wearedevs.net Open in urlscan Pro
172.67.71.2 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://wearedevs.net/d/JJSploit
Submission Tags: @phish_report
Submission: On September 12 via api (September 12th 2024, 5:31:28 pm UTC) from FI — Scanned from FI

Summary HTTP 47 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 10 domains to perform 47 HTTP transactions. The main IP is 172.67.71.2, located in United States and belongs to CLOUDFLARENET, US. The main domain is wearedevs.net. The Cisco Umbrella rank of the primary domain is 759734.
TLS certificate: Issued by E6 on August 9th 2024. Valid for: 3 months.

This is the only time wearedevs.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	172.67.71.2 172.67.71.2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
9	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	104.17.72.14 104.17.72.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:38::181	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1d::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
6	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	142.250.184.206 142.250.184.206	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1	142.250.184.196 142.250.184.196	15169 (GOOGLE) (GOOGLE)
47	17

12 172.67.71.2 (United States)

ASN13335 (CLOUDFLARENET, US)

wearedevs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.wearedevs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.72.14 (None, )

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:38::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1d::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

www.google.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	wearedevs.net wearedevs.net — Cisco Umbrella Rank: 759734 cdn.wearedevs.net	29 KB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157 tpc.googlesyndication.com — Cisco Umbrella Rank: 203	299 KB
8	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 252 td.doubleclick.net — Cisco Umbrella Rank: 481 googleads.g.doubleclick.net — Cisco Umbrella Rank: 77	243 B
6	google.com analytics.google.com — Cisco Umbrella Rank: 238 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 662 www.google.com — Cisco Umbrella Rank: 10	72 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
2	gstatic.com fonts.gstatic.com	16 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	176 KB
1	google.ru www.google.ru — Cisco Umbrella Rank: 8663	63 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	765 B
1	cloudflare.com ajax.cloudflare.com — Cisco Umbrella Rank: 2266	12 KB
47	10

	Domain	Requested by
9	pagead2.googlesyndication.com	wearedevs.net pagead2.googlesyndication.com
9	wearedevs.net	wearedevs.net
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
3	cdn.wearedevs.net	wearedevs.net
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	wearedevs.net www.googletagmanager.com
1	www.google.com	tpc.googlesyndication.com
1	www.google.ru	wearedevs.net
1	td.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	fonts.googleapis.com	wearedevs.net
1	ajax.cloudflare.com	wearedevs.net
47	16

This site contains links to these domains. Also see Links.

Domain
forum.wearedevs.net
theomnidev.com
www.youtube.com
twitter.com
go.expressvpn.com
aka.ms
scriptunc.org

Subject Issuer	Validity	Valid
wearedevs.net E6	`2024-08-09` - `2024-11-07`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
ajax.cloudflare.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-08-07` - `2025-08-06`	a year	crt.sh
upload.video.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.doubleclick.net WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.google.com.ru WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://wearedevs.net/d/JJSploit
Frame ID: 6B11D0AC76311824DDE4AD1DFF9C169A
Requests: 38 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-46VWDGRLXJ&gacid=1072666213.1726162284&gtm=45je4990v875665888za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=878263057
Frame ID: 2732FFE6D9D40505573F15D1E51C84D3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240905/r20110914/zrt_lookup_fy2021.html
Frame ID: 8BAE1C51481EADDC554A395BF5D49C94
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9142841210062390&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1726162285&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x1080_l%7C356x1080_r&format=0x0&url=https%3A%2F%2Fwearedevs.net%2Fd%2FJJSploit&pra=5&wgl=1&aihb=0&asro=0&ailel=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=32_25~29_18~30_19&aiixl=32_9~29_5~30_6&aslmct=0.7&asamct=0.7&aiapm=0.41421&aiapmi=0.44357&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1726162284208&bpp=6&bdt=724&idt=415&shv=r20240905&mjsv=m202409050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=3232315120260&frm=20&pv=2&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086866%2C42531645%2C44795921%2C95338228%2C95341664%2C95342032%2C95342457%2C95339860%2C95341670&oid=2&pvsid=2768297375248076&tmod=254225319&uas=0&nvt=1&fsapi=1&fc=1920&brdim=50%2C50%2C50%2C50%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=982
Frame ID: DF8D5CB4A857995D9730847A28F57E87
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=1180724422&adf=50557328&pi=t.ma~as.3739798263&w=300&abgtt=6&lmt=1726162285&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fd%2FJJSploit&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1726162284208&bpp=2&bdt=725&idt=507&shv=r20240905&mjsv=m202409050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=3232315120260&frm=20&pv=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=388&ady=77&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086866%2C42531645%2C44795921%2C95338228%2C95341664%2C95342032%2C95342457%2C95339860%2C95341670&oid=2&pvsid=2768297375248076&tmod=254225319&uas=0&nvt=1&fc=1920&brdim=50%2C50%2C50%2C50%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=a!2&fsb=1&dtd=988
Frame ID: 60AFBCE4598A4310C5CFEADD159CA89E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=2036292585&adf=3247881204&pi=t.ma~as.3739798263&w=300&abgtt=6&lmt=1726162285&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fd%2FJJSploit&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1726162284208&bpp=1&bdt=725&idt=509&shv=r20240905&mjsv=m202409050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C300x250&nras=1&correlator=3232315120260&frm=20&pv=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086866%2C42531645%2C44795921%2C95338228%2C95341664%2C95342032%2C95342457%2C95339860%2C95341670&oid=2&pvsid=2768297375248076&tmod=254225319&uas=0&nvt=1&fc=1920&brdim=50%2C50%2C50%2C50%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=3&uci=a!3&fsb=1&dtd=993
Frame ID: D5ECF9CB54F74DC549E017E0377EB8F6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=2362057675&pi=t.ma~as.3739798263&w=300&abgtt=6&lmt=1726162285&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fd%2FJJSploit&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1726162284208&bpp=1&bdt=725&idt=510&shv=r20240905&mjsv=m202409050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C300x250%2C300x250&nras=1&correlator=3232315120260&frm=20&pv=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=912&ady=365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086866%2C42531645%2C44795921%2C95338228%2C95341664%2C95342032%2C95342457%2C95339860%2C95341670&oid=2&pvsid=2768297375248076&tmod=254225319&uas=0&nvt=1&fc=1920&brdim=50%2C50%2C50%2C50%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=4&uci=a!4&fsb=1&dtd=996
Frame ID: 2F49B478A5353C775FFF9753F8F34BD4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240905/r20110914/zrt_lookup_fy2021.html
Frame ID: 7862FD31FEB89B58E84CB2E6FF5DA5BE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2E031609684781F6287C3484EB90B7EF
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EF7338443190B29296DD014BEF8D2DD6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

JJSploit Download - WeAreDevs

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

47
Requests

98 %
HTTPS

56 %
IPv6

10
Domains

16
Subdomains

17
IPs

4
Countries

626 kB
Transfer

1756 kB
Size

8
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://forum.wearedevs.net/
Title: Community

Search URL Search Domain Scan URL

URL: https://theomnidev.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://forum.wearedevs.net/login
Title: Login

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/Omnidev_?sub_confirmation=1
Title: //<![CDATA[ window.__mirage2 = {petok:"GF.pt4lrIp82AAQSYoo9PRDtxcVPUa88k5W.YGBnCGQ-1800-0.0.1.1"}; //]]> Coding Tutorials

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC3YNONzSHPW12m3AT48fMHw?sub_confirmation=1
Title: Exploit Showcases

Search URL Search Domain Scan URL

URL: https://twitter.com/WeAreDevs_
Title: Twitter

Search URL Search Domain Scan URL

URL: https://go.expressvpn.com/c/2569400/1462858/16063
Title: VPN

Search URL Search Domain Scan URL

URL: https://aka.ms/vs/16/release/vc_redist.x86.exe
Title: Visual Redistributable

Search URL Search Domain Scan URL

URL: https://scriptunc.org/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request JJSploit Show response
wearedevs.net/d/ 15 KB
5 KB 213ms
159ms Document
text/html 172.67.71.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wearedevs.net/d/JJSploit

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.71.2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3015332992d57572ec64033daf9045a206e1f75088ecb9b947287da9bfa085d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8c21a17ecceb8d7f-HEL
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 12 Sep 2024 17:31:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UjGGqTqWys81gb06BI0%2FzEzPPOLvzysjlJIyW0GvT5Bu1T8qxL4LjBFnkIZa9qdZSLO6TR04RI3g%2B9%2FKO%2FURT0W8OrwtigDOfXlu0GFIEtC9ar3i5zicgQx03AfuIIA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN SAMEORIGIN
x-xss-protection: 1; mode=block 1; mode=block

GET
H3 200 main.css
wearedevs.net/css/ 2 KB
1 KB 56ms
48ms Stylesheet
text/css 172.67.71.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wearedevs.net/css/main.css?v=26

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/d/JJSploit

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.71.2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4da3cc62e027a011d77ee203f1a23267190607c5b156a09291d210569cdb00c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://wearedevs.net/d/JJSploit
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 12 Sep 2024 17:31:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 753
cf-polished: origSize=2575
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 18 Aug 2024 22:09:36 GMT
server: cloudflare
etag: W/"66c27120-a0f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qxJk2r2uGyOeSzoRyFYnp5WFltRKeutJulAAbUJonVwUyZlEa94xAeoXh14HOGTcvr6C7Po%2FDKMbjKtU2We4yvlQmP1l1CpwJWpJFmhEH1t2OaQJjYKYdjl0QLXAS30%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=3600, public
cf-ray: 8c21a1800dc58d7f-HEL
expires: Thu, 12 Sep 2024 18:12:44 GMT

GET
H3 200 night.css
wearedevs.net/css/themes/ 821 B
853 B 58ms
50ms Stylesheet
text/css 172.67.71.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wearedevs.net/css/themes/night.css?v=26&v2=2

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/d/JJSploit

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.71.2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c8768746841a59a87bc5a201507117e01f14e08ae7a6be15e7b5942f188c59e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://wearedevs.net/d/JJSploit
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 12 Sep 2024 17:31:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 753
cf-polished: origSize=997
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 05 Sep 2024 05:25:21 GMT
server: cloudflare
etag: W/"66d940c1-3e5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gu1CHYv6oCQIs4lAq8pk2RZI7%2BJBlpJRRUyVUPsKWosZDhKxcvyAcRIlvMzMQ7WGECXR6frMDm8W2EVpmD4bPzxt%2BoM62Ae%2Biuez3L08rJ4M0IV2AEgX0gj%2BGpLgONs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=3600, public
cf-ray: 8c21a1800dca8d7f-HEL
expires: Thu, 12 Sep 2024 18:12:44 GMT

GET
H3 200 navheader.css
wearedevs.net/css/ 2 KB
1 KB 62ms
54ms Stylesheet
text/css 172.67.71.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wearedevs.net/css/navheader.css?v=26

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/d/JJSploit

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.71.2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8493f134565a17a00ad34ff63f2ab2b6181815410dc760ada300ac283fc9aa55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://wearedevs.net/d/JJSploit
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 12 Sep 2024 17:31:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 753
cf-polished: origSize=3429
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 19 Aug 2024 01:36:50 GMT
server: cloudflare
etag: W/"66c2a1b2-d65"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TCmw0q8lniqBjD4UBUiUewfvMs39bIEFEW2%2BVEyZx%2Bo77qd5hAHwfSYwi2vmTRdYcF86jVq%2FmHsn5ey685XP92kdnop7mHuRPYq14UvWPhMyVIebGEEQ8EYjeU9bAK4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=3600, public
cf-ray: 8c21a1800dcd8d7f-HEL
expires: Thu, 12 Sep 2024 18:12:44 GMT

GET
H3 200 timestamp.js Show response
wearedevs.net/js/ 2 KB
1 KB 56ms
48ms Script
application/javascript 172.67.71.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wearedevs.net/js/timestamp.js

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/d/JJSploit

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.71.2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3619c1468e207e66ec8d47fc1a4776c27a20f383cf28f5650f594a026f12da79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://wearedevs.net/d/JJSploit
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 12 Sep 2024 17:31:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 753
cf-polished: origSize=3405
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 07 Apr 2022 17:37:47 GMT
server: cloudflare
etag: W/"624f216b-d4d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MYZ2JCJiEkZjSlYeLxrj883GciietQYerbPxAP8WZ97%2BK8au7e6P9WUgjDCa3SaR%2BEaXzYs0Ng6TcFlU60kkfpYjgVYJh15ndGFkQJyuRfWOddH1fHfaIB3EeIskGRI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=3600, public
cf-ray: 8c21a1800dcf8d7f-HEL
expires: Thu, 12 Sep 2024 18:12:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 308 KB
104 KB 237ms
85ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-46VWDGRLXJ

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/d/JJSploit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

50167a7cfbd958c574d400a13c1a139851f032feeeba690c65010a97ef2ae7e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 12 Sep 2024 17:31:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 106209
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 12 Sep 2024 17:31:23 GMT

GET
H3 200 download.css
wearedevs.net/css/ 3 KB
1 KB 79ms
53ms Stylesheet
text/css 172.67.71.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wearedevs.net/css/download.css?v=26&v2=4

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/d/JJSploit

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.71.2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e577bada78d72cb4afc5d94fa5ce0f34007ae197dc957bbf64f176724af48f8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://wearedevs.net/d/JJSploit
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 12 Sep 2024 17:31:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 705
cf-polished: origSize=3520
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 10 Sep 2024 11:39:42 GMT
server: cloudflare
etag: W/"66e02ffe-dc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TD7GkwbKdaG7Ao1fk%2BlzioahGMl6mDfCHW5Zllk5zOpW%2FAnts6TtUJsodIzLaHZJ70bkD%2B7%2Bt5AqW3AmvtVdiPyfUx2TygeY0Il1IV8EUFtLNjlm6aAqSl13Cd%2BqvmQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=3600, public
cf-ray: 8c21a1802de98d7f-HEL
expires: Thu, 12 Sep 2024 18:13:02 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
51 KB 253ms
104ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9142841210062390

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/d/JJSploit

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

dbe43f9fa869f9259daef08f1f3dc86fb992c63e602b4310ec523d0351d5eb2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wearedevs.net/
Origin: https://wearedevs.net
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 12 Sep 2024 17:31:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52493
x-xss-protection: 0
server: cafe
etag: 18113318222444263191
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 12 Sep 2024 17:31:23 GMT

GET
H3 200 mirage2.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/04b3eb47/cloudflare-static/ 38 KB
12 KB 112ms
47ms Script
application/javascript 104.17.72.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/04b3eb47/cloudflare-static/mirage2.min.js

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/d/JJSploit

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.72.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b2e044c462b8b00dfb05d77740f8b8f2a90ce00e2e5ccf621eac288608c0649

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 12 Sep 2024 17:31:23 GMT
strict-transport-security: max-age=15780000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 10 Sep 2024 18:11:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: gzip
etag: W/"66e08bbd-9688"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WNJBIAXTzuXVCAjoGJJYbp1%2B3F3LLv%2FM2vC05wstBqvg70JFRpsW5r9ExWhKgqz0pSQYm2MGNKKE9T8DGKuvpwXyAS9JobEST%2BkMirZ987rUiMUeC6yBXhbvX9nFwKQR0ecKejs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8c21a1806c978d50-HEL
expires: Sat, 14 Sep 2024 17:31:23 GMT

GET
H3 200 timestamp.js Show response
cdn.wearedevs.net/js/ 2 KB
1 KB 73ms
47ms Script
application/javascript 172.67.71.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.wearedevs.net/js/timestamp.js

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/d/JJSploit

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.71.2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31e248ed6cd44cb5c7e685875d67e6bd869de6dbebbc76b57f3b6aba24d81526

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 12 Sep 2024 17:31:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8327
cf-polished: origSize=2584
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 24 Dec 2021 20:23:48 GMT
server: cloudflare
etag: W/"61c62c54-a18"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wVuMYflhkq270jfrZBfolJoHNHUp78BR5GcI%2BBzNlixpDdzOaaD9%2F6PgLBmDfIPTsUxnppx7ak1du74kgiF%2BrWssTxdSNkA0O%2BH4TppwrRnFcSpqy6INaRouCt9n62Zi6zhS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000, public
cf-ray: 8c21a1802deb8d7f-HEL
expires: Sat, 12 Oct 2024 15:11:59 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
765 B 220ms
73ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;1,300&display=swap

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/css/main.css?v=26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aed3dfb561c6e2bf9e7895443d5191147c13e7e28e39a553f2df1b71eca56784

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Thu, 12 Sep 2024 17:31:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Thu, 12 Sep 2024 17:31:23 GMT

GET
H3 200 windows.svg
wearedevs.net/icons/ 2 KB
1 KB 74ms
73ms Image
image/svg+xml 172.67.71.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wearedevs.net/icons/windows.svg

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/css/download.css?v=26&v2=4

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.71.2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c549751ee31fec69cb95f0a10aa98e4ccc345bf73b2f448490a22693644aa28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://wearedevs.net/css/download.css?v=26&v2=4
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 12 Sep 2024 17:31:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8332
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 30 Jan 2023 13:46:33 GMT
server: cloudflare
etag: W/"63d7ca39-803"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BtabtdDeBsaXT3a0RpQSntvxB1TjTnJyc4htexlSBJGhlczaTXBQzYsRYyr1ogWSkRMXWb2OYTX3JCWLZBDy2OxIxKNE92XEUOhOtzAp0aDYslGY7NfF5CrN1TLj0Cc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=604800, public
cf-ray: 8c21a181cf628d7f-HEL
expires: Thu, 19 Sep 2024 15:12:15 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 228ms
84ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;1,300&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3dc5d0c52428fe1696264907a1054ebbaac07f8cbe45832c105f819c2ae397c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wearedevs.net
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 10 Sep 2024 12:08:22 GMT
x-content-type-options: nosniff
age: 192181
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7900
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Sep 2025 12:08:22 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDz8Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 209ms
65ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFd2JQEk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;1,300&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

643e38d8c288a1da34a14a68a5012441929108d50054414ce8cc33fad36a2354

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wearedevs.net
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Sep 2024 10:53:50 GMT
x-content-type-options: nosniff
age: 455853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7844
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:02:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Sep 2025 10:53:50 GMT

GET
H3 200 youtube.png
cdn.wearedevs.net/images/icons/ 274 B
862 B 57ms
47ms Image
image/webp 172.67.71.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.wearedevs.net/images/icons/youtube.png

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/d/JJSploit

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.71.2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d68cff194f536c86c2df5e8bff6bb495c173fc721d2b0db7bff36699b28f24a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 12 Sep 2024 17:31:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8324
cf-polished: origFmt=png, origSize=521
content-disposition: inline; filename="youtube.webp"
alt-svc: h3=":443"; ma=86400
content-length: 274
cf-bgj: imgq:100,h2pri
last-modified: Fri, 24 Dec 2021 20:23:49 GMT
server: cloudflare
etag: "61c62c55-209"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=exfc62xGRu1qbLOwsrqOIKx2eEdBs5aCjHAZDPSXnyZT5Mp45N57XQDkbvkkCEWSjmksLw0iixj4mp8XYX%2BZFBiRvJJdQTYq1LttNwEdJOX1G8pMTHNVgBmMN4Q%2FKSXgd1Y%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 8c21a1821f8e8d7f-HEL
expires: Sat, 12 Oct 2024 15:12:03 GMT

GET
H3 200 twitter.png
cdn.wearedevs.net/images/icons/ 316 B
907 B 48ms
45ms Image
image/webp 172.67.71.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.wearedevs.net/images/icons/twitter.png

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/d/JJSploit

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.71.2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee6493ac0cfb3867597a680a56af212bfde8f2b982d38273aef985402ba771ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 12 Sep 2024 17:31:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8324
cf-polished: origFmt=png, origSize=670
content-disposition: inline; filename="twitter.webp"
alt-svc: h3=":443"; ma=86400
content-length: 316
cf-bgj: imgq:100,h2pri
last-modified: Fri, 24 Dec 2021 20:23:49 GMT
server: cloudflare
etag: "61c62c55-29e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1oKvHiPudpRwLc8%2BwcA%2B1kjbhelB%2Bxj%2FSuCZSk7OvgRAx%2BlA%2FVaDlAgIefImpZooqp9cP8LFfEPsNas7aSzuRaqgsESQmcmLCXe2AQ8d63Za8kH%2FmUUZC9DW2OxhrZO94Ttk"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 8c21a1821f908d7f-HEL
expires: Sat, 12 Oct 2024 15:11:58 GMT

GET
H3 200 unc.png
wearedevs.net/images/ 2 KB
3 KB 65ms
63ms Image
image/webp 172.67.71.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wearedevs.net/images/unc.png

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/d/JJSploit

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.71.2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8f5d41f44a0626789da3a19b6bc4d6099e67bbcdc2ab5194c04287e90fb38e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://wearedevs.net/d/JJSploit
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 12 Sep 2024 17:31:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8324
cf-polished: origFmt=png, origSize=2932
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=Hqk_lZgxXGiU_IRRyRkozIPM3gmUdyLEBZIB1UuP0pI-1726162283-1.0.1.1-Ws0a8ZE2BgJnZbypgK6M_RDanpNS9WNnb3Hm1j5R.8K6qwgww5cac30imJeX8w_.sg.Tyw.IO_GT8b59JFjX5DexrkCcQnuCoU4_ocaE31ByQNXWwbUbfnJxrTED.pi0fy2r7NIqWmBk1S_cK1J09Q; report-to cf-csp-endpoint
content-disposition: inline; filename="unc.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1540
cf-bgj: imgq:100,h2pri
last-modified: Tue, 26 Apr 2022 14:33:33 GMT
server: cloudflare
etag: "626802bd-b74"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6G0OhR%2B2TwzbekQsnaMI5ltBXJMdd%2FLMxYpVCIPZma5mquEeZ7c2B0ElWbb%2BtbwYVCTKpearBIbzpna5UbdXQ7rkaXEABvKBaoKG15ZbusF3%2FbDuTIFy%2FLynAQjkpRM%3D"}],"group":"cf-nel","max_age":604800}, {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=Hqk_lZgxXGiU_IRRyRkozIPM3gmUdyLEBZIB1UuP0pI-1726162283-1.0.1.1-Ws0a8ZE2BgJnZbypgK6M_RDanpNS9WNnb3Hm1j5R.8K6qwgww5cac30imJeX8w_.sg.Tyw.IO_GT8b59JFjX5DexrkCcQnuCoU4_ocaE31ByQNXWwbUbfnJxrTED.pi0fy2r7NIqWmBk1S_cK1J09Q"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: image/webp
cache-control: max-age=604800, public
accept-ranges: bytes
cf-ray: 8c21a1821f918d7f-HEL
expires: Thu, 19 Sep 2024 15:11:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 198 KB
72 KB 84ms
83ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-120895803-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-46VWDGRLXJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b5c53eb36d3fc594b026f32be00e0bdd0a644b2fe373da016296e4f738c888a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 12 Sep 2024 17:31:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 73209
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 12 Sep 2024 17:31:24 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
0 169ms
41ms Fetch
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-46VWDGRLXJ&gtm=45je4990v875665888za200&_p=1726162283781&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1072666213.1726162284&ul=fi-fi&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1726162284&sct=1&seg=0&dl=https%3A%2F%2Fwearedevs.net%2Fd%2FJJSploit&dt=JJSploit%20Download%20-%20WeAreDevs&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=900
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-46VWDGRLXJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Thu, 12 Sep 2024 17:31:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wearedevs.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
243 B 217ms
73ms Ping
text/plain 2a00:1450:400c:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-46VWDGRLXJ&cid=1072666213.1726162284&gtm=45je4990v875665888za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-46VWDGRLXJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Thu, 12 Sep 2024 17:31:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wearedevs.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 2732 0
0 258ms
94ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-46VWDGRLXJ&gacid=1072666213.1726162284&gtm=45je4990v875665888za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=878263057

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-46VWDGRLXJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wearedevs.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 12 Sep 2024 17:31:24 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.ru/ads/ 42 B
63 B 438ms
345ms Image
image/gif 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ru/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-46VWDGRLXJ&cid=1072666213.1726162284&gtm=45je4990v875665888za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0&tag_exp=0&z=54313176

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/d/JJSploit

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Thu, 12 Sep 2024 17:31:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409050101/ 87 KB
31 KB 223ms
81ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409050101/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9142841210062390

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

bbc51187a316109edac6f5c3cc026335254db3f1fc579b109580d4e730db8b44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 12 Sep 2024 17:31:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31262
x-xss-protection: 0
server: cafe
etag: 10897370280832292339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Sep 2024 17:31:24 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409050101/ 417 KB
140 KB 274ms
133ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9142841210062390&plah=wearedevs.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9142841210062390

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

7a6ace923c629e52825af7647240f9d504f03fff54d937098e994fece40bf126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 12 Sep 2024 17:31:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143465
x-xss-protection: 0
server: cafe
etag: 15611327115510364307
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 12 Sep 2024 17:31:24 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 119ms
37ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-120895803-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 12 Sep 2024 16:17:23 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4441
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 12 Sep 2024 18:17:23 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
204 B 43ms
38ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=107068829&t=pageview&_s=1&dl=https%3A%2F%2Fwearedevs.net%2Fd%2FJJSploit&ul=fi-fi&de=UTF-8&dt=JJSploit%20Download%20-%20WeAreDevs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1247657423&gjid=1835082818&cid=1072666213.1726162284&tid=UA-120895803-1&_gid=622977962.1726162284&_r=1&gtm=457e4990z8875665888za200zb875665888&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&jsscut=1&z=1636333020

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 12 Sep 2024 17:31:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wearedevs.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 95ms
94ms Fetch
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9142841210062390
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s05-in-f98.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 ca-pub-9142841210062390 Show response
fundingchoicesmessages.google.com/i/ 208 KB
69 KB 299ms
133ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-9142841210062390?href=https%3A%2F%2Fwearedevs.net%2Fd%2FJJSploit&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9142841210062390&plah=wearedevs.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5968887109eea66e25652d856a0e278a436491a3e893dd3b2607bcf19a3b76b5

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-B4Tw_im0gjDDxhXJBPDWMA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 12 Sep 2024 17:31:24 GMT
content-security-policy: script-src 'nonce-B4Tw_im0gjDDxhXJBPDWMA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmLw0JBiOO90h-k6EEt8fcmkAcRO6TNYg4C49eY51qlAnPTvPGsRELtrXWT1B-IlERdZDyVeZDVUuMTqCMSqPZdYTYH4_rpLrM-BeO_HS6xHgViIh-PNqZ7tbAInflw8yaykkZRfGJ-cn1dSlJlUWpJflJacllqcWlSWWhRvZGBkYmBpaKBnYBJfYAgAUhQ_WA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240905/r20110914/ Frame 8BAE 0
0 193ms
62ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240905/r20110914/zrt_lookup_fy2021.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wearedevs.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

age: 27091
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4111
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 12 Sep 2024 09:59:54 GMT
etag: 5947459844715414650
expires: Thu, 26 Sep 2024 09:59:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxVyMJRFfNx5Op7PkQa4hIoyOK8_fA918uRJoMXWWQR5ywybEcqDr-OO18gL2SrOkvT8of7MKgYzrh5Bz0yM5uygRpgBZKaBfal33QpNSzdmjnhz8QcKcyhLdzTXfKipEzzJSOguAg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 394ms
392ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVyMJRFfNx5Op7PkQa4hIoyOK8_fA918uRJoMXWWQR5ywybEcqDr-OO18gL2SrOkvT8of7MKgYzrh5Bz0yM5uygRpgBZKaBfal33QpNSzdmjnhz8QcKcyhLdzTXfKipEzzJSOguAg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI2MTYyMjg1LDE4MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93ZWFyZWRldnMubmV0L2QvSkpTcGxvaXQiLG51bGwsW1s4LCJLVnk1NUowQnJadyJdLFs5LCJmaSJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.fi.KVy55J0BrZw.es5.O/am=SDA/d=1/rs=AJlcJMwM5_mlw-QuwDCrqHkYxLmKi6abAQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

51a209f27d162ab6f2d75e83cd1f5aed68f3c202c1817bdf0b5d4994984741fe

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-RL0nw-okol1GgRJCRUWxZg' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 12 Sep 2024 17:31:25 GMT
content-security-policy: script-src 'nonce-RL0nw-okol1GgRJCRUWxZg' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw1ZBiOHnrNtNFID7vdIfpOhBLfH3JpAHETukzWIOAuPXmOdapQJz07zxrERC7a11k9QfiJREXWQ8lXmQ1VLjE6gjEqj2XWE2B-P66S6zPgXjvx0usR4FYiIfj7ame7WwCE-5MbmBS0kjKL4xPzs8rKcpMKi3JL0pLTkstTi0qSy2KNzIwMjGwNDTQMzCJLzAEACspQ5I"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame DF8D 0
0 618ms
514ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9142841210062390&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1726162285&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x1080_l%7C356x1080_r&format=0x0&url=https%3A%2F%2Fwearedevs.net%2Fd%2FJJSploit&pra=5&wgl=1&aihb=0&asro=0&ailel=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=32_25~29_18~30_19&aiixl=32_9~29_5~30_6&aslmct=0.7&asamct=0.7&aiapm=0.41421&aiapmi=0.44357&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1726162284208&bpp=6&bdt=724&idt=415&shv=r20240905&mjsv=m202409050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=3232315120260&frm=20&pv=2&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086866%2C42531645%2C44795921%2C95338228%2C95341664%2C95342032%2C95342457%2C95339860%2C95341670&oid=2&pvsid=2768297375248076&tmod=254225319&uas=0&nvt=1&fsapi=1&fc=1920&brdim=50%2C50%2C50%2C50%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=982

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wearedevs.net/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 57744
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 12 Sep 2024 17:31:25 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 60AF 0
0 674ms
579ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=1180724422&adf=50557328&pi=t.ma~as.3739798263&w=300&abgtt=6&lmt=1726162285&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fd%2FJJSploit&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1726162284208&bpp=2&bdt=725&idt=507&shv=r20240905&mjsv=m202409050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=3232315120260&frm=20&pv=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=388&ady=77&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086866%2C42531645%2C44795921%2C95338228%2C95341664%2C95342032%2C95342457%2C95339860%2C95341670&oid=2&pvsid=2768297375248076&tmod=254225319&uas=0&nvt=1&fc=1920&brdim=50%2C50%2C50%2C50%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=a!2&fsb=1&dtd=988

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wearedevs.net/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 408
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 12 Sep 2024 17:31:25 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame D5EC 0
0 580ms
486ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=2036292585&adf=3247881204&pi=t.ma~as.3739798263&w=300&abgtt=6&lmt=1726162285&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fd%2FJJSploit&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1726162284208&bpp=1&bdt=725&idt=509&shv=r20240905&mjsv=m202409050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C300x250&nras=1&correlator=3232315120260&frm=20&pv=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086866%2C42531645%2C44795921%2C95338228%2C95341664%2C95342032%2C95342457%2C95339860%2C95341670&oid=2&pvsid=2768297375248076&tmod=254225319&uas=0&nvt=1&fc=1920&brdim=50%2C50%2C50%2C50%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=3&uci=a!3&fsb=1&dtd=993

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wearedevs.net/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 410
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 12 Sep 2024 17:31:25 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 2F49 0
0 744ms
654ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=2362057675&pi=t.ma~as.3739798263&w=300&abgtt=6&lmt=1726162285&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fd%2FJJSploit&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1726162284208&bpp=1&bdt=725&idt=510&shv=r20240905&mjsv=m202409050101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C300x250%2C300x250&nras=1&correlator=3232315120260&frm=20&pv=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=912&ady=365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086866%2C42531645%2C44795921%2C95338228%2C95341664%2C95342032%2C95342457%2C95339860%2C95341670&oid=2&pvsid=2768297375248076&tmod=254225319&uas=0&nvt=1&fc=1920&brdim=50%2C50%2C50%2C50%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=4&uci=a!4&fsb=1&dtd=996

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wearedevs.net/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 409
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 12 Sep 2024 17:31:25 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 AGSKWxV1Ngdq6TzJPAgydp-7AWwPpPPTMDRPQFDp9iJcoMKf9j9uiQ80fHmWPHFmvEic_1e-1BsY1GWMJasfZZabFlgyE0NOkv5AQJN1GCY8vryYuuJ7oZ9KJ4QYUp-J99yLcm_xP9ylZA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 100ms
99ms Script
application/javascript 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV1Ngdq6TzJPAgydp-7AWwPpPPTMDRPQFDp9iJcoMKf9j9uiQ80fHmWPHFmvEic_1e-1BsY1GWMJasfZZabFlgyE0NOkv5AQJN1GCY8vryYuuJ7oZ9KJ4QYUp-J99yLcm_xP9ylZA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI2MTYyMjg1LDU4NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vd2VhcmVkZXZzLm5ldC9kL0pKU3Bsb2l0IixudWxsLFtbOCwiS1Z5NTVKMEJyWnciXSxbOSwiZmkiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

ESF /

Resource Hash

32361cd9fd61e82c25e3ccb529af41acf6c855ecc9ed21ef1b65042088f1d55d

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-qOfq9iGsZ_I8ruXaB6tIJA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 12 Sep 2024 17:31:25 GMT
content-security-policy: script-src 'nonce-qOfq9iGsZ_I8ruXaB6tIJA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmLw1JBiOHHrNtMFID7vdIfpOhBLfH3JpAXETukzWEOAuPXmOdbpQJz07zxrCRC7a11k9QfiJREXWY8kXmQ1VLjE6gzE99ddYn0OxHs_XmI9CsRCPBxvT_VsZxM48HLiViYljaT8wvjk_LySosyk0pL8orTktNTi1KKy1KJ4IwMjEwNLQwM9A5P4AkMAODVA4A"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVCHTJaZ6byVS3H6jSZ-h-1OhqB0-6O3lVIiIVCgbDQlZy21t1BBi23GjdbA61Kr9jSvzYHVojmF_zA_C1TQ7fLJf9mcn7jAvYtXXR6z8j0aANKz0n5GDh1DyBNQL2G9DXzIc2f9Q== Show response
fundingchoicesmessages.google.com/el/ 0
27 B 200ms
74ms XHR
text/html 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVCHTJaZ6byVS3H6jSZ-h-1OhqB0-6O3lVIiIVCgbDQlZy21t1BBi23GjdbA61Kr9jSvzYHVojmF_zA_C1TQ7fLJf9mcn7jAvYtXXR6z8j0aANKz0n5GDh1DyBNQL2G9DXzIc2f9Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-DEop-hp31MGZQiFy8YlWDQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

date: Thu, 12 Sep 2024 17:31:25 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-DEop-hp31MGZQiFy8YlWDQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw1JBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFeDjenurZziYw4V_vdGYll6T8wvjk_LyS1LwS3cSUYl0QuygzqbQkvwiFnVoGUpGTn56emZceb2RgZGJgaWChZ2AeX2AAAFz2Lig"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://wearedevs.net
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409050101/ 171 KB
57 KB 83ms
82ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409050101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

c9cae093f1001a665a8247bcf9ec0a5c26df53e3dd30ae5484ddefd907704bb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 12 Sep 2024 17:31:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58746
x-xss-protection: 0
server: cafe
etag: 16163093109077210048
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Sep 2024 17:31:25 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 94ms
93ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-9142841210062390&warn=13&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=true&reatf=true&a=6%2C1%2C5%2C7%2C8&apv=20240908_103418&sat=1725918322215&afm=2%2C0&as_count=2&d_count=0&ng_count=0&am_count=0&atf_count=2&mdns=0.359&alldns=0.359&allp=68&pgh=1393&abl=false&rr=n&su=wearedevs.net&pvc=2768297375248076&r=0.1&eid=44759875%2C44759926%2C44759842%2C31086866%2C42531645%2C44795921%2C95338228%2C95341664%2C95342032%2C95342457%2C95339860%2C95341670

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/d/JJSploit

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Thu, 12 Sep 2024 17:31:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240905/r20110914/ Frame 7862 0
0 0ms
0ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240905/r20110914/zrt_lookup_fy2021.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wearedevs.net/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

age: 27091
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4111
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 12 Sep 2024 09:59:54 GMT
etag: 5947459844715414650
expires: Thu, 26 Sep 2024 09:59:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 94ms
93ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=2567298258411465&num=0&dvc=2&eid=44759875%2C44759926%2C44759842%2C31086866%2C42531645%2C44795921%2C95338228%2C95341664%2C95342032%2C95342457%2C95339860%2C95341670

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/d/JJSploit

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Thu, 12 Sep 2024 17:31:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 96ms
95ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=2567298258411465&num=1&dvc=2&eid=44759875%2C44759926%2C44759842%2C31086866%2C42531645%2C44795921%2C95338228%2C95341664%2C95342032%2C95342457%2C95339860%2C95341670

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/d/JJSploit

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Thu, 12 Sep 2024 17:31:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 76ms
76ms XHR
application/json 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240905&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

8a1edfe282993ab41a6510d493ded84ed7b1faa46382b46d7f757dc9b501d76a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 12 Sep 2024 17:31:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13001
x-xss-protection: 0

GET
H3 200 favicon.ico
wearedevs.net/ 34 KB
11 KB 50ms
49ms Other
image/x-icon 172.67.71.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wearedevs.net/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.71.2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ed4cab9621bb7cff3773bbf599f14cb0f19326b8bb72a3deac9237a908b74f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://wearedevs.net/d/JJSploit
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 12 Sep 2024 17:31:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8328
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 07 Apr 2022 17:37:47 GMT
server: cloudflare
etag: W/"624f216b-86be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HVkHEXJnTyGxAUqBXCRrZ3AHVrfWzs1lbi2xXQRd1Ji8R%2BrF7xYcjN3YEciNNHgwJ1c0otqPjoFi0l2zg288UWBSHPY97WqdleWZ1mtyFfJBu2N31EbXFVQAb3kUxjk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: max-age=604800, public
cf-ray: 8c21a1944fd08d7f-HEL
expires: Thu, 19 Sep 2024 15:11:54 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 212ms
75ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 12 Sep 2024 17:31:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 12 Sep 2024 17:31:27 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2E03 0
0 74ms
67ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wearedevs.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

accept-ranges: bytes
age: 5875
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 12 Sep 2024 15:53:32 GMT
expires: Fri, 12 Sep 2025 15:53:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame EF73 0
0 211ms
75ms Document
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-RkLzz8Kgzg_gBjAHhU4VRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wearedevs.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'nonce-RkLzz8Kgzg_gBjAHhU4VRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 12 Sep 2024 17:31:27 GMT
expires: Thu, 12 Sep 2024 17:31:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240905&jk=2768297375248076&bg=!AgGlAU7NAAYJ21f7Kds7ADQBe5WfOFRNH7SjYkIJVewo01gIzNwmHQhrAgTwImpbKiBO4zGskPpI34Z2QfsuOdIvqT4mAgAAAFtSAAAABWgBB34ANcgIpkesUXksTE6i9kW0rc8bRDH7IF3jD6nzglvV5WWTcRvSFha_Et_cXu6CmidovWrTWkVEmQKtdZZsmToWpwqtLei0SLCZj0rmUVXcWvaT7q1fHaELyaD4q1j4tKJmJkonulCZe-ctNTSjprFQJuu6XKEp3mODJkcreCMa25kRSuh9QzL8CAQ02PeFMWy2ysdX9Q5g9xtZNcnexqEvMRlnY4hCI6VaZNKdiXB-EZ9EQ4_QarpH0cIJwmPu_9XA_zqCFQwHFEFbQxFqkFeQlpotEpQSdENkbsr-JNfbwVuP5S1La-CZF4JrAhlaxKus3vpqUtIh9baig355NaA1bUZWy4FmkxG4hjzyO6W2lfIXFOl233T52axQPVmuo9iN43eqoSKUrBz6Nuh57XrbRjOVQOChyEStkc84DmXy60p-yescW_Wtmig_czQ47AvCKgCdAF10HzOJ4-7bD5sHSjKydAcoBjximo5hGvzWM7MBZOHIyeya1XC7TnL4Zgq8xRdrkfesN5Yljq52Z6x9cb6C1YCWrt-nSXfE8op8kRlZOPDfYKmS7v_9SH_P8OtepVgX_dHUw3Hf8JU0ujRJGKQUrZmsjiLZjqTzqpAmkTevnkEiOqrHV4sezCbZ8nWfP0g_DuaQH9oDUojXgHvrHdcosGxeX85GYUgowF6s5wsmfiaCnE_b8sNyAeq9kJwe94I3NeTafov7DzXAENLF0BHp5ERVZNsVsUwgfeda1YwRBszv8Pob7Y2-BX-XinrAXS83Y0vdQCZOmJWixLnvpZxmC8P6rK8fnZwaeINa6bg-gVhZ-Z_xXEyQ2Lp88Fem9eJXierdfISxy_ZyYATNdyttcOQN5zdYySg4Q0kY00oejLkKleDuB7A07hHEZjeKDtgFExRFzGWMGXwwJdMJC9Jr3yFMbaCXzbX7DtqdsSsrDhnV0whftKgkvIiAJxSqO8vYQEwp3PgLHUebjJeDFGIVywmBlw

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 23:29:23	Name: test_cookie Value: CheckForPermission
.wearedevs.net/	1970-01-21 09:05:22	Name: _ga Value: GA1.2.1072666213.1726162284
.wearedevs.net/	1970-01-20 23:30:48	Name: _gid Value: GA1.2.622977962.1726162284
.wearedevs.net/	1970-01-20 23:29:22	Name: _gat_gtag_UA_120895803_1 Value: 1
.wearedevs.net/	1970-01-21 08:50:58	Name: __gads Value: ID=4c0c9ddc183ca673:T=1726162285:RT=1726162285:S=ALNI_MZCnQ8ZZAzFj_faw24ani7TzK83vQ
.wearedevs.net/	1970-01-21 08:50:58	Name: __gpi Value: UID=00000ee8edc16c4a:T=1726162285:RT=1726162285:S=ALNI_MYI3w_RQPglnKoWEf1lHjcJTd9n6A
.wearedevs.net/	1970-01-21 03:48:34	Name: __eoi Value: ID=84937ebe04535544:T=1726162285:RT=1726162285:S=AA-AfjZEJm_KQZPX8awftCsaw3_F
.wearedevs.net/	1970-01-21 09:05:22	Name: _ga_46VWDGRLXJ Value: GS1.1.1726162284.1.0.1726162286.58.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.cloudflare.com
analytics.google.com
cdn.wearedevs.net
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
stats.g.doubleclick.net
td.doubleclick.net
tpc.googlesyndication.com
wearedevs.net
www.google-analytics.com
www.google.com
www.google.ru
www.googletagmanager.com
pagead2.googlesyndication.com
104.17.72.14
142.250.184.196
142.250.184.206
142.250.186.34
142.250.186.35
172.217.18.98
172.67.71.2
2001:4860:4802:34::178
2001:4860:4802:38::181
2a00:1450:4001:806::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c1d::9b
3015332992d57572ec64033daf9045a206e1f75088ecb9b947287da9bfa085d7
31e248ed6cd44cb5c7e685875d67e6bd869de6dbebbc76b57f3b6aba24d81526
32361cd9fd61e82c25e3ccb529af41acf6c855ecc9ed21ef1b65042088f1d55d
3619c1468e207e66ec8d47fc1a4776c27a20f383cf28f5650f594a026f12da79
3dc5d0c52428fe1696264907a1054ebbaac07f8cbe45832c105f819c2ae397c0
4da3cc62e027a011d77ee203f1a23267190607c5b156a09291d210569cdb00c9
50167a7cfbd958c574d400a13c1a139851f032feeeba690c65010a97ef2ae7e2
51a209f27d162ab6f2d75e83cd1f5aed68f3c202c1817bdf0b5d4994984741fe
5968887109eea66e25652d856a0e278a436491a3e893dd3b2607bcf19a3b76b5
5c549751ee31fec69cb95f0a10aa98e4ccc345bf73b2f448490a22693644aa28
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
643e38d8c288a1da34a14a68a5012441929108d50054414ce8cc33fad36a2354
6b2e044c462b8b00dfb05d77740f8b8f2a90ce00e2e5ccf621eac288608c0649
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7a6ace923c629e52825af7647240f9d504f03fff54d937098e994fece40bf126
8493f134565a17a00ad34ff63f2ab2b6181815410dc760ada300ac283fc9aa55
8a1edfe282993ab41a6510d493ded84ed7b1faa46382b46d7f757dc9b501d76a
9c8768746841a59a87bc5a201507117e01f14e08ae7a6be15e7b5942f188c59e
9ed4cab9621bb7cff3773bbf599f14cb0f19326b8bb72a3deac9237a908b74f4
aed3dfb561c6e2bf9e7895443d5191147c13e7e28e39a553f2df1b71eca56784
b5c53eb36d3fc594b026f32be00e0bdd0a644b2fe373da016296e4f738c888a1
bbc51187a316109edac6f5c3cc026335254db3f1fc579b109580d4e730db8b44
c8f5d41f44a0626789da3a19b6bc4d6099e67bbcdc2ab5194c04287e90fb38e8
c9cae093f1001a665a8247bcf9ec0a5c26df53e3dd30ae5484ddefd907704bb8
d68cff194f536c86c2df5e8bff6bb495c173fc721d2b0db7bff36699b28f24a7
dbe43f9fa869f9259daef08f1f3dc86fb992c63e602b4310ec523d0351d5eb2b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e577bada78d72cb4afc5d94fa5ce0f34007ae197dc957bbf64f176724af48f8a
ee6493ac0cfb3867597a680a56af212bfde8f2b982d38273aef985402ba771ce
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

wearedevs.net Open in urlscan Pro 172.67.71.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

47 Requests

98 %HTTPS

56 %IPv6

10 Domains

16 Subdomains

17 IPs

4 Countries

626 kBTransfer

1756 kBSize

8 Cookies

9 Outgoing links

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

wearedevs.net Open in urlscan Pro
172.67.71.2 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

98 %
HTTPS

56 %
IPv6

10
Domains

16
Subdomains

17
IPs

4
Countries

626 kB
Transfer

1756 kB
Size

8
Cookies

47 HTTP transactions
0 data transactions