKfQW5xdLKV6HWWxXW3sJlj789Jc4M332t1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8567bdc2599001757e7976f8bff2094fdf043037a2373811011f8b3a27d5a088
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.fromdev.com
:scheme
https
:path
/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://go.recordedfuture.com/e2t/tc/VX3Xvv1wbfbrW3YzQGs4kBgMnW2C4PM94t9lBlN8hWs4_3lGnpV1-WJV7CgKkPW1yRcpj1gW0cGN84p6SvRKrXtW2wD8kT13Qb2HW3mFw4J8B9RPCW4_Ddr07tH4t_Vb3gTj5xnp5jN6kmDkRspW9jW4jFP9h3GcRgcN3qK0Q3BX-2FW2fPwwZ4PZFh6W1dzNGG1Z9wTYN1H76xn1WDx8W1JFrcn2wJ7trW8h-6_x5WNg_JW9d3xFJ2890BMW79WPNR3Lrf6PW92nPqZ3MBJP8W974tTM2Pb5ZtW2_l9lp8SqzcDW7KH3qG8CfK6JW3cFvFQ3_0FrbW2dfNdK2R2N_kW2xNMFr3WLL3lW5dgl3v2mKKfQW5xdLKV6HWWxXW3sJlj789Jc4M332t1

Response headers

content-type
text/html; charset=UTF-8
expires
Thu, 24 Jun 2021 00:30:26 GMT
date
Thu, 24 Jun 2021 00:30:26 GMT
cache-control
private, max-age=0
last-modified
Wed, 23 Jun 2021 18:57:37 GMT
etag
W/"c6c2d67ccd9fd5076349bf2c266373563b88553ab39e1d29d585e41b2d6ee129"
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
42511
server
GSE

Redirect headers

date
Thu, 24 Jun 2021 00:30:26 GMT
location
https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email
cf-ray
6641d8f51c3a4a6e-FRA
link
<https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email>; rel="canonical"
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
cf-request-id
0add05ed2c00004a6eb9807000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
no-referrer
x-hubspot-correlation-id
f395e607-0168-4586-9148-6f18dde10ac4
x-robots-tag
none
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HpXu8%2F%2BvFRZAX7CXJQfjL02knttO5cx68W2JN0aPSV8IDfMjpPtMQ9FrWzs%2FvAHp4IK6TuXOBecvK80hxBDJL5sS9ijmdV3oJ7bLAujPv6ic%2FxFSosyA3%2FVgj%2FfUBqDmfVzjoa%2BFVU2HNsPxDks%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
3822632116-css_bundle_v2.css
www.blogger.com/static/v1/widgets/
36 KB
8 KB
Stylesheet
General
Full URL
https://www.blogger.com/static/v1/widgets/3822632116-css_bundle_v2.css
Requested by
Host: www.fromdev.com
URL: https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
224d95cce08108610c46ef4134793dbdd619e43e90e9d9cf42716a08f45222f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Jun 2021 08:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 18 Jun 2021 10:52:31 GMT
server
sffe
age
404282
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7982
x-xss-protection
0
expires
Sun, 19 Jun 2022 08:12:24 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.3/
91 KB
92 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: www.fromdev.com
URL: https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 00:11:28 GMT
x-content-type-options
nosniff
age
1138
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93636
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Jun 2022 00:11:28 GMT
pandalocker.2.1.0.min.js
fromdev.github.io/fromdev-static/javascripts/
114 KB
29 KB
Script
General
Full URL
https://fromdev.github.io/fromdev-static/javascripts/pandalocker.2.1.0.min.js
Requested by
Host: www.fromdev.com
URL: https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-111-153.github.com
Software
GitHub.com /
Resource Hash
a0cc7ea6cbd952d06e91c390bf096a0ae68266a397b109bf0aa1b47752f12a2d

Request headers

Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id
1044adf1732fad35366917b7bbdf480cac9c871d
date
Thu, 24 Jun 2021 00:30:26 GMT
content-encoding
gzip
age
0
x-cache
MISS
content-length
28974
x-served-by
cache-bma1651-BMA
access-control-allow-origin
*
last-modified
Thu, 15 Mar 2018 19:26:15 GMT
server
GitHub.com
x-github-request-id
8C60:92E6:115F890:11DD8FB:60D397B3
x-timer
S1624494627.787685,VS0,VE130
etag
W/"5aaac8d7-1c6d2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Wed, 23 Jun 2021 20:31:07 GMT
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
0
icon18_wrench_allbkg.png
resources.blogblog.com/img/
475 B
612 B
Image
General
Full URL
https://resources.blogblog.com/img/icon18_wrench_allbkg.png
Requested by
Host: www.fromdev.com
URL: https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 14:18:50 GMT
x-content-type-options
nosniff
last-modified
Mon, 21 Jun 2021 15:55:23 GMT
server
sffe
age
123096
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
475
x-xss-protection
0
expires
Tue, 29 Jun 2021 14:18:50 GMT
2OrwiTJbQJrahoIwUf0i3ZTnYHp0rV7kdHpTPUHZSdMnAJwIpbaGew1fiT1R9_daoKs8ArkI0oteQSMBESO8nOgcpuMnjpwzoUFZZJcojpHWuosbWayEoTT_-S28jCLivltP_0zx=w640-h360
lh5.googleusercontent.com/
23 KB
24 KB
Image
General
Full URL
https://lh5.googleusercontent.com/2OrwiTJbQJrahoIwUf0i3ZTnYHp0rV7kdHpTPUHZSdMnAJwIpbaGew1fiT1R9_daoKs8ArkI0oteQSMBESO8nOgcpuMnjpwzoUFZZJcojpHWuosbWayEoTT_-S28jCLivltP_0zx=w640-h360
Requested by
Host: www.fromdev.com
URL: https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
9cae3559aa4f592c7310bb48a463164878646a2c1c045a66506143bc1dfbbff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 00:06:59 GMT
x-content-type-options
nosniff
age
1407
content-disposition
inline;filename="launchpresso-IOM28XWsk-g-unsplash.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23717
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 24 Jun 2021 19:34:47 GMT
3dkSfB7g01oATnK32PblB548Mqx-lAK5TK1NvzgkgPhwl01vx9gMl3WbuAAZ51WRUQ2Y5zVr_9XPIuf5R1yvi4UT2Ju4Ltgygr2hvG7I9t2nUwj19f0LAlQhThJwgaJA5zlm6cQY=w640-h311
lh6.googleusercontent.com/
103 KB
103 KB
Image
General
Full URL
https://lh6.googleusercontent.com/3dkSfB7g01oATnK32PblB548Mqx-lAK5TK1NvzgkgPhwl01vx9gMl3WbuAAZ51WRUQ2Y5zVr_9XPIuf5R1yvi4UT2Ju4Ltgygr2hvG7I9t2nUwj19f0LAlQhThJwgaJA5zlm6cQY=w640-h311
Requested by
Host: www.fromdev.com
URL: https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f00140e3c1a56b3146e22b26c5075b9253af6788208f68b1f128f14139d7e2c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 00:30:27 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="pasted image 0.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
105472
x-xss-protection
0
expires
Fri, 25 Jun 2021 00:30:27 GMT
bNq3EwzufBhoKMbCxP-MLWl-kaOdONCt1yT9hN8-OjTIMmD423BxVz9tJ56769h--DJWlQRNXsL8cXvQar6-4t-t_uGbxRvr_9MwdmKVKDIA1TfrjXHxOhRzXvmxXT7x3V6eZ_ZL=w640-h315
lh3.googleusercontent.com/
170 KB
170 KB
Image
General
Full URL
https://lh3.googleusercontent.com/bNq3EwzufBhoKMbCxP-MLWl-kaOdONCt1yT9hN8-OjTIMmD423BxVz9tJ56769h--DJWlQRNXsL8cXvQar6-4t-t_uGbxRvr_9MwdmKVKDIA1TfrjXHxOhRzXvmxXT7x3V6eZ_ZL=w640-h315
Requested by
Host: www.fromdev.com
URL: https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
64c007b46f25da47c659a0045ce49d7b9e0c2aac355bfa4c32845a52064af979
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 00:30:26 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="pasted image 0.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
173577
x-xss-protection
0
expires
Fri, 25 Jun 2021 00:30:26 GMT
0WB0-jUvNeIwzNGd9HhA7zlXRDAv5Rl_m4GLoZyF_cQHumfFaJFxAY0h3tIXL0OlQA5QukS1g30hdKkXL9cOWA_nPCjT3Q29ZDlbwgMnfwABTo-fyXCVr6Ay8UCtH3FG6Ra7DHYX=w640-h282
lh5.googleusercontent.com/
185 KB
185 KB
Image
General
Full URL
https://lh5.googleusercontent.com/0WB0-jUvNeIwzNGd9HhA7zlXRDAv5Rl_m4GLoZyF_cQHumfFaJFxAY0h3tIXL0OlQA5QukS1g30hdKkXL9cOWA_nPCjT3Q29ZDlbwgMnfwABTo-fyXCVr6Ay8UCtH3FG6Ra7DHYX=w640-h282
Requested by
Host: www.fromdev.com
URL: https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
340cb5376c97c3b1e19daa9cd3b409a7b3df87eddede0548b031185ffa343244
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 00:30:26 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="pasted image 0.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
189587
x-xss-protection
0
expires
Fri, 25 Jun 2021 00:30:26 GMT
TpOzmOmd-wIgUjw8Al1FsUPMwwL9-c6qTR1UHXKUj8NN88OWxgZkbMfh8UdTIZJ8NBSyy0mgXMqjtAo1bsyAOXDFUlXk3b0X_Rc0zZlDd9eANaVjPRF6ojnj7LeuuADEO50nHm0P=w640-h304
lh6.googleusercontent.com/
175 KB
175 KB
Image
General
Full URL
https://lh6.googleusercontent.com/TpOzmOmd-wIgUjw8Al1FsUPMwwL9-c6qTR1UHXKUj8NN88OWxgZkbMfh8UdTIZJ8NBSyy0mgXMqjtAo1bsyAOXDFUlXk3b0X_Rc0zZlDd9eANaVjPRF6ojnj7LeuuADEO50nHm0P=w640-h304
Requested by
Host: www.fromdev.com
URL: https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
41bbd2b65afe17462ef9ebe08d8952cd546ad6edb1a2c809489d33d203e7bb64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 00:30:27 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="pasted image 0.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
179096
x-xss-protection
0
expires
Fri, 25 Jun 2021 00:30:27 GMT
LkLrIW4YyN85oylLOLyVs2mIXg7Uf4jUo4Jq-9SXHjvLoIiXgo61XT1tiIXT6-psxCVApF8CkJPsvO2WfLrRDTLF1h-315rT9asKMu7TGTWKjAEkxIjjhoJNVCOSFGCdhVizo1f5=w640-h318
lh4.googleusercontent.com/
134 KB
134 KB
Image
General
Full URL
https://lh4.googleusercontent.com/LkLrIW4YyN85oylLOLyVs2mIXg7Uf4jUo4Jq-9SXHjvLoIiXgo61XT1tiIXT6-psxCVApF8CkJPsvO2WfLrRDTLF1h-315rT9asKMu7TGTWKjAEkxIjjhoJNVCOSFGCdhVizo1f5=w640-h318
Requested by
Host: www.fromdev.com
URL: https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6d556e336cb12f6938b56f6bf7352ce363a192e0866a26bad0e445f29291c00c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 00:30:27 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="pasted image 0.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136924
x-xss-protection
0
expires
Fri, 25 Jun 2021 00:30:27 GMT
fancybar.js
cdn.fancybar.net/ac/
21 KB
8 KB
Script
General
Full URL
https://cdn.fancybar.net/ac/fancybar.js?zoneid=1502&serve=C6ADVKE&placement=fromdev
Requested by
Host: www.fromdev.com
URL: https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.10.144 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
f5a1212852709b2be58bf29e94fb8b53575c6596d744b192d2979474b062c4b3

Request headers

Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 24 Jun 2021 00:30:27 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Aug 2019 14:20:27 GMT
Server
NetDNA-cache/2.2
ETag
W/"5362-5900057953202"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
cookienotice.js
www.fromdev.com/js/
6 KB
2 KB
Script
General
Full URL
https://www.fromdev.com/js/cookienotice.js
Requested by
Host: www.fromdev.com
URL: https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:path
/js/cookienotice.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.fromdev.com
referer
https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 00:30:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 23 Jun 2021 19:55:39 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
2026
x-xss-protection
0
expires
Thu, 01 Jul 2021 00:30:26 GMT
2241899886-widgets.js
www.blogger.com/static/v1/widgets/
147 KB
147 KB
Script
General
Full URL
https://www.blogger.com/static/v1/widgets/2241899886-widgets.js
Requested by
Host: www.fromdev.com
URL: https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54bd542828f2695208ccd3886873d9e065b332e01da828df158e4a539bd8eb44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 13:36:52 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Jun 2021 00:57:18 GMT
server
sffe
age
125614
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
150527
x-xss-protection
0
expires
Wed, 22 Jun 2022 13:36:52 GMT
onejs
z-na.amazon-adsystem.com/widgets/
22 KB
8 KB
Script
General
Full URL
https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=0539ca3e-8bec-4348-9133-e5803c030e3e
Requested by
Host: www.fromdev.com
URL: https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
56e53086a7cdcbcc2c0f8dbe51f353a94c733ee53e500d312ccae3fdadec8970

Request headers

Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
Public
date
Thu, 24 Jun 2021 00:30:27 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
AMS1-C1
x-cache
Miss from cloudfront
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
charset
UTF-8
cache-control
public,max-age=300,s-maxage=300,no-transform
content-length
7320
via
1.1 cfe504a64f6a3eed0237f039e09f6185.cloudfront.net (CloudFront)
x-amz-cf-id
6xGBee4uvN6iZE5qRsafbzq1iSQJy6q7fy4rVfZhsgIg_t-pHk5jEg==
expires
Thu, 24 Jun 2021 00:35:27 GMT
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.fromdev.com
URL: https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
3521
date
Wed, 23 Jun 2021 23:31:45 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Thu, 24 Jun 2021 01:31:45 GMT
bsa.js
s3.buysellads.com/ac/
19 KB
8 KB
Script
General
Full URL
https://s3.buysellads.com/ac/bsa.js
Requested by
Host: www.fromdev.com
URL: https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.22 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
1ff5c8042a24f2d373e46c2a3e7f6ddcc7819cf5e5e7a79ac98106219ee39ca3

Request headers

Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 24 Jun 2021 00:30:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2016 18:53:47 GMT
Server
NetDNA-cache/2.2
x-amz-request-id
KVBW3SND1W5VH4DV
ETag
W/"f6b33c51e637efde46d89be5413fab46"
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
application/javascript
Cache-Control
public, max-age=3600
Connection
keep-alive
x-amz-id-2
B1eJ3ugy29yhfbNtrH+BC+tHC/qOay2QJ4gt1TwG6dpxQHF31z7+PcCjq3UH4LOp8Yfhjd2IbN8=
authorization.css
www.blogger.com/dyn-css/
1 B
43 B
Stylesheet
General
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=637499528247154499&zx=001546ff-53a2-46f2-8397-383cc3217578
Requested by
Host: www.fromdev.com
URL: https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 24 Jun 2021 00:30:26 GMT
server
GSE
date
Thu, 24 Jun 2021 00:30:26 GMT
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-type
text/css; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
all.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: www.fromdev.com
URL: https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3ca5303ca488470ed3324131bee86a6a9e6fecf2ece45e4fe76e0d6bba984ad3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
7ysDonPIsDkgn7Cf7m0H6A==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1686
x-fb-rlafr
0
x-fb-debug
OPDF+VNL8T/1mIZNBaCGXQq8ZnX4eZuQ8kE939sofwZtGEIi7ikTH0HXY/LJIcSFdvgr4146X6hR/MVJbTidwg==
x-fb-trip-id
686109401
x-fb-content-md5
ae415936d993cb7ebdc92e6ecb4e3c01
x-frame-options
DENY
date
Thu, 24 Jun 2021 00:30:26 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"a36c22fe80ac815bcd78bcbbc406d8aa"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 24 Jun 2021 00:47:20 GMT
default
www.fromdev.com/feeds/posts/
57 KB
17 KB
XHR
General
Full URL
https://www.fromdev.com/feeds/posts/default?alt=json-in-script&max-results=5&callback=jQuery18308494108807776328_1624494626791&_=1624494626822
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
b77a6117065d83c0c7b26d981b91d9b9a5818e7f81ac327997aa938a9dd3afe1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

:path
/feeds/posts/default?alt=json-in-script&max-results=5&callback=jQuery18308494108807776328_1624494626791&_=1624494626822
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.fromdev.com
x-requested-with
XMLHttpRequest
:scheme
https
sec-fetch-site
same-origin
referer
https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email
:method
GET
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 00:30:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 23 Jun 2021 18:57:37 GMT
server
blogger-renderd
etag
W/"1c1b81402cd246278267243247c4344529bf661ace56a091001459cadcdb9d1a"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
16929
x-xss-protection
0
expires
Thu, 24 Jun 2021 00:30:27 GMT
how-to-hire-a-software-architect-online.html
www.fromdev.com/2021/06/
195 KB
39 KB
XHR
General
Full URL
https://www.fromdev.com/2021/06/how-to-hire-a-software-architect-online.html
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
55655af5ed60f1b4e840f354440799db81981c406e7429c24cb53fa221890071
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/2021/06/how-to-hire-a-software-architect-online.html
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.fromdev.com
x-requested-with
XMLHttpRequest
:scheme
https
sec-fetch-site
same-origin
referer
https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email
:method
GET
Accept
*/*
Referer
https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 00:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 23 Jun 2021 18:57:37 GMT
server
GSE
etag
W/"c6c2d67ccd9fd5076349bf2c266373563b88553ab39e1d29d585e41b2d6ee129"
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0
content-length
40147
x-xss-protection
1; mode=block
expires
Thu, 24 Jun 2021 00:30:27 GMT
color-grey-social-32.png
2.bp.blogspot.com/-Wgbt9c57mFo/UgNq69thqdI/AAAAAAAAGWU/tNHeAbcBKoY/s1600/
58 KB
59 KB
Image
General
Full URL
https://2.bp.blogspot.com/-Wgbt9c57mFo/UgNq69thqdI/AAAAAAAAGWU/tNHeAbcBKoY/s1600/color-grey-social-32.png
Requested by
Host: www.fromdev.com
URL: https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
58764130dc328302c97fc5e6b818227f7e315152d1606bbbd5ae52d9b14938ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 00:21:57 GMT
x-content-type-options
nosniff
age
509
content-disposition
inline;filename="color-grey-social-32.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59513
x-xss-protection
0
server
fife
etag
"v1966"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 23 Jun 2021 23:49:29 GMT
meta-icons.png
4.bp.blogspot.com/-8nkMk_Pqi7M/UgOZo1MAWnI/AAAAAAAAGW0/lLR-wLp-g-c/s1600/
2 KB
2 KB
Image
General
Full URL
https://4.bp.blogspot.com/-8nkMk_Pqi7M/UgOZo1MAWnI/AAAAAAAAGW0/lLR-wLp-g-c/s1600/meta-icons.png
Requested by
Host: www.fromdev.com
URL: https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
422eb73d6185c40ebe2ef20f64ea8e1190c0321976a13ccd5b4e4c36ffc9849e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 23:32:58 GMT
x-content-type-options
nosniff
age
3448
content-disposition
inline;filename="meta-icons.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1696
x-xss-protection
0
server
fife
etag
"v196e"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 24 Jun 2021 07:16:46 GMT
li-arrow.png
2.bp.blogspot.com/-Fw6foyAYlOQ/UgZOVoRGOEI/AAAAAAAAGXU/vroqcDtk3D8/s1600/
288 B
313 B
Image
General
Full URL
https://2.bp.blogspot.com/-Fw6foyAYlOQ/UgZOVoRGOEI/AAAAAAAAGXU/vroqcDtk3D8/s1600/li-arrow.png
Requested by
Host: www.fromdev.com
URL: https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
61b8875943e7149337cff5eee15908b8cc90322e968daa287bfccbe65f1dbe5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 21:18:47 GMT
x-content-type-options
nosniff
age
11499
content-disposition
inline;filename="li-arrow.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
288
x-xss-protection
0
server
fife
etag
"v1976"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 24 Jun 2021 12:48:44 GMT
jump-top-arrow.png
4.bp.blogspot.com/-4rsDp_Wv9yg/UghBQrCm9fI/AAAAAAAAGXk/ls4z7ev6254/s1600/
473 B
600 B
Image
General
Full URL
https://4.bp.blogspot.com/-4rsDp_Wv9yg/UghBQrCm9fI/AAAAAAAAGXk/ls4z7ev6254/s1600/jump-top-arrow.png
Requested by
Host: www.fromdev.com
URL: https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
dfbcc7e40793a927a81062eb2917708435f983c85235d6cbbbbf16f619124fcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 23:32:57 GMT
x-content-type-options
nosniff
age
3449
content-disposition
inline;filename="jump-top-arrow.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
473
x-xss-protection
0
server
fife
etag
"v197a"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 24 Jun 2021 07:16:47 GMT
TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v36/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oswald/v36/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
Requested by
Host: www.fromdev.com
URL: https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
76db825b68979b9ea6cc55fa14373b7bf5e3beb7388cd2efa485938bb2a389fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.fromdev.com
Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 03:49:18 GMT
x-content-type-options
nosniff
age
74468
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16016
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 20:31:14 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jun 2022 03:49:18 GMT
all.js
connect.facebook.net/en_US/
251 KB
74 KB
Script
General
Full URL
https://connect.facebook.net/en_US/all.js?hash=05e9409d6d9845e6bdf973deff2f963c
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5fbb6a3068d5713328432bb50a7262996995bc44598c45b947416dc64a3709f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.fromdev.com
Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
3+VbpsQHpuRlXdIxe0hurg==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
75727
x-fb-rlafr
0
x-fb-debug
J4PQbgBBoZyWdJyhbybXU1OS3oEV2hm5W9434QBSNyF5LuneMAlS5wjqOAAaeI8UpN1UJqakvAyIIB0Lld1yDw==
x-fb-content-md5
20f95ed7d5abf257a570027eca77e23d
x-frame-options
DENY
date
Thu, 24 Jun 2021 00:30:26 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"e3f18621d6cdb7fce32078f6630cb5af"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 23 Jun 2022 21:37:39 GMT
collect
www.google-analytics.com/j/
4 B
24 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=2096652484&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fromdev.com%2F2021%2F06%2Flooking-for-secure-wordpress-hosting.html%3Futm_medium%3Demail%26_hsmi%3D135857741%26_hsenc%3Dp2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A%26utm_content%3D135857741%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Looking%20for%20Secure%20WordPress%20Hosting%3F%20Here%20Are%205%20Solutions%20%7C%20FromDev&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1816199670&gjid=760810363&cid=2041947867.1624494627&tid=UA-9202857-1&_gid=1741202426.1624494627&_r=1&_slc=1&z=1253311833
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Jun 2021 00:30:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.fromdev.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
authorization.css
www.blogger.com/dyn-css/
1 B
43 B
Stylesheet
General
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=637499528247154499&zx=001546ff-53a2-46f2-8397-383cc3217578
Requested by
Host: www.fromdev.com
URL: https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 24 Jun 2021 00:30:27 GMT
server
GSE
date
Thu, 24 Jun 2021 00:30:27 GMT
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-type
text/css; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
87 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-9202857-1&cid=2041947867.1624494627&jid=1816199670&gjid=760810363&_gid=1741202426.1624494627&_u=IEBAAEAAAAAAAC~&z=1229250064
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 24 Jun 2021 00:30:26 GMT
content-type
text/plain
access-control-allow-origin
https://www.fromdev.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
s_c280cfc886604c12b0a8bdb4490c3f0a.js
s3.buysellads.com/r/
769 B
648 B
Script
General
Full URL
https://s3.buysellads.com/r/s_c280cfc886604c12b0a8bdb4490c3f0a.js?v=1624492800000
Requested by
Host: s3.buysellads.com
URL: https://s3.buysellads.com/ac/bsa.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.22 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
400991060c2cfcfa2e8e0ed2adb3220124a17be2fe3eb56627fb57d87e6096d1

Request headers

Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 24 Jun 2021 00:30:27 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Jan 2021 16:02:51 GMT
Server
NetDNA-cache/2.2
x-amz-request-id
RKGEZYAE3BS0AQH0
ETag
W/"8afae6d527766824c13e0f5f22743c80"
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
application/javascript
Connection
keep-alive
x-amz-id-2
HT6thK8B7ng7vDZcL3EeYEcm+3KI9Dk2CUCNxMr9M/GyVWbn6yzudMKATcNWrj8IpwxeeggnHdE=
pro.js
s3.buysellads.com/ac/
8 KB
4 KB
Script
General
Full URL
https://s3.buysellads.com/ac/pro.js
Requested by
Host: s3.buysellads.com
URL: https://s3.buysellads.com/ac/bsa.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.22 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
86a2b0cd69afae8f700d7b2ab69f408f1db709d72567e5e994e0bf2efa18ed84

Request headers

Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 24 Jun 2021 00:30:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2016 18:54:42 GMT
Server
NetDNA-cache/2.2
x-amz-request-id
510FKD18VXEB3Q14
ETag
W/"49e214d59c291a52de5e3289201f10ec"
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
application/javascript
Cache-Control
public, max-age=3600
Connection
keep-alive
x-amz-id-2
u19wIyCd/CokAZLDC2/sBnOoVfT74/aGUn6xT2ATUewiw5dKX1ghZ2w/ZHck6/eyB3JfPWob8/I=
man-1205084_1920.jpg
1.bp.blogspot.com/-o8LQD1-Gn2I/YND4qnOcV3I/AAAAAAAAFWE/vBeao1c69V0MRDjx-X7q39mg4apSkLFdACLcBGAsYHQ/w640-h444/
62 KB
62 KB
Image
General
Full URL
https://1.bp.blogspot.com/-o8LQD1-Gn2I/YND4qnOcV3I/AAAAAAAAFWE/vBeao1c69V0MRDjx-X7q39mg4apSkLFdACLcBGAsYHQ/w640-h444/man-1205084_1920.jpg
Requested by
Host: www.fromdev.com
URL: https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
c0926eb9cabdae01f8097f5c5722034ca1347235579badb6f2af0d632e60de56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 00:30:27 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="man-1205084_1920.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63404
x-xss-protection
0
server
fife
etag
"v1562"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 24 Jun 2021 05:53:30 GMT
cryptocurrency-3401786_1920.jpg
1.bp.blogspot.com/-F9ontkeQVWk/YMz-yOKiFXI/AAAAAAAAFV8/YvKtbDaYQME1Gp-MPUMW7N0xD6pMZ5ivQCLcBGAsYHQ/w640-h380/
114 KB
114 KB
Image
General
Full URL
https://1.bp.blogspot.com/-F9ontkeQVWk/YMz-yOKiFXI/AAAAAAAAFV8/YvKtbDaYQME1Gp-MPUMW7N0xD6pMZ5ivQCLcBGAsYHQ/w640-h380/cryptocurrency-3401786_1920.jpg
Requested by
Host: www.fromdev.com
URL: https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
925a1cef9a24d8e3d7aebb0fa805f5cd46e7bea6d8b87277f9a18a955898bd6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 00:30:27 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="cryptocurrency-3401786_1920.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116295
x-xss-protection
0
server
fife
etag
"v1560"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 23 Jun 2021 19:13:16 GMT
YkKSopSNJ63RLPQEYcc50Ab5gRDaFQIgi7xRFFGr5qJbxeKGIucTGz37kdJmC4giywNlC5jHE43NV3EseLbtevUvGO1ZgqVyaFfJ3frYUZcIrYU9S41bVrGtYxKFN1NJIECf28c=w640-h426
lh4.googleusercontent.com/
47 KB
47 KB
Image
General
Full URL
https://lh4.googleusercontent.com/YkKSopSNJ63RLPQEYcc50Ab5gRDaFQIgi7xRFFGr5qJbxeKGIucTGz37kdJmC4giywNlC5jHE43NV3EseLbtevUvGO1ZgqVyaFfJ3frYUZcIrYU9S41bVrGtYxKFN1NJIECf28c=w640-h426
Requested by
Host: www.fromdev.com
URL: https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
10575a9b43350137a5ab7249705b19e1f1749e1ed8feeb8c63450a5a834453aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 22:54:50 GMT
x-content-type-options
nosniff
age
5737
content-disposition
inline;filename="image1.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47886
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 24 Jun 2021 10:44:16 GMT
adwords-793034_1920.jpg
1.bp.blogspot.com/-FFmbcwJ19G0/YMuXw7CRqzI/AAAAAAAAFV0/QqzZr5vtkOoGts0rh6vBOQd99-ZA5wbpgCLcBGAsYHQ/w640-h424/
87 KB
87 KB
Image
General
Full URL
https://1.bp.blogspot.com/-FFmbcwJ19G0/YMuXw7CRqzI/AAAAAAAAFV0/QqzZr5vtkOoGts0rh6vBOQd99-ZA5wbpgCLcBGAsYHQ/w640-h424/adwords-793034_1920.jpg
Requested by
Host: www.fromdev.com
URL: https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f4cfb84a9f484865302735ba62b30343df6e8256ee54036eb85cd419d2110cd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 00:30:27 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="adwords-793034_1920.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89402
x-xss-protection
0
server
fife
etag
"v155e"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 24 Jun 2021 05:53:30 GMT
/
srv.buysellads.com/ads/get/ids/CVSDPKJN;CVSI42V;C6YIP2QI;CVSI45T;CVSI42Y;CVSI4KE;CVSDL5QM/
17 KB
3 KB
Script
General
Full URL
https://srv.buysellads.com/ads/get/ids/CVSDPKJN;CVSI42V;C6YIP2QI;CVSI45T;CVSI42Y;CVSI4KE;CVSDL5QM/?r=1624492800000
Requested by
Host: s3.buysellads.com
URL: https://s3.buysellads.com/ac/pro.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.128.41.241 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
srv-eu-ldn-7.buysellads.com
Software
//srv.buysellads.com /
Resource Hash
3930511b2f649ff596282407e6e3a837c8278c01b6b416b51372decbf238f709

Request headers

Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 24 Jun 2021 00:30:27 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
//srv.buysellads.com
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
26526.html
cdn4.buysellads.net/backfill/147/ Frame 71C5
287 B
523 B
Document
General
Full URL
https://cdn4.buysellads.net/backfill/147/26526.html?t=1609788741
Requested by
Host: s3.buysellads.com
URL: https://s3.buysellads.com/ac/pro.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.32 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.32.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
171c1bd180c64ddf89d6a02acce08844161d1ddeaf69fd9b18ec2cabc8d3cfb7

Request headers

:method
GET
:authority
cdn4.buysellads.net
:scheme
https
:path
/backfill/147/26526.html?t=1609788741
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.fromdev.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.fromdev.com/

Response headers

date
Thu, 24 Jun 2021 00:30:27 GMT
content-type
text/html
x-amz-id-2
Tb0dlOUpMxT95mRdLDpAHdqtbSLGHuZTywy5mHbxw62kXaDB5D5km5h8M439INbfIloQ54AdP9Y=
x-amz-request-id
CSAWBRAGBKCZCJBR
last-modified
Mon, 04 Jan 2021 19:43:58 GMT
etag
W/"d00cf41af0431f3034bbe999efe43575"
server
NetDNA-cache/2.2
expires
Sun, 19 Jun 2022 00:30:27 GMT
cache-control
max-age=31104000
x-cache
HIT
content-encoding
gzip
11553.html
cdn4.buysellads.net/backfill/147/ Frame 3CD0
335 B
566 B
Document
General
Full URL
https://cdn4.buysellads.net/backfill/147/11553.html?t=1609788741
Requested by
Host: s3.buysellads.com
URL: https://s3.buysellads.com/ac/pro.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.32 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.32.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
66db420c40d4a45d7b1c700bf3033a5e0e466ce521058ac1d9b895fb21dabe13

Request headers

:method
GET
:authority
cdn4.buysellads.net
:scheme
https
:path
/backfill/147/11553.html?t=1609788741
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.fromdev.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.fromdev.com/

Response headers

date
Thu, 24 Jun 2021 00:30:27 GMT
content-type
text/html
x-amz-id-2
2AqMAyenK4U7qyoDs632g20HffwYgPzdyykx3SpPBilIsKnYWJx6TOYBAdmwiVuD0NUDR3UG96s=
x-amz-request-id
46045F6B82FB5078
last-modified
Mon, 04 Jan 2021 19:43:57 GMT
etag
W/"fc8f1d89e0ddf8e765555c44c681be19"
server
NetDNA-cache/2.2
expires
Sun, 19 Jun 2022 00:30:27 GMT
cache-control
max-age=31104000
x-cache
HIT
content-encoding
gzip
2718.html
cdn4.buysellads.net/backfill/147/ Frame F70D
335 B
567 B
Document
General
Full URL
https://cdn4.buysellads.net/backfill/147/2718.html?t=1609788740
Requested by
Host: s3.buysellads.com
URL: https://s3.buysellads.com/ac/pro.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.32 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.32.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
66db420c40d4a45d7b1c700bf3033a5e0e466ce521058ac1d9b895fb21dabe13

Request headers

:method
GET
:authority
cdn4.buysellads.net
:scheme
https
:path
/backfill/147/2718.html?t=1609788740
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.fromdev.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.fromdev.com/

Response headers

date
Thu, 24 Jun 2021 00:30:27 GMT
content-type
text/html
x-amz-id-2
f+OHhHoZoCYHux6xRLX6uGNKhnpruWzPfQaP9IreMvITW1G1Pb6BSDd/zCqkG94R7NKsNkf/Gwk=
x-amz-request-id
E77820725A312DBA
last-modified
Mon, 04 Jan 2021 19:43:57 GMT
etag
W/"fc8f1d89e0ddf8e765555c44c681be19"
server
NetDNA-cache/2.2
expires
Sun, 19 Jun 2022 00:30:27 GMT
cache-control
max-age=31104000
x-cache
HIT
content-encoding
gzip
gpt.js
www.googletagservices.com/tag/js/
67 KB
24 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: go.recordedfuture.com
URL: https://go.recordedfuture.com/e2t/tc/VX3Xvv1wbfbrW3YzQGs4kBgMnW2C4PM94t9lBlN8hWs4_3lGnpV1-WJV7CgKkPW1yRcpj1gW0cGN84p6SvRKrXtW2wD8kT13Qb2HW3mFw4J8B9RPCW4_Ddr07tH4t_Vb3gTj5xnp5jN6kmDkRspW9jW4jFP9h3GcRgcN3qK0Q3BX-2FW2fPwwZ4PZFh6W1dzNGG1Z9wTYN1H76xn1WDx8W1JFrcn2wJ7trW8h-6_x5WNg_JW9d3xFJ2890BMW79WPNR3Lrf6PW92nPqZ3MBJP8W974tTM2Pb5ZtW2_l9lp8SqzcDW7KH3qG8CfK6JW3cFvFQ3_0FrbW2dfNdK2R2N_kW2xNMFr3WLL3lW5dgl3v2mKKfQW5xdLKV6HWWxXW3sJlj789Jc4M332t1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b681f72097552decfc53a7fea47c64dc6cb445f3a50a309e3031eb5598c1745d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 00:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"911 / 485 of 1000 / last-modified: 1624486143"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23719
x-xss-protection
0
expires
Thu, 24 Jun 2021 00:30:27 GMT
26995.html
cdn4.buysellads.net/backfill/147/ Frame C7F8
287 B
521 B
Document
General
Full URL
https://cdn4.buysellads.net/backfill/147/26995.html?t=1609788741
Requested by
Host: s3.buysellads.com
URL: https://s3.buysellads.com/ac/pro.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.32 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.32.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
607952d09a7f8bc1893e970fabf48e59158b8e12fba3803cb16a4c2b5d52fb72

Request headers

:method
GET
:authority
cdn4.buysellads.net
:scheme
https
:path
/backfill/147/26995.html?t=1609788741
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.fromdev.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.fromdev.com/

Response headers

date
Thu, 24 Jun 2021 00:30:27 GMT
content-type
text/html
x-amz-id-2
7YGbn+BW/F760qR8uq/CknCxquSfADfUzQ1EbdLhrFAWoKmdd75rbLxCc0CLYbwNldoA9waV0sI=
x-amz-request-id
5C79211524E71BCD
last-modified
Mon, 04 Jan 2021 19:43:58 GMT
etag
W/"ea00e7a89d085b9104b47c441b54089c"
server
NetDNA-cache/2.2
expires
Sun, 19 Jun 2022 00:30:27 GMT
cache-control
max-age=31104000
x-cache
HIT
content-encoding
gzip
223424-1400703305.jpg
s3.buysellads.com/1278541/
20 KB
20 KB
Image
General
Full URL
https://s3.buysellads.com/1278541/223424-1400703305.jpg
Requested by
Host: www.fromdev.com
URL: https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.22 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
37faacea2925c6872e50f44d16851b354c101c6fa73ab98509c1fe5a74f75487

Request headers

Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 24 Jun 2021 00:30:27 GMT
Last-Modified
Wed, 21 May 2014 20:15:11 GMT
Server
NetDNA-cache/2.2
x-amz-request-id
17857FA4744EFB8D
ETag
"b95fad722155cc6f8d9bf6262b4d67c4"
X-Cache
HIT
Content-Type
image/jpeg
Cache-Control
max-age=94608000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20421
x-amz-id-2
LgBF9ahAblQjF1pS15MHQ28SLqS2Rz/NMGKFzx8Uu/jwbNnCilv8YvJXS7Hd1gGIEM84WE7tU3E=
Expires
Thu, 21 May 2015 15:15:18 GMT
267312-1429873818.png
s3.buysellads.com/1291881/
13 KB
13 KB
Image
General
Full URL
https://s3.buysellads.com/1291881/267312-1429873818.png
Requested by
Host: www.fromdev.com
URL: https://www.fromdev.com/2021/06/looking-for-secure-wordpress-hosting.html?utm_medium=email&_hsmi=135857741&_hsenc=p2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A&utm_content=135857741&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.22 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
6176d264d3e3aa4eaab33234af8247387a7b990b4545afa65e51c2f4e21c1ff3

Request headers

Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 24 Jun 2021 00:30:27 GMT
Last-Modified
Fri, 24 Apr 2015 11:10:23 GMT
Server
NetDNA-cache/2.2
x-amz-request-id
FV4YBYFH2N6TDG3J
ETag
"bc48c692472cfaaa14cad51215b559b7"
X-Cache
HIT
Content-Type
image/png
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13350
x-amz-id-2
eTzTavd18GSyPZCBkPwFumcxLFw3ZA1rabshU5fXxl5jUakpMmeSfhXZ27Ro8SoY1oSNLj5lMi0=
pubads_impl_2021062203.js
securepubads.g.doubleclick.net/gpt/
326 KB
114 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062203.js?31061676
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
5c4542287cc42f50c3ede1a9bd12a1998632a3899463f23f213bc4407e96fcdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 00:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Jun 2021 16:21:40 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116144
x-xss-protection
0
expires
Thu, 24 Jun 2021 00:30:27 GMT
getads.js
c.amazon-adsystem.com/aax2/ Frame 71C5
1 KB
954 B
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/getads.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/backfill/147/26526.html?t=1609788741
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
202143e64fcb62034da0193289234b1a1e140d07d62ba868f634709908a41753

Request headers

Referer
https://cdn4.buysellads.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
oWZ7l5e2kg5ljFgICq_3zi3DKBhwC7zh
content-encoding
gzip
server
Server
age
220
etag
209f98108c2394f621eec0e1f652984a
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 609487f3e9c1fd7ddcc7b01d9818bfed.cloudfront.net (CloudFront)
cache-control
public, max-age=900
date
Thu, 24 Jun 2021 00:27:07 GMT
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
timing-allow-origin
*
content-length
559
x-amz-cf-id
QCNzMRiMQeaaT1t22FB1ELyGdan2VtzJJA1CSDFBbPaSUBTEz3JInA==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 3CD0
136 KB
48 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/backfill/147/11553.html?t=1609788741
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
79420cb1c487791c9f033fbbf728ee65ca2d6858448c1f0a3349719de7612a37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn4.buysellads.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 00:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49203
x-xss-protection
0
server
cafe
etag
6406986264478977260
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 24 Jun 2021 00:30:27 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame F70D
136 KB
49 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/backfill/147/2718.html?t=1609788740
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aa011fabec21a382cefd6e3becc7200fbb60ab0c431690ee9c10211eb69ece85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn4.buysellads.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 00:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49208
x-xss-protection
0
server
cafe
etag
3215591136070478062
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 24 Jun 2021 00:30:27 GMT
getads.js
c.amazon-adsystem.com/aax2/ Frame C7F8
1 KB
945 B
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/getads.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/backfill/147/26995.html?t=1609788741
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
202143e64fcb62034da0193289234b1a1e140d07d62ba868f634709908a41753

Request headers

Referer
https://cdn4.buysellads.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
oWZ7l5e2kg5ljFgICq_3zi3DKBhwC7zh
content-encoding
gzip
server
Server
age
220
etag
209f98108c2394f621eec0e1f652984a
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 609487f3e9c1fd7ddcc7b01d9818bfed.cloudfront.net (CloudFront)
cache-control
public, max-age=900
date
Thu, 24 Jun 2021 00:27:07 GMT
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
timing-allow-origin
*
content-length
559
x-amz-cf-id
61WR-LKs5rY0zJDHxqSS8NCEptea_Am6fBkPA1rWbLbSwOnFshN9fw==
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210621/r20190131/ Frame F70D
233 KB
86 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210621/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4457071623054633&plah=cdn4.buysellads.net&amaexp=1&bust=exp%3D31060974
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
669b8019185f217632d8575a316430dbc82ff3cad539394d595d3f0738d84972
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn4.buysellads.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 00:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88042
x-xss-protection
0
server
cafe
etag
4788847514445276624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 24 Jun 2021 00:30:27 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210621/r20190131/ Frame F303
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210621/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210621/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cdn4.buysellads.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://cdn4.buysellads.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 23 Jun 2021 12:48:00 GMT
expires
Wed, 07 Jul 2021 12:48:00 GMT
content-type
text/html; charset=UTF-8
etag
15579341980913220427
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4579
x-xss-protection
0
age
42147
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210621/r20190131/ Frame 3CD0
233 KB
86 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210621/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4457071623054633&plah=cdn4.buysellads.net&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
669b8019185f217632d8575a316430dbc82ff3cad539394d595d3f0738d84972
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn4.buysellads.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 00:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88042
x-xss-protection
0
server
cafe
etag
4788847514445276624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 24 Jun 2021 00:30:27 GMT
integrator.js
adservice.google.de/adsid/
107 B
853 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.fromdev.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062203.js?31061676
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 24 Jun 2021 00:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
570 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.fromdev.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062203.js?31061676
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 24 Jun 2021 00:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
472 B
279 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1676270161760244&correlator=1344195084178157&output=ldjh&impl=fifs&eid=31061290%2C31061676&vrg=2021062203&ptt=17&sc=1&sfv=1-0-38&ecs=20210624&iu_parts=8691100%2Cfromdev_button_BTF_125x125_bsazone_1275075&enc_prev_ius=%2F0%2F1&prev_iu_szs=125x125&eri=4&cookie_enabled=1&cdm=www.fromdev.com&bc=31&abxe=1&dt=1624494627790&dlt=1624494626729&idt=1036&frm=20&biw=1600&bih=1200&oid=3&adxs=1020&adys=1983&adks=3192244877&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.fromdev.com&loc=https%3A%2F%2Fwww.fromdev.com%2F2021%2F06%2Flooking-for-secure-wordpress-hosting.html%3Futm_medium%3Demail%26_hsmi%3D135857741%26_hsenc%3Dp2ANqtz--YM2311mro5lmUFBiS3Do91KG0yXyRMGqxIvMptfwgfrxq2HGOyIEawb97-gvLxZEEdDQ4uuHdOxJ6x5eIDhfKIMIf3A%26utm_content%3D135857741%26utm_source%3Dhs_email&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x125&msz=125x-1&ga_vid=2041947867.1624494627&ga_sid=1624494628&ga_hid=2096652484&ga_fc=false&fws=4&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062203.js?31061676
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
0312c6edb1492faf8eceffca14f50d7d16696e5f8dcb866fec816edae84a0799
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 00:30:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.fromdev.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
351083b7c90978f7b913de88cafaedbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 43F7
6 KB
3 KB
Document
General
Full URL
https://351083b7c90978f7b913de88cafaedbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062203.js?31061676
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
351083b7c90978f7b913de88cafaedbb.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.fromdev.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.fromdev.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 24 Jun 2021 00:30:27 GMT
expires
Fri, 24 Jun 2022 00:30:27 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ Frame F70D
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=cdn4.buysellads.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210621/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4457071623054633&plah=cdn4.buysellads.net&amaexp=1&bust=exp%3D31060974
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn4.buysellads.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 24 Jun 2021 00:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F70D
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn4.buysellads.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210621/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4457071623054633&plah=cdn4.buysellads.net&amaexp=1&bust=exp%3D31060974
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn4.buysellads.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 24 Jun 2021 00:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0011
58 KB
22 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457071623054633&output=html&h=200&slotname=3280765981&adk=411404361&adf=3279755399&pi=t.ma~as.3280765981&w=284&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=284x200&url=https%3A%2F%2Fwww.fromdev.com%2F&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624494627700&bpp=8&bdt=240&idt=112&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=7294511556897&frm=24&ife=1&pv=2&ga_vid=219842620.1624494628&ga_sid=1624494628&ga_hid=404148892&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=8&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=194699560&scr_x=-12245933&scr_y=-12245933&eid=31060974%2C31060049&oid=3&pvsid=2314440132360903&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.f8aq807y5q48&fsb=1&dtd=128
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210621/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4457071623054633&plah=cdn4.buysellads.net&amaexp=1&bust=exp%3D31060974
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
92d41029f2134888a6bf442e90c11200f085805fc449b6a225b5712b428f229b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4457071623054633&output=html&h=200&slotname=3280765981&adk=411404361&adf=3279755399&pi=t.ma~as.3280765981&w=284&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=284x200&url=https%3A%2F%2Fwww.fromdev.com%2F&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624494627700&bpp=8&bdt=240&idt=112&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=7294511556897&frm=24&ife=1&pv=2&ga_vid=219842620.1624494628&ga_sid=1624494628&ga_hid=404148892&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=8&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=194699560&scr_x=-12245933&scr_y=-12245933&eid=31060974%2C31060049&oid=3&pvsid=2314440132360903&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.f8aq807y5q48&fsb=1&dtd=128
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cdn4.buysellads.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://cdn4.buysellads.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 24 Jun 2021 00:30:28 GMT
server
cafe
content-length
22447
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 24-Jun-2021 00:45:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 24 Jun 2021 00:30:28 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ Frame F70D
72 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210621/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4457071623054633&plah=cdn4.buysellads.net&amaexp=1&bust=exp%3D31060974
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea36e0ae829a1787f304bafbbfa15b5b46896ba5e0149f800f6ed8c9767aa0f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn4.buysellads.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 00:30:27 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1624274983153827"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27713
x-xss-protection
0
expires
Thu, 24 Jun 2021 00:30:27 GMT
integrator.js
adservice.google.de/adsid/ Frame 3CD0
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=cdn4.buysellads.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210621/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4457071623054633&plah=cdn4.buysellads.net&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn4.buysellads.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 24 Jun 2021 00:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 3CD0
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn4.buysellads.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210621/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4457071623054633&plah=cdn4.buysellads.net&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn4.buysellads.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 24 Jun 2021 00:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DC83
56 KB
21 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457071623054633&output=html&h=200&slotname=3280765981&adk=411404361&adf=3279755396&pi=t.ma~as.3280765981&w=284&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=284x200&url=https%3A%2F%2Fwww.fromdev.com%2F&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624494627742&bpp=6&bdt=284&idt=145&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=4627718449955&frm=24&ife=1&pv=2&ga_vid=1050587725.1624494628&ga_sid=1624494628&ga_hid=1838089732&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=8&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3633909031&scr_x=-12245933&scr_y=-12245933&eid=31061383&oid=3&pvsid=2096674099047271&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.qu1dzc3j5ics&fsb=1&dtd=158
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210621/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4457071623054633&plah=cdn4.buysellads.net&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
169a167ec7b5e58c4de94f2e9ff98a0e8d12a5224cec8f75cdd658184fdea60b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4457071623054633&output=html&h=200&slotname=3280765981&adk=411404361&adf=3279755396&pi=t.ma~as.3280765981&w=284&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=284x200&url=https%3A%2F%2Fwww.fromdev.com%2F&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624494627742&bpp=6&bdt=284&idt=145&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=4627718449955&frm=24&ife=1&pv=2&ga_vid=1050587725.1624494628&ga_sid=1624494628&ga_hid=1838089732&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=8&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3633909031&scr_x=-12245933&scr_y=-12245933&eid=31061383&oid=3&pvsid=2096674099047271&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.qu1dzc3j5ics&fsb=1&dtd=158
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cdn4.buysellads.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://cdn4.buysellads.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 24 Jun 2021 00:30:28 GMT
server
cafe
content-length
21976
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 24-Jun-2021 00:45:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 24 Jun 2021 00:30:28 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ Frame 3CD0
72 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210621/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4457071623054633&plah=cdn4.buysellads.net&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea36e0ae829a1787f304bafbbfa15b5b46896ba5e0149f800f6ed8c9767aa0f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn4.buysellads.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 00:30:27 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1624274983153827"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27713
x-xss-protection
0
expires
Thu, 24 Jun 2021 00:30:27 GMT
7930528803947272856
tpc.googlesyndication.com/simgad/ Frame DC83
7 KB
7 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/7930528803947272856?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlqmHm0x7OPYpcx5_o_OT5egTDl7A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457071623054633&output=html&h=200&slotname=3280765981&adk=411404361&adf=3279755396&pi=t.ma~as.3280765981&w=284&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=284x200&url=https%3A%2F%2Fwww.fromdev.com%2F&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624494627742&bpp=6&bdt=284&idt=145&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=4627718449955&frm=24&ife=1&pv=2&ga_vid=1050587725.1624494628&ga_sid=1624494628&ga_hid=1838089732&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=8&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3633909031&scr_x=-12245933&scr_y=-12245933&eid=31061383&oid=3&pvsid=2096674099047271&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.qu1dzc3j5ics&fsb=1&dtd=158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26323c33aeb233be2d831b0ee82f5eac4ba484a5647c44564e964e967219c099
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 00:30:28 GMT
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 18:21:38 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7219
x-xss-protection
0
expires
Fri, 24 Jun 2022 00:30:28 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210621/r20110914/ Frame DC83
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210621/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457071623054633&output=html&h=200&slotname=3280765981&adk=411404361&adf=3279755396&pi=t.ma~as.3280765981&w=284&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=284x200&url=https%3A%2F%2Fwww.fromdev.com%2F&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624494627742&bpp=6&bdt=284&idt=145&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=4627718449955&frm=24&ife=1&pv=2&ga_vid=1050587725.1624494628&ga_sid=1624494628&ga_hid=1838089732&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=8&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3633909031&scr_x=-12245933&scr_y=-12245933&eid=31061383&oid=3&pvsid=2096674099047271&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.qu1dzc3j5ics&fsb=1&dtd=158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c6215b45e07aef3894f4f214d3732572c0be18672d210e3fa867c8342816eb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 00:20:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
607
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7073
x-xss-protection
0
server
cafe
etag
4951781748486473094
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Jul 2021 00:20:21 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/ Frame DC83
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457071623054633&output=html&h=200&slotname=3280765981&adk=411404361&adf=3279755396&pi=t.ma~as.3280765981&w=284&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=284x200&url=https%3A%2F%2Fwww.fromdev.com%2F&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624494627742&bpp=6&bdt=284&idt=145&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=4627718449955&frm=24&ife=1&pv=2&ga_vid=1050587725.1624494628&ga_sid=1624494628&ga_hid=1838089732&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=8&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3633909031&scr_x=-12245933&scr_y=-12245933&eid=31061383&oid=3&pvsid=2096674099047271&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.qu1dzc3j5ics&fsb=1&dtd=158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 00:28:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
140
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1385
x-xss-protection
0
server
cafe
etag
10711834930267210186
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Jul 2021 00:28:08 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DC83
122 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457071623054633&output=html&h=200&slotname=3280765981&adk=411404361&adf=3279755396&pi=t.ma~as.3280765981&w=284&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=284x200&url=https%3A%2F%2Fwww.fromdev.com%2F&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624494627742&bpp=6&bdt=284&idt=145&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=4627718449955&frm=24&ife=1&pv=2&ga_vid=1050587725.1624494628&ga_sid=1624494628&ga_hid=1838089732&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=8&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3633909031&scr_x=-12245933&scr_y=-12245933&eid=31061383&oid=3&pvsid=2096674099047271&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.qu1dzc3j5ics&fsb=1&dtd=158
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
490407845cbcf0b8b85cef4e0b80de6777ee5473b8840a83c7e555cb3484309e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 00:30:28 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1624274989777919"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38141
x-xss-protection
0
expires
Thu, 24 Jun 2021 00:30:28 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/ Frame DC83
13 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457071623054633&output=html&h=200&slotname=3280765981&adk=411404361&adf=3279755396&pi=t.ma~as.3280765981&w=284&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=284x200&url=https%3A%2F%2Fwww.fromdev.com%2F&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624494627742&bpp=6&bdt=284&idt=145&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=4627718449955&frm=24&ife=1&pv=2&ga_vid=1050587725.1624494628&ga_sid=1624494628&ga_hid=1838089732&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=8&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3633909031&scr_x=-12245933&scr_y=-12245933&eid=31061383&oid=3&pvsid=2096674099047271&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.qu1dzc3j5ics&fsb=1&dtd=158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c969efceff108562296b3425ced4ae3921ebf7baf40958c4b500c7d075ae350a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 00:07:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1377
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5706
x-xss-protection
0
server
cafe
etag
5108850372203985220
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Jul 2021 00:07:31 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/ Frame DC83
25 KB
11 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457071623054633&output=html&h=200&slotname=3280765981&adk=411404361&adf=3279755396&pi=t.ma~as.3280765981&w=284&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=284x200&url=https%3A%2F%2Fwww.fromdev.com%2F&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624494627742&bpp=6&bdt=284&idt=145&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=4627718449955&frm=24&ife=1&pv=2&ga_vid=1050587725.1624494628&ga_sid=1624494628&ga_hid=1838089732&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=8&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3633909031&scr_x=-12245933&scr_y=-12245933&eid=31061383&oid=3&pvsid=2096674099047271&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.qu1dzc3j5ics&fsb=1&dtd=158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a8e270479f5cd496c11d7e925fdb5474b8481dca58d2c79b1914821b2d3c1940
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 18:13:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22618
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10681
x-xss-protection
0
server
cafe
etag
467697596414487005
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Jul 2021 18:13:30 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame DC83
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CyaZAI9LTYIz_N7uj7_UP5buDcNmuhM9hzq-rk6UN5cHJz5EOEAEg__WzC2CVAqAB-bel7QLIAQKpArBfcaCXAbQ-qAMByAPJBKoEwwFP0IDrt7kjtjWxpVdQ3dFEYNAKtLmqRHd1YZWti319LvlKbRA56fe19NZ2B2CjCpGRaIw_7rpV98cfpd-hoLDz9kCKDqWNcZH_D0UjMuKfJ_gSsviFVFrgcAdRb6-N6a8PWrGKOiRFYCaMwiE3aLAieqDRZfAvnweePykBBQtGj7vfCwdB51NAUDTglFKHCiqjH9GMac82o_Wu8wvynoD37haNfwZ764LGf52SB77jbQBccYwCLbhM38VoHQwwLmlhkYbABMnW9afGA5IFBAgEGAGSBQQIBRgEoAYCgAfvx9qSAagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDjtwLSCAkIgOGAEBABGB-ACgHICwHYEwzQFQGAFwGyFxoKGAgAEhRwdWItNDQ1NzA3MTYyMzA1NDYzMw&sigh=5vsNgTZKTqs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457071623054633&output=html&h=200&slotname=3280765981&adk=411404361&adf=3279755396&pi=t.ma~as.3280765981&w=284&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=284x200&url=https%3A%2F%2Fwww.fromdev.com%2F&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624494627742&bpp=6&bdt=284&idt=145&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=4627718449955&frm=24&ife=1&pv=2&ga_vid=1050587725.1624494628&ga_sid=1624494628&ga_hid=1838089732&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=8&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3633909031&scr_x=-12245933&scr_y=-12245933&eid=31061383&oid=3&pvsid=2096674099047271&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.qu1dzc3j5ics&fsb=1&dtd=158
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457071623054633&output=html&h=200&slotname=3280765981&adk=411404361&adf=3279755396&pi=t.ma~as.3280765981&w=284&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=284x200&url=https%3A%2F%2Fwww.fromdev.com%2F&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624494627742&bpp=6&bdt=284&idt=145&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=4627718449955&frm=24&ife=1&pv=2&ga_vid=1050587725.1624494628&ga_sid=1624494628&ga_hid=1838089732&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=8&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3633909031&scr_x=-12245933&scr_y=-12245933&eid=31061383&oid=3&pvsid=2096674099047271&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.qu1dzc3j5ics&fsb=1&dtd=158
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 24 Jun 2021 00:30:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 24 Jun 2021 00:30:28 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame C3D0
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457071623054633&output=html&h=200&slotname=3280765981&adk=411404361&adf=3279755396&pi=t.ma~as.3280765981&w=284&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=284x200&url=https%3A%2F%2Fwww.fromdev.com%2F&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624494627742&bpp=6&bdt=284&idt=145&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=4627718449955&frm=24&ife=1&pv=2&ga_vid=1050587725.1624494628&ga_sid=1624494628&ga_hid=1838089732&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=8&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3633909031&scr_x=-12245933&scr_y=-12245933&eid=31061383&oid=3&pvsid=2096674099047271&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.qu1dzc3j5ics&fsb=1&dtd=158
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457071623054633&output=html&h=200&slotname=3280765981&adk=411404361&adf=3279755396&pi=t.ma~as.3280765981&w=284&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=284x200&url=https%3A%2F%2Fwww.fromdev.com%2F&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624494627742&bpp=6&bdt=284&idt=145&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=4627718449955&frm=24&ife=1&pv=2&ga_vid=1050587725.1624494628&ga_sid=1624494628&ga_hid=1838089732&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=8&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3633909031&scr_x=-12245933&scr_y=-12245933&eid=31061383&oid=3&pvsid=2096674099047271&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.qu1dzc3j5ics&fsb=1&dtd=158
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457071623054633&output=html&h=200&slotname=3280765981&adk=411404361&adf=3279755396&pi=t.ma~as.3280765981&w=284&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=284x200&url=https%3A%2F%2Fwww.fromdev.com%2F&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624494627742&bpp=6&bdt=284&idt=145&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=4627718449955&frm=24&ife=1&pv=2&ga_vid=1050587725.1624494628&ga_sid=1624494628&ga_hid=1838089732&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=8&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3633909031&scr_x=-12245933&scr_y=-12245933&eid=31061383&oid=3&pvsid=2096674099047271&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.qu1dzc3j5ics&fsb=1&dtd=158

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 23 Jun 2021 23:57:41 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1967
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame DC83
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
525c14b4404780a77ee86cd0205b7484e3a1d61fcb1863004055528b29071494

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3CD0
10 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210621&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210621/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4457071623054633&plah=cdn4.buysellads.net&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
361997896e2fd3ed1a61be37c0d689bc88de9703fba71f4a3de1ee90f7617d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn4.buysellads.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 24 Jun 2021 00:30:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7895
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame C3D0
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457071623054633&output=html&h=200&slotname=3280765981&adk=411404361&adf=3279755396&pi=t.ma~as.3280765981&w=284&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=284x200&url=https%3A%2F%2Fwww.fromdev.com%2F&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624494627742&bpp=6&bdt=284&idt=145&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=4627718449955&frm=24&ife=1&pv=2&ga_vid=1050587725.1624494628&ga_sid=1624494628&ga_hid=1838089732&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=8&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3633909031&scr_x=-12245933&scr_y=-12245933&eid=31061383&oid=3&pvsid=2096674099047271&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.qu1dzc3j5ics&fsb=1&dtd=158
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnPetLossNq5HiLBledom8ePbNiWedcD1Q9FBnUa8o7TxhSkmV55IzWxIYVpP0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 24 Jun 2021 00:30:28 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Thu, 24-Jun-2021 01:30:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 24 Jun 2021 00:30:28 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 24 Jun 2021 00:30:28 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js
pagead2.googlesyndication.com/bg/ Frame D34C
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457071623054633&output=html&h=200&slotname=3280765981&adk=411404361&adf=3279755396&pi=t.ma~as.3280765981&w=284&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=284x200&url=https%3A%2F%2Fwww.fromdev.com%2F&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624494627742&bpp=6&bdt=284&idt=145&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=4627718449955&frm=24&ife=1&pv=2&ga_vid=1050587725.1624494628&ga_sid=1624494628&ga_hid=1838089732&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=8&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3633909031&scr_x=-12245933&scr_y=-12245933&eid=31061383&oid=3&pvsid=2096674099047271&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.qu1dzc3j5ics&fsb=1&dtd=158
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f781adfea30c3876a3540cbe92d910804408a1926b4140345f13f5ece75dc1a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 19:41:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
17328
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5750
x-xss-protection
0
last-modified
Mon, 14 Jun 2021 13:18:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Jun 2022 19:41:40 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3CD0
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210621/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4457071623054633&plah=cdn4.buysellads.net&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn4.buysellads.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 00:30:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Thu, 24 Jun 2021 00:30:28 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame BC8B
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cdn4.buysellads.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://cdn4.buysellads.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Wed, 23 Jun 2021 12:24:17 GMT
expires
Thu, 23 Jun 2022 12:24:17 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
43571
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 8CEA
783 B
532 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9c4ec5b552f1988e8293e4172d5a8e0d5d2dce0724a38b6d854531004531f8f8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EtWUXZFdFIZUsYMAQw3EbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cdn4.buysellads.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://cdn4.buysellads.net/

Response headers

expires
Thu, 24 Jun 2021 00:30:28 GMT
date
Thu, 24 Jun 2021 00:30:28 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-EtWUXZFdFIZUsYMAQw3EbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js
pagead2.googlesyndication.com/bg/ Frame BC8B
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f781adfea30c3876a3540cbe92d910804408a1926b4140345f13f5ece75dc1a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 19:41:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
17328
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5750
x-xss-protection
0
last-modified
Mon, 14 Jun 2021 13:18:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Jun 2022 19:41:40 GMT
13385905894540475335
tpc.googlesyndication.com/simgad/ Frame 0011
43 KB
43 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/13385905894540475335?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlYZziepSwqdlMTVvnEARfjmZxsCQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457071623054633&output=html&h=200&slotname=3280765981&adk=411404361&adf=3279755399&pi=t.ma~as.3280765981&w=284&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=284x200&url=https%3A%2F%2Fwww.fromdev.com%2F&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624494627700&bpp=8&bdt=240&idt=112&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=7294511556897&frm=24&ife=1&pv=2&ga_vid=219842620.1624494628&ga_sid=1624494628&ga_hid=404148892&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=8&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=194699560&scr_x=-12245933&scr_y=-12245933&eid=31060974%2C31060049&oid=3&pvsid=2314440132360903&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.f8aq807y5q48&fsb=1&dtd=128
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
122df083771f07f5562ce2b55bac813ca2eed2cafe63eacb86053f8b286dbf20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Jun 2021 11:21:59 GMT
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 02:31:30 GMT
server
sffe
age
392909
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44375
x-xss-protection
0
expires
Sun, 19 Jun 2022 11:21:59 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210621/r20110914/ Frame 0011
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210621/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457071623054633&output=html&h=200&slotname=3280765981&adk=411404361&adf=3279755399&pi=t.ma~as.3280765981&w=284&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=284x200&url=https%3A%2F%2Fwww.fromdev.com%2F&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624494627700&bpp=8&bdt=240&idt=112&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=7294511556897&frm=24&ife=1&pv=2&ga_vid=219842620.1624494628&ga_sid=1624494628&ga_hid=404148892&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=8&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=194699560&scr_x=-12245933&scr_y=-12245933&eid=31060974%2C31060049&oid=3&pvsid=2314440132360903&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.f8aq807y5q48&fsb=1&dtd=128
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c6215b45e07aef3894f4f214d3732572c0be18672d210e3fa867c8342816eb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 00:20:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
607
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7073
x-xss-protection
0
server
cafe
etag
4951781748486473094
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Jul 2021 00:20:21 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/ Frame 0011
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457071623054633&output=html&h=200&slotname=3280765981&adk=411404361&adf=3279755399&pi=t.ma~as.3280765981&w=284&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=284x200&url=https%3A%2F%2Fwww.fromdev.com%2F&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624494627700&bpp=8&bdt=240&idt=112&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=7294511556897&frm=24&ife=1&pv=2&ga_vid=219842620.1624494628&ga_sid=1624494628&ga_hid=404148892&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=8&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=194699560&scr_x=-12245933&scr_y=-12245933&eid=31060974%2C31060049&oid=3&pvsid=2314440132360903&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.f8aq807y5q48&fsb=1&dtd=128
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 00:28:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
140
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1385
x-xss-protection
0
server
cafe
etag
10711834930267210186
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Jul 2021 00:28:08 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0011
122 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457071623054633&output=html&h=200&slotname=3280765981&adk=411404361&adf=3279755399&pi=t.ma~as.3280765981&w=284&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=284x200&url=https%3A%2F%2Fwww.fromdev.com%2F&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624494627700&bpp=8&bdt=240&idt=112&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=7294511556897&frm=24&ife=1&pv=2&ga_vid=219842620.1624494628&ga_sid=1624494628&ga_hid=404148892&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=8&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=194699560&scr_x=-12245933&scr_y=-12245933&eid=31060974%2C31060049&oid=3&pvsid=2314440132360903&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.f8aq807y5q48&fsb=1&dtd=128
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
490407845cbcf0b8b85cef4e0b80de6777ee5473b8840a83c7e555cb3484309e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 00:30:28 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1624274989777919"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38141
x-xss-protection
0
expires
Thu, 24 Jun 2021 00:30:28 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/ Frame 0011
13 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457071623054633&output=html&h=200&slotname=3280765981&adk=411404361&adf=3279755399&pi=t.ma~as.3280765981&w=284&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=284x200&url=https%3A%2F%2Fwww.fromdev.com%2F&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624494627700&bpp=8&bdt=240&idt=112&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=7294511556897&frm=24&ife=1&pv=2&ga_vid=219842620.1624494628&ga_sid=1624494628&ga_hid=404148892&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=8&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=194699560&scr_x=-12245933&scr_y=-12245933&eid=31060974%2C31060049&oid=3&pvsid=2314440132360903&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.f8aq807y5q48&fsb=1&dtd=128
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c969efceff108562296b3425ced4ae3921ebf7baf40958c4b500c7d075ae350a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 00:07:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1377
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5706
x-xss-protection
0
server
cafe
etag
5108850372203985220
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Jul 2021 00:07:31 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/ Frame 0011
25 KB
10 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210621/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457071623054633&output=html&h=200&slotname=3280765981&adk=411404361&adf=3279755399&pi=t.ma~as.3280765981&w=284&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=284x200&url=https%3A%2F%2Fwww.fromdev.com%2F&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624494627700&bpp=8&bdt=240&idt=112&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=7294511556897&frm=24&ife=1&pv=2&ga_vid=219842620.1624494628&ga_sid=1624494628&ga_hid=404148892&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=8&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=194699560&scr_x=-12245933&scr_y=-12245933&eid=31060974%2C31060049&oid=3&pvsid=2314440132360903&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.f8aq807y5q48&fsb=1&dtd=128
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a8e270479f5cd496c11d7e925fdb5474b8481dca58d2c79b1914821b2d3c1940
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 18:13:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22618
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10681
x-xss-protection
0
server
cafe
etag
467697596414487005
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 07 Jul 2021 18:13:30 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 0011
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cl-EWI9LTYN6QNMOp3gPxuprgC-_vnKdjxfaA2poNovLg1u8VEAEg__WzC2CVAqABh4O_9wPIAQKoAwHIA8kEqgTHAU_QA_DShZLofNZUDyTCHVfuFzMI09Aai5woyYm2f6GmwQqIrWKRcY3_cQVKh6RuyauQB2fq8K4uQrzrfC9gjOdYNRrEDNMZj0mywxsNDc76FZzQtSVuzM7AOmKowQnOChWgzKnssn6yMcpYJ7oiscgEjb7wYy2_EUkTMsu5LmzpqLGh_itoAp7LLilsJ3AvijHYSNpMkrRc8cA-yEA8qZPCrXDoW8eZ7fDZl4ey_-Ry_V4lPJu2p3w2ok0VOAWQbWEaj1dBguXABM-2wsi5A5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAeroqEjqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEELLxAtIICQiA4YAQEAEYH4AKAcgLAdgTDNAVAYAXAbIXGgoYCAASFHB1Yi00NDU3MDcxNjIzMDU0NjMz&sigh=hhPgN9iWqwg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457071623054633&output=html&h=200&slotname=3280765981&adk=411404361&adf=3279755399&pi=t.ma~as.3280765981&w=284&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=284x200&url=https%3A%2F%2Fwww.fromdev.com%2F&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624494627700&bpp=8&bdt=240&idt=112&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=7294511556897&frm=24&ife=1&pv=2&ga_vid=219842620.1624494628&ga_sid=1624494628&ga_hid=404148892&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=8&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=194699560&scr_x=-12245933&scr_y=-12245933&eid=31060974%2C31060049&oid=3&pvsid=2314440132360903&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.f8aq807y5q48&fsb=1&dtd=128
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457071623054633&output=html&h=200&slotname=3280765981&adk=411404361&adf=3279755399&pi=t.ma~as.3280765981&w=284&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=284x200&url=https%3A%2F%2Fwww.fromdev.com%2F&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624494627700&bpp=8&bdt=240&idt=112&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=7294511556897&frm=24&ife=1&pv=2&ga_vid=219842620.1624494628&ga_sid=1624494628&ga_hid=404148892&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=8&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=194699560&scr_x=-12245933&scr_y=-12245933&eid=31060974%2C31060049&oid=3&pvsid=2314440132360903&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.f8aq807y5q48&fsb=1&dtd=128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 24 Jun 2021 00:30:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 0B65
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457071623054633&output=html&h=200&slotname=3280765981&adk=411404361&adf=3279755399&pi=t.ma~as.3280765981&w=284&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=284x200&url=https%3A%2F%2Fwww.fromdev.com%2F&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624494627700&bpp=8&bdt=240&idt=112&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=7294511556897&frm=24&ife=1&pv=2&ga_vid=219842620.1624494628&ga_sid=1624494628&ga_hid=404148892&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=8&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=194699560&scr_x=-12245933&scr_y=-12245933&eid=31060974%2C31060049&oid=3&pvsid=2314440132360903&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.f8aq807y5q48&fsb=1&dtd=128
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457071623054633&output=html&h=200&slotname=3280765981&adk=411404361&adf=3279755399&pi=t.ma~as.3280765981&w=284&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=284x200&url=https%3A%2F%2Fwww.fromdev.com%2F&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624494627700&bpp=8&bdt=240&idt=112&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=7294511556897&frm=24&ife=1&pv=2&ga_vid=219842620.1624494628&ga_sid=1624494628&ga_hid=404148892&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=8&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=194699560&scr_x=-12245933&scr_y=-12245933&eid=31060974%2C31060049&oid=3&pvsid=2314440132360903&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.f8aq807y5q48&fsb=1&dtd=128
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnPetLossNq5HiLBledom8ePbNiWedcD1Q9FBnUa8o7TxhSkmV55IzWxIYVpP0; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457071623054633&output=html&h=200&slotname=3280765981&adk=411404361&adf=3279755399&pi=t.ma~as.3280765981&w=284&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=284x200&url=https%3A%2F%2Fwww.fromdev.com%2F&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624494627700&bpp=8&bdt=240&idt=112&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=7294511556897&frm=24&ife=1&pv=2&ga_vid=219842620.1624494628&ga_sid=1624494628&ga_hid=404148892&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=8&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=194699560&scr_x=-12245933&scr_y=-12245933&eid=31060974%2C31060049&oid=3&pvsid=2314440132360903&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.f8aq807y5q48&fsb=1&dtd=128

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 23 Jun 2021 23:57:41 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1967
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 0011
219 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
59ef926af56c6f748f59545acb69a60eb04d123c4a86682633e35e3acf7d7de2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ Frame F70D
11 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210621&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210621/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4457071623054633&plah=cdn4.buysellads.net&amaexp=1&bust=exp%3D31060974
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
62bc313fcb5fb55986eeef2d936f70c9715fed5af6bd2fe4d70290b624fbf97a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn4.buysellads.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 24 Jun 2021 00:30:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8486
x-xss-protection
0
/
www.facebook.com/login/ Frame 1156
Redirect Chain
  • https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df163c98bd4fd49c%26domain%3Dwww.fromdev.com%26or...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253...
0
0
Document
General
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df163c98bd4fd49c%2526domain%253Dwww.fromdev.com%2526origin%253Dhttps%25253A%25252F%25252Fwww.fromdev.com%25252Ffb79c9b737fd1%2526relation%253Dparent.parent%26color_scheme%3Dlight%26container_width%3D300%26header%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Ffromdevcom%26locale%3Den_US%26sdk%3Djoey%26show_border%3Dfalse%26show_faces%3Dtrue%26stream%3Dfalse
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=05e9409d6d9845e6bdf973deff2f963c
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df163c98bd4fd49c%2526domain%253Dwww.fromdev.com%2526origin%253Dhttps%25253A%25252F%25252Fwww.fromdev.com%25252Ffb79c9b737fd1%2526relation%253Dparent.parent%26color_scheme%3Dlight%26container_width%3D300%26header%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Ffromdevcom%26locale%3Den_US%26sdk%3Djoey%26show_border%3Dfalse%26show_faces%3Dtrue%26stream%3Dfalse
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.fromdev.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
about:blank

Response headers

vary
Accept-Encoding
content-encoding
br
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
x-fb-rlafr
0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy
default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
ePrM5qywV4DGKAz7kzGI0UkZEY68yMlFhbTpfS+FXI70uGtZWL8rkX0zIo7eisZrwVTx2iJ8lhc2Xq2JOt5Zwg==
date
Thu, 24 Jun 2021 00:30:28 GMT
priority
u=3,i
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df163c98bd4fd49c%2526domain%253Dwww.fromdev.com%2526origin%253Dhttps%25253A%25252F%25252Fwww.fromdev.com%25252Ffb79c9b737fd1%2526relation%253Dparent.parent%26color_scheme%3Dlight%26container_width%3D300%26header%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Ffromdevcom%26locale%3Den_US%26sdk%3Djoey%26show_border%3Dfalse%26show_faces%3Dtrue%26stream%3Dfalse
x-fb-rlafr
0
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
60ZPSB24D4/wqhtYhnTtNXQhISz5Qp28wkO4t+TNFDR9pgS729fEnZqW4pc2mVto2c//3K/hgr5QfxyOYI/v/w==
content-length
0
date
Thu, 24 Jun 2021 00:30:28 GMT
priority
u=3,i
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
sodar
pagead2.googlesyndication.com/getconfig/
10 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021062203&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062203.js?31061676
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
74c923dc3bc129ba2d617b1f1dba3bbed5daadb61dff755e14a9aabe62b04621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 24 Jun 2021 00:30:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7916
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 0B65
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457071623054633&output=html&h=200&slotname=3280765981&adk=411404361&adf=3279755399&pi=t.ma~as.3280765981&w=284&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=284x200&url=https%3A%2F%2Fwww.fromdev.com%2F&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624494627700&bpp=8&bdt=240&idt=112&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=7294511556897&frm=24&ife=1&pv=2&ga_vid=219842620.1624494628&ga_sid=1624494628&ga_hid=404148892&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=8&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=194699560&scr_x=-12245933&scr_y=-12245933&eid=31060974%2C31060049&oid=3&pvsid=2314440132360903&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.f8aq807y5q48&fsb=1&dtd=128
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnPetLossNq5HiLBledom8ePbNiWedcD1Q9FBnUa8o7TxhSkmV55IzWxIYVpP0; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 24 Jun 2021 00:30:28 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Thu, 24-Jun-2021 01:30:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 24 Jun 2021 00:30:28 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 24 Jun 2021 00:30:28 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js
pagead2.googlesyndication.com/bg/ Frame 0A31
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457071623054633&output=html&h=200&slotname=3280765981&adk=411404361&adf=3279755399&pi=t.ma~as.3280765981&w=284&fwrn=16&fwrnh=100&rafmt=1&psa=0&format=284x200&url=https%3A%2F%2Fwww.fromdev.com%2F&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624494627700&bpp=8&bdt=240&idt=112&shv=r20210621&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=7294511556897&frm=24&ife=1&pv=2&ga_vid=219842620.1624494628&ga_sid=1624494628&ga_hid=404148892&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=8&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=194699560&scr_x=-12245933&scr_y=-12245933&eid=31060974%2C31060049&oid=3&pvsid=2314440132360903&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=1.f8aq807y5q48&fsb=1&dtd=128
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f781adfea30c3876a3540cbe92d910804408a1926b4140345f13f5ece75dc1a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 19:41:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
17328
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5750
x-xss-protection
0
last-modified
Mon, 14 Jun 2021 13:18:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Jun 2022 19:41:40 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F70D
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210621/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4457071623054633&plah=cdn4.buysellads.net&amaexp=1&bust=exp%3D31060974
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn4.buysellads.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 00:30:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Thu, 24 Jun 2021 00:30:28 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062203.js?31061676
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 00:30:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Thu, 24 Jun 2021 00:30:28 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 2E13
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cdn4.buysellads.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://cdn4.buysellads.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Wed, 23 Jun 2021 12:24:17 GMT
expires
Thu, 23 Jun 2022 12:24:17 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
43571
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 55AD
783 B
531 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
302083e5c856fe2fb4f205ea2dd3d4f11b1491f5aa6912c4c652ac47beb108df
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sH1oqMOpjwoUiVVTIeQCuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cdn4.buysellads.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://cdn4.buysellads.net/

Response headers

expires
Thu, 24 Jun 2021 00:30:28 GMT
date
Thu, 24 Jun 2021 00:30:28 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-sH1oqMOpjwoUiVVTIeQCuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 09D7
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.fromdev.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.fromdev.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Wed, 23 Jun 2021 12:24:17 GMT
expires
Thu, 23 Jun 2022 12:24:17 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
43571
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame E059
783 B
530 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
51db63358d9bfb37137d3c5cef903d45b6a7541d87bb0f3da581dd02fe64a975
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yLFsWhvGn8Li5horeE1piA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.fromdev.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.fromdev.com/

Response headers

expires
Thu, 24 Jun 2021 00:30:28 GMT
date
Thu, 24 Jun 2021 00:30:28 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-yLFsWhvGn8Li5horeE1piA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js
pagead2.googlesyndication.com/bg/ Frame 2E13
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f781adfea30c3876a3540cbe92d910804408a1926b4140345f13f5ece75dc1a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 19:41:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
17328
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5750
x-xss-protection
0
last-modified
Mon, 14 Jun 2021 13:18:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Jun 2022 19:41:40 GMT
94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js
pagead2.googlesyndication.com/bg/ Frame 09D7
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f781adfea30c3876a3540cbe92d910804408a1926b4140345f13f5ece75dc1a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 19:41:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
17328
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5750
x-xss-protection
0
last-modified
Mon, 14 Jun 2021 13:18:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Jun 2022 19:41:40 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3CD0
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210621&jk=2096674099047271&bg=!fH-lfzvNAAZktE7iZLQ7ACkAdvg8WptsonsEqB_EdX55TgwUkCdGX1fO_ToBP7Nxu2OOrN2fbaTQaAIAAADqUgAAABBoAQcKAAOOE-mZApioKQIMEUrQzcIouimGD0NxSemdba4tr4Wo42Oh_nzo4nWvrvqxy5voHG4o40DG-cT9jr7Ab2XRHq_nMD3HNQZPAwWimZCtUjaGGqf49sXMh9J_oZSjW04AcSQ2qG3_3Rl2mV7pCQwF2pM-wM7_9GMX367j0DW473l2W_HzgkZoyu7MlcJU-07mIZqgPhgbTNWNuMEFgmTkAeR4iz41lGJR6vSbojCjrqbcvXIvFvpsctzJIBqBMB8xCLd-tDJEI7OY-UV-P2CrXI-xlKZlhK_j1AEUNOBKJQlsJLfW1svzsFuXKuKb4j4wscK9qbRl7qyyVe2-qGShxuGT5llCOz0BjgHNtVJePo0rxK-1A8IprE2ZdFC5xLWezJRPeyNIkTiaDb_X-xC82_7ErPiQJplJFEQ_9zEohIQ0xBNoJJKSkeZcTu99fZxb4UwfaBF5IRvaXyB017odz4jTwDMirlA_O83UUyHwMi5_wNX6baRPDSX9mSizvIG7SNaz_WXuu2u1IRAyNRDhAxfI7grpG0-8BO8BxyDi_MIfQCyJFK90gs5hnuDAWZxtliVKVwEYHP3v4efmReiqz-s4ZfZbWM033zBMdZ5mUY8N0RVhzYrrSnFpiWsbMRcpeNPmoU6ssJra_lt-xRQL5Ae-BI3AV-OUtVItOmr6E_-wOM_c-DEtdN3ZqWPUCN1bePgN8Kqz11YS4GGWI73F5CDO8FGDTiFMqEh1TzAoVCEjBJnxQbaEZzf-ckXLAwyXVAxrRul0MqNaEhP90XuNTf0TvR8YPOYR3BJPtaxCyzv-elsMB40BkT0LH2yKzCKHkEIWzS4WEXyW1TpC4P9foxO2uyjXewu8S2Gu7S741GefbGq9YI3ngEdzV5NYTqgD
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn4.buysellads.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Jun 2021 00:30:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F70D
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210621&jk=2314440132360903&bg=!SUqlSg7NAAZktE7iZLQ7ACkAdvg8WrgxWmjmAv4DTlvYhI2jTKO-GLarIA903mTfy_LWyX7bk1ZsuAIAAACqUgAAAAxoAQcKAEhk-oJzrY0uUs5dT-ZlM1Ck0bA0IyVA_E6y2uE28ypAsinAJo4T8jkVdkqHpT6eXgKUb7sOSBE6M8wFS0PzYEjr9m4WaiTcP7eZAo-lTohj8QPyEkOkM1IqlqDlHQpX6l-c1CmsJNmfG-G54dcEIeD1cynoRu6JmQ5s3blCnXxGeUJruoGlklVyW95aGYrA1vCqTlOvK7gYANlGPWUNYrZ1ZFqJYv9XVpaS7qvz9fHEAn1ZD8cgY9hmwLFr7DBHn8067-9XHJsmM8qWjLSj3nykIQHiAYzPHMvmgh2n1Rlgv5cNaWCVQF7SQVtyaB4JRgY15Lg3ufLbBXG5vXFN1oQpMe4j9FzF7X00OpFZ5RbRO6GCyMdY7QA29_13Tjlokw_jPjy2h_BbwrMPQYSZIWqacFXKO80DSpvFP3GWP1oh7NMsxUpXo7ST-oBhq9ogJ3hSQoS7KA0mnoAHWJXABAMFSilKVFBySEvzJnSHa1_Lw_FQebgJk9VMTxemtUhJE7HZhLZL1FP2EyFupLR64L5NvDWi4qAnItX7oAoCeBG3nGn8Wa5F34e70EVqB9E5hzLsa_JnRvRfTcjwDO6s6xv0k5CHWjWFQIGm5GUzIKke5uwqQYoiNp-993Kx3y3zpq--wBTB8-3u9iqUBrTVGhBmowBdOWipKd6OJjxWp-4JPp7Q7O3s_hnmFIRZWyuxS9LJU1TAm43CXPwTvz0owqRzZRVN85bbUQwO8ik45eRO_kX8uPyspdG-jZebEUzWbBzqkvXbctXkzRuVVTtgNJV2bb-0czBXwLVsIGlE4jiUuKSFc-i1LOj5qCp5CHJ_kJXzIhs5WAqIEsih4OFn0zh027cLntz7vAtp9cIpoKbyD19LHKdQxSJyFWykavQ4aNOkUvQw0gRh534EwYLZqMb2erMIzyqdDOEWdPxmpQjbtkaEiClVoYvaJu-iMMeUumpF0MX-Vfj7xvwW
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn4.buysellads.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Jun 2021 00:30:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021062203&jk=1676270161760244&bg=!HR6lHlrNAAZktE7iZLQ7ACkAdvg8Wjz-VI6z3eZ0rQ5MIJBJP-RIHaN5FRsFP9V4xX-Xr9Fp2RcZaQIAAACgUgAAAA5oAQeZAm091Sy-I8T1HftJS8EH4Z1rGiwk2lsY0U7jbHdYLOrHSK2gzfW-V93vXOIS9C1IRM9-HhH2Ozcm9ZRadvwBNCOLG5IyuBTxMpiiFBffFmK0GszbIPmk-MvOdK2rtHbjydBUMp0xcRrARI5dygWzITPiez5tjes8xrPRQ-uCkX8Ea_oMRyG3uVExIkVSh6wWJqavdBIuO-9lxEldn_mUDxkSiiiRlzuhamPLtKoN9EcRWCyU0I8GG2E07AKmpKp2K7g1RMRUy75ELihpHtFFGo99v306idHrUoRx7-Pa4rFM4_Tx9ovexPB_ddxZqMOG9uXNxLiO7EyL_Bmbw4TveBcVBciTYKgj6F-f__gkLyr21gayneusTIAHCmeMPRe_mSOdYQPHrB_dOy5UsnUhRDl52DISkU4UynbOGljuc5NOPJF-lr0cJJriqoUaI-41Je9zyXihwIpWgkL6QBRDP6TxRvMk3r8vboD8blhG4H9QjYZtrt-0WjzUMfqtXjiE4x7dgXzUvHxpxXHl8lLxxkDbjPF_5A661gJG8A9-3C7xcNTMA9rA_kL1Y7MuscNesX1YS_d4Vn0dm8CVNQbGPw-AhjpJTrat-2dwv5RkHLZawFYDQP3d0Q8d-AMm562Wuf8ce0YF1GEyckIeYX3XVpAWip1XLsiaDLooLcylhdjltwM8Epdpbndsw8iXe87CFhi51sNZAerNpsJTMvBX7YlXViB9pqsau1g2WsVOzbipoO2cFXtz0oETDjTknb93qlq6y0Qh1yd5yS6b3UVQPb4F_TkMCC09enRTbCYle0nGPwjHCrGmqfzrzsqKMGI
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fromdev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Jun 2021 00:30:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DC83
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssk3cAcqZJAHBPRwzcbRipDuRcPuYqxeR_7y-1tCk4ho4Ei6POiJXMwdTY04DcK4wGJAx3Wld25iKoAIqY9j3IlABUTEOOlX57n23vb-T15HMwT8vecJWl5L5cn8A&sai=AMfl-YSHi2gopIOLA1dfjKVbBbrLyItgVaURUoCqbN8UA28bVQ1y40kCHpeZcbPjL65k8i2cozUs9PpSZJTM&sig=Cg0ArKJSzK190iWMR8hsEAE&id=lidar2&mcvt=1001&p=8,30,208,270&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210621&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=411404361&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1624494627903&dlt=471&rpt=42&isd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Jun 2021 00:30:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0011
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss7CCTOoAhGeQ9SQlZHjpdK8jbEvP4xuRqr9FwEzSO8myv5hQkywBcQIcRD_KKhW2U6MoMm1_SkYFkc_cYxvBVfemMVce9rRd2Gsb6rph6JYVpGSdrB6oKTql01fw&sai=AMfl-YTn2xMbwyZ7kYXS8oRAU-r5tMIxMoWTGqRTbsKfTBVrnPF9ZMTTQxyiOiAGPPKw53UIPHte6YA3poxE&sig=Cg0ArKJSzBH4DbUfF5rDEAE&id=lidar2&mcvt=1000&p=8,30,208,270&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210621&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=411404361&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1624494627831&dlt=816&rpt=96&isd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Jun 2021 00:30:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

210 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| curl function| $ function| jQuery string| GoogleAnalyticsObject function| ga object| adsbygoogle string| DEFAULT_THUMBNAIL string| DAY_FORMAT number| TICKER_SPEED number| SUMMARY_LEN number| SLIDER_SPEED number| SLIDER_DELAY boolean| SLIDER_KEYS boolean| SLIDER_DOTS boolean| SLIDER_FLUID boolean| AUTO_REPLACE_GOOGLE_MAP string| COMMENT_VIDEO_SHORTCODE string| COMMENT_IMAGE_SHORTCODE object| EMO_ICONS function| _fTeG function| _fWbN function| _fBhR function| _fDxV function| _fOwD function| _fLrE function| _fFxA function| _fSiK function| _fNgJ function| _fVsE function| _fYtS function| _fPbN object| _vHaK number| _vQyQ number| _vIpD number| _vXpM function| _fRmS function| _fIlN function| _fCyP string| _vMzF number| _vOfI undefined| _vObT string| _vEtG string| _vCiH string| _vCzT string| _vNhL string| _vJdK string| _vPgO string| _vOhD string| _vVdY string| _vAwG number| _vCxX boolean| _vTsR number| _vMfP number| _vTwV number| _vXiO number| _vAcO string| _vQvS number| _vJfW number| _vSsH string| _vFfN string| _vJkL string| _vPxE object| _vOsT number| _vBiE boolean| _vCzF undefined| _vUkF function| _fEsU function| _fNrE function| _fCbD function| _fDxB function| selectnav object| _s7SmV object| jQuery18308494108807776328 undefined| jQuery18308494108807776328_1624494626791 undefined| title object| FB function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowByEmailView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| cookieChoices object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| _bsap undefined| _bi number| _bsap_loadedme object| IAmGot string| rid object| _bsa function| _bsa_go function| _bsa_serving_callback string| _fbn_placement object| _bsa_queue string| _vDoA number| _vZrA object| temp object| entry number| _vFwH object| a0 number| index0 number| index1 number| index2 string| thumbnail object| date number| dd number| mm number| yyyy number| h number| w number| th number| tw number| new_w number| new_h number| margin_left boolean| _bsaPRO_loaded function| _bsaPRO object| oldproonload function| _bsap_serving_callback function| bsa_CVSDPKJN function| bsa_CVSI42V function| bsa_C6YIP2QI function| bsa_CVSI45T function| bsa_CVSI42Y function| bsa_CVSI4KE function| bsa_CVSDL5QM function| amazon_assoc_ir_f_call_associates_ads function| amazon_assoc_ir_f_call function| amzn_assoc_ad_spec_type object| amzn_assoc_ad_spec object| amzn_assoc_ad_async_spec object| adUnitDeliveryNetwork object| slotCounter function| cmManager object| amzn_assoc_cm boolean| amzn_assoc_enable_abs object| amzn_assoc_internal_params function| assocUtilsMaker object| amzn_assoc_utils object| amzn_assoc_ad object| blockedMarketPlacesJson object| blockedViewerCountriesJson object| googletag object| ggeac object| google_js_reporting_queue function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| GoogleGcLKhOms object| google_image_requests

7 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: DSID
Value: NO_DATA
.fromdev.com/ Name: _gid
Value: GA1.2.1741202426.1624494627
.fromdev.com/ Name: __gads
Value: ID=e3c81d6f07f58683-221c7d4e6bc800c6:T=1624494627:S=ALNI_MaMLs8FHAVoSXLiGP06CMzTkbDsjg
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.fromdev.com/ Name: _gat_blogger
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUnPetLossNq5HiLBledom8ePbNiWedcD1Q9FBnUa8o7TxhSkmV55IzWxIYVpP0
.fromdev.com/ Name: _ga
Value: GA1.2.2041947867.1624494627

1 Console Messages

Source Level URL
Text
console-api debug URL: https://go.recordedfuture.com/e2t/tc/VX3Xvv1wbfbrW3YzQGs4kBgMnW2C4PM94t9lBlN8hWs4_3lGnpV1-WJV7CgKkPW1yRcpj1gW0cGN84p6SvRKrXtW2wD8kT13Qb2HW3mFw4J8B9RPCW4_Ddr07tH4t_Vb3gTj5xnp5jN6kmDkRspW9jW4jFP9h3GcRgcN3qK0Q3BX-2FW2fPwwZ4PZFh6W1dzNGG1Z9wTYN1H76xn1WDx8W1JFrcn2wJ7trW8h-6_x5WNg_JW9d3xFJ2890BMW79WPNR3Lrf6PW92nPqZ3MBJP8W974tTM2Pb5ZtW2_l9lp8SqzcDW7KH3qG8CfK6JW3cFvFQ3_0FrbW2dfNdK2R2N_kW2xNMFr3WLL3lW5dgl3v2mKKfQW5xdLKV6HWWxXW3sJlj789Jc4M332t1(Line 13)
Message:
toS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
351083b7c90978f7b913de88cafaedbb.safeframe.googlesyndication.com
4.bp.blogspot.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
c.amazon-adsystem.com
cdn.fancybar.net
cdn4.buysellads.net
connect.facebook.net
fonts.gstatic.com
fromdev.github.io
go.recordedfuture.com
googleads.g.doubleclick.net
lh3.googleusercontent.com
lh4.googleusercontent.com
lh5.googleusercontent.com
lh6.googleusercontent.com
pagead2.googlesyndication.com
resources.blogblog.com
s3.buysellads.com
securepubads.g.doubleclick.net
srv.buysellads.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.blogger.com
www.facebook.com
www.fromdev.com
www.google-analytics.com
www.google.com
www.googletagservices.com
z-na.amazon-adsystem.com
142.250.185.162
178.128.41.241
185.199.111.153
23.111.10.144
23.111.9.22
2606:2c40::c73c:67fe
2a00:1450:4001:800::2003
2a00:1450:4001:800::2004
2a00:1450:4001:801::2001
2a00:1450:4001:802::2002
2a00:1450:4001:808::2001
2a00:1450:4001:809::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:812::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2009
2a00:1450:4001:82f::200a
2a00:1450:4001:82f::2013
2a00:1450:400c:c00::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
65.9.73.38
65.9.86.127
94.31.29.32
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0312c6edb1492faf8eceffca14f50d7d16696e5f8dcb866fec816edae84a0799
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
10575a9b43350137a5ab7249705b19e1f1749e1ed8feeb8c63450a5a834453aa
122df083771f07f5562ce2b55bac813ca2eed2cafe63eacb86053f8b286dbf20
169a167ec7b5e58c4de94f2e9ff98a0e8d12a5224cec8f75cdd658184fdea60b
171c1bd180c64ddf89d6a02acce08844161d1ddeaf69fd9b18ec2cabc8d3cfb7
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ff5c8042a24f2d373e46c2a3e7f6ddcc7819cf5e5e7a79ac98106219ee39ca3
202143e64fcb62034da0193289234b1a1e140d07d62ba868f634709908a41753
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
224d95cce08108610c46ef4134793dbdd619e43e90e9d9cf42716a08f45222f9
26323c33aeb233be2d831b0ee82f5eac4ba484a5647c44564e964e967219c099
302083e5c856fe2fb4f205ea2dd3d4f11b1491f5aa6912c4c652ac47beb108df
340cb5376c97c3b1e19daa9cd3b409a7b3df87eddede0548b031185ffa343244
361997896e2fd3ed1a61be37c0d689bc88de9703fba71f4a3de1ee90f7617d2e
37faacea2925c6872e50f44d16851b354c101c6fa73ab98509c1fe5a74f75487
3930511b2f649ff596282407e6e3a837c8278c01b6b416b51372decbf238f709
3ca5303ca488470ed3324131bee86a6a9e6fecf2ece45e4fe76e0d6bba984ad3
400991060c2cfcfa2e8e0ed2adb3220124a17be2fe3eb56627fb57d87e6096d1
41bbd2b65afe17462ef9ebe08d8952cd546ad6edb1a2c809489d33d203e7bb64
422eb73d6185c40ebe2ef20f64ea8e1190c0321976a13ccd5b4e4c36ffc9849e
490407845cbcf0b8b85cef4e0b80de6777ee5473b8840a83c7e555cb3484309e
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
51db63358d9bfb37137d3c5cef903d45b6a7541d87bb0f3da581dd02fe64a975
525c14b4404780a77ee86cd0205b7484e3a1d61fcb1863004055528b29071494
54bd542828f2695208ccd3886873d9e065b332e01da828df158e4a539bd8eb44
55655af5ed60f1b4e840f354440799db81981c406e7429c24cb53fa221890071
56e53086a7cdcbcc2c0f8dbe51f353a94c733ee53e500d312ccae3fdadec8970
58764130dc328302c97fc5e6b818227f7e315152d1606bbbd5ae52d9b14938ee
59ef926af56c6f748f59545acb69a60eb04d123c4a86682633e35e3acf7d7de2
5c4542287cc42f50c3ede1a9bd12a1998632a3899463f23f213bc4407e96fcdb
5fbb6a3068d5713328432bb50a7262996995bc44598c45b947416dc64a3709f7
607952d09a7f8bc1893e970fabf48e59158b8e12fba3803cb16a4c2b5d52fb72
6176d264d3e3aa4eaab33234af8247387a7b990b4545afa65e51c2f4e21c1ff3
61b8875943e7149337cff5eee15908b8cc90322e968daa287bfccbe65f1dbe5b
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
62bc313fcb5fb55986eeef2d936f70c9715fed5af6bd2fe4d70290b624fbf97a
64c007b46f25da47c659a0045ce49d7b9e0c2aac355bfa4c32845a52064af979
669b8019185f217632d8575a316430dbc82ff3cad539394d595d3f0738d84972
66db420c40d4a45d7b1c700bf3033a5e0e466ce521058ac1d9b895fb21dabe13
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c6215b45e07aef3894f4f214d3732572c0be18672d210e3fa867c8342816eb0
6d556e336cb12f6938b56f6bf7352ce363a192e0866a26bad0e445f29291c00c
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
74c923dc3bc129ba2d617b1f1dba3bbed5daadb61dff755e14a9aabe62b04621
76db825b68979b9ea6cc55fa14373b7bf5e3beb7388cd2efa485938bb2a389fb
79420cb1c487791c9f033fbbf728ee65ca2d6858448c1f0a3349719de7612a37
8567bdc2599001757e7976f8bff2094fdf043037a2373811011f8b3a27d5a088
86a2b0cd69afae8f700d7b2ab69f408f1db709d72567e5e994e0bf2efa18ed84
925a1cef9a24d8e3d7aebb0fa805f5cd46e7bea6d8b87277f9a18a955898bd6d
92d41029f2134888a6bf442e90c11200f085805fc449b6a225b5712b428f229b
9b08d96b7652d8664b3ca02ad4cb08dd63f5fdf01a4027e9ff54d6fbe8825a0c
9c4ec5b552f1988e8293e4172d5a8e0d5d2dce0724a38b6d854531004531f8f8
9cae3559aa4f592c7310bb48a463164878646a2c1c045a66506143bc1dfbbff6
a0cc7ea6cbd952d06e91c390bf096a0ae68266a397b109bf0aa1b47752f12a2d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8e270479f5cd496c11d7e925fdb5474b8481dca58d2c79b1914821b2d3c1940
aa011fabec21a382cefd6e3becc7200fbb60ab0c431690ee9c10211eb69ece85
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b681f72097552decfc53a7fea47c64dc6cb445f3a50a309e3031eb5598c1745d
b77a6117065d83c0c7b26d981b91d9b9a5818e7f81ac327997aa938a9dd3afe1
c0926eb9cabdae01f8097f5c5722034ca1347235579badb6f2af0d632e60de56
c969efceff108562296b3425ced4ae3921ebf7baf40958c4b500c7d075ae350a
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
dfbcc7e40793a927a81062eb2917708435f983c85235d6cbbbbf16f619124fcb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea36e0ae829a1787f304bafbbfa15b5b46896ba5e0149f800f6ed8c9767aa0f4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00140e3c1a56b3146e22b26c5075b9253af6788208f68b1f128f14139d7e2c4
f4cfb84a9f484865302735ba62b30343df6e8256ee54036eb85cd419d2110cd3
f5a1212852709b2be58bf29e94fb8b53575c6596d744b192d2979474b062c4b3
f781adfea30c3876a3540cbe92d910804408a1926b4140345f13f5ece75dc1a7