urlscan.io logo urlscan.io
SecurityTrails logo

www.six9ja.com Open in urlscan Pro
45.93.125.48  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://alerts.brand24.com/result/open/?id=55972912118&h=310aa714358aac9bd01c66c37047aaf690eee8ea&source=email&email=WG7Opx...
Effective URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Submission: On April 01 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 5 countries across 22 domains to perform 155 HTTP transactions. The main IP is 45.93.125.48, located in Germany and belongs to AS-HOSTINGER, CY. The main domain is www.six9ja.com.
TLS certificate: Issued by R3 on March 22nd 2021. Valid for: 3 months.
This is the only time www.six9ja.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.36.169.152 57367 (ECO-ATMAN...)
1 1 46.248.167.111 47544 (IQPL-AS)
1 7 45.93.125.48 47583 (AS-HOSTINGER)
1 2a00:1450:400... 15169 (GOOGLE)
37 2a00:1450:400... 15169 (GOOGLE)
2 2a04:fa87:fff... 2635 (AUTOMATTIC)
17 192.0.77.2 2635 (AUTOMATTIC)
2 151.139.242.29 33438 (HIGHWINDS2)
2 192.0.77.37 2635 (AUTOMATTIC)
3 192.0.66.24 2635 (AUTOMATTIC)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a03:2880:f21... 32934 (FACEBOOK)
1 2 2a03:2880:f21... 32934 (FACEBOOK)
1 142.250.186.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
50 2a00:1450:400... 15169 (GOOGLE)
5 8 2a00:1450:400... 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
1 1 18.196.98.222 16509 (AMAZON-02)
6 142.250.186.34 15169 (GOOGLE)
2 2 35.227.252.103 15169 (GOOGLE)
2 2 185.64.190.78 62713 (AS-PUBMATIC)
1 1 69.173.144.139 26667 (RUBICONPR...)
2 2 184.30.24.241 16625 (AKAMAI-AS)
1 2a05:d01c:1d8... 16509 (AMAZON-02)
1 142.250.185.98 15169 (GOOGLE)
11 2a00:1450:401... 15169 (GOOGLE)
155 22
1    185.36.169.152 (Poland)

ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL)
PTR: web43.mydevil.net
alerts.brand24.com
1    46.248.167.111 (Gdansk, Poland)

ASN47544 (IQPL-AS, PL)
app.brand24.com
7    45.93.125.48 (Germany)

ASN47583 (AS-HOSTINGER, CY)
www.six9ja.com
1    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
37    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
adservice.google.de
2    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
17    192.0.77.2 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com
i1.wp.com
i2.wp.com
i0.wp.com
2    151.139.242.29 (United States)

ASN33438 (HIGHWINDS2, US)
images.dmca.com
2    192.0.77.37 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
c0.wp.com
3    192.0.66.24 (United States)

ASN2635 (AUTOMATTIC, US)
metro.co.uk
1    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a03:2880:f21c:81c4:face:b00c:0:43fe (United States)

ASN32934 (FACEBOOK, US)
platform.instagram.com
2    2a03:2880:f21c:81e5:face:b00c:0:4420 (United States)

ASN32934 (FACEBOOK, US)
www.instagram.com
1    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
6    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
50    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
8    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    18.196.98.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-98-222.eu-central-1.compute.amazonaws.com
d.agkn.com
6    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    184.30.24.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-241.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
1    2a05:d01c:1d8:8100:1c45:c4d6:f2b8:9306 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
1    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
securepubads.g.doubleclick.net
11    2a00:1450:4019:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)
csi.gstatic.com
Domain Requested by
50 tpc.googlesyndication.com www.six9ja.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
22 googleads.g.doubleclick.net pagead2.googlesyndication.com
www.six9ja.com
googleads.g.doubleclick.net
14 pagead2.googlesyndication.com www.six9ja.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
11 csi.gstatic.com securepubads.g.doubleclick.net
8 www.google.com 5 redirects googleads.g.doubleclick.net
7 i2.wp.com www.six9ja.com
7 www.six9ja.com 1 redirects www.six9ja.com
6 cm.g.doubleclick.net googleads.g.doubleclick.net
www.six9ja.com
6 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
6 i0.wp.com www.six9ja.com
4 i1.wp.com www.six9ja.com
3 metro.co.uk www.six9ja.com
2 ssum-sec.casalemedia.com 2 redirects
2 image6.pubmatic.com 2 redirects
2 rtb.openx.net 2 redirects
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 www.instagram.com 1 redirects www.six9ja.com
2 c0.wp.com www.six9ja.com
2 images.dmca.com www.six9ja.com
2 secure.gravatar.com www.six9ja.com
2 www.google-analytics.com www.six9ja.com
www.google-analytics.com
1 securepubads.g.doubleclick.net googleads.g.doubleclick.net
1 ag.innovid.com googleads.g.doubleclick.net
1 pixel.rubiconproject.com 1 redirects
1 d.agkn.com 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 platform.instagram.com 1 redirects
1 app.brand24.com 1 redirects
1 alerts.brand24.com 1 redirects
155 31
Subject Issuer Validity Valid
six9ja.com
R3		 2021-03-22 -
2021-06-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-11-16		 2 years crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
images.dmca.com
Go Daddy Secure Certificate Authority - G2		 2020-03-13 -
2022-04-04		 2 years crt.sh
metro.co.uk
R3		 2021-03-29 -
2021-06-27		 3 months crt.sh
*.www.instagram.com
DigiCert SHA2 High Assurance Server CA		 2021-03-03 -
2021-06-01		 3 months crt.sh
*.googleadservices.com
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.innovid.com
RapidSSL RSA CA 2018		 2020-02-07 -
2022-04-07		 2 years crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh

This page contains 23 frames:

Primary Page: https://www.six9ja.com/biwom-ft-skales-jeje/
Frame ID: FD55A3AC6790F1C77A693B73A6A481F8
Requests: 49 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210329/r20190131/zrt_lookup.html
Frame ID: 2B63D7D1D77B09E103CDAA726CB12147
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&slotname=6837408304&adk=1360150036&adf=2948748179&pi=t.ma~as.6837408304&w=944&fwrn=4&fwrnh=100&lmt=1617294242&rafmt=1&psa=0&format=944x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617294242846&bpp=34&bdt=791&idt=124&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5725826493251&frm=20&pv=2&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=6argjYLcWQ&p=https%3A//www.six9ja.com&dtd=165
Frame ID: 9C193CB04EBA79FEBE3DCA02A3ACDA4E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&slotname=6837408304&adk=294907757&adf=3345755364&pi=t.ma~as.6837408304&w=540&fwrn=4&fwrnh=100&lmt=1617294243&rafmt=1&psa=0&format=540x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617294242880&bpp=8&bdt=824&idt=154&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=944x280&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=380&ady=1458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Kpy6BsD6hM&p=https%3A//www.six9ja.com&dtd=160
Frame ID: B29294DBBEA3FB2A6C9565E5CF05E294
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&adk=3302272930&adf=2013597281&lmt=1617294243&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&ea=0&flash=0&pra=7&wgl=1&dt=1617294242924&bpp=1&bdt=868&idt=122&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=944x280%2C540x280&nras=1&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=132
Frame ID: A15B132DBCE62C9A341E5CF8DCED21FC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&adk=1818760845&adf=948552605&pi=t.aa~a.2550409821~rp.4&w=944&fwrn=4&fwrnh=100&lmt=1617294243&rafmt=1&to=qs&pwprc=2532564415&psa=0&format=944x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617294243245&bpp=2&bdt=1189&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0&nras=2&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=2566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=4fm2NrDDDL&p=https%3A//www.six9ja.com&dtd=23
Frame ID: F2E3B46FE01B4053C966BAFB7E23C011
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=123&adk=1489707140&adf=670491075&pi=t.aa~a.4190803023~rp.4&w=290&lmt=1617294243&nsk=16cf3da6&rafmt=11&pwprc=2532564415&psa=0&ad_type=text_image&format=290x123&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617294243245&bpp=1&bdt=1189&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0%2C944x280&nras=3&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Gove1c5gKU&p=https%3A//www.six9ja.com&dtd=28
Frame ID: C0D235C3C874A0AD7137F7DDE535133F
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=123&adk=1489707140&adf=2211370454&pi=t.aa~a.3457073377~rp.4&w=290&lmt=1617294243&nsk=27250076&rafmt=11&pwprc=2532564415&psa=0&ad_type=text_image&format=290x123&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617294243245&bpp=1&bdt=1189&idt=1&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0%2C944x280%2C290x123&nras=4&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=1352&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=y1CWDZxXdb&p=https%3A//www.six9ja.com&dtd=32
Frame ID: 216A2F7976685A492AFDC12D9BA25999
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/970x250_Crypto3_CYSEC.html
Frame ID: B4129D31DB953F05DCA85F85E60D71BA
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C2IRgo_NlYKzsAZqU3wPDrqeoBK_Yg_VhodLL89cN-p3coNQBEAEgxtrJeWCViriCyAegAercgNECyAEJqQKjocIRi1upPqgDAcgDSKoEwQFP0NNNNLuPrfm9LV9f_Poirn-S9jzhLUqamp3-p_qdXosSOK3pepCoP_um5KfRWslpPpVykS2c395HIyqrmiDnI93lYR2sFajzUNu-5NehqVsNYoZhaorBD8LYHOvqSgwTDflVQr61UxHj40IFfmexOmuHhs2om8tkb7XWKztm5xEsL_lHXre_Ydb7eGyk1geXlCWlLqO7PmcSaLycVoZDZKyRrAx56JtE6YTUkuGazyzaiHbirzm0ekvukC-4edlswATYjcSetAOSBQQIBBgBkgUECAUYBKAGLoAH_qL_rgGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQy-4Y0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshcaChgIABIUcHViLTU3MzUxMjg3OTg1MTI2NjE&sigh=506FAiV3FrU&template_id=419&tpd=AGWhJmu8a6E5JCeSqMLx7ErGVfdzzR1GRs_k_ojSw4BBqgo3nA
Frame ID: 08B6A010539F479ACF7AC28763F62E68
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: C784862ED9C5659E5251E81A08485B4E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9466DA24ABA312CD60A4A95B76522B72
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 3091AEE07B1C2B7A4F49B8B3C2E58A07
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 3604B7AE742723B0CFF6B24E0B3D38B3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15932177755558868945/index.html
Frame ID: BE1AD4F1A5F2E0974FC5CF6503E09CC1
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CIRC2o_NlYKe4Eo703wO57ZPgBJG-7Jte_cG6zYQKurW2mN8QEAEgxtrJeWCViriCyAegAYfoq_QCyAEJqQIoBIlxJ7CzPqgDAcgDSKoE0wFP0GZDRsA78SQHTnzwx4qsRHf6j4qPjbNiQtMvS213DRKKTUBfO6wILaMMV2W9C0oOp0yTgryQ8ugDtGhBfHd9bGRecYuvxo2LHmRGIwckoY_T7hvhWg205-hmnh2s8hiDt1Z7xYCCc9BdXVQe7iMp-m3T_oY3uCsMghWBw5DBMd-spErnblEkbJ9CDLI6oU0t3rpoEDM2LbjsTzaE6YJ6VPGLxakWL-gszrdTXC_iLdWjlKCXOmjT_ONNLllAsJUFy4k1i5cuN0-6jsla_vOHGgdXwASQ_Zq5pAKSBQQIBBgBkgUECAUYBKAGLoAH4JbTiwGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ5skI0ggJCIDhgBAQARgfgAoByAsB2BMMshcaChgIABIUcHViLTU3MzUxMjg3OTg1MTI2NjE&sigh=VJW6EIsX0Gc&template_id=419&tpd=AGWhJmu7Q6EzkUl6B8r_CQfknBaXFXeydNWeVc7XtgI3QZ_NRA
Frame ID: CDBE864CBDCD6AED3748E0E465B9F3F6
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: D5C1A8DE56C8079DC76A410BBE453F64
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/970x250_Crypto3_CYSEC.html
Frame ID: 0BCAB29581A86ADF13667EE8A26CF092
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CF8YFo_NlYM2_EcCKjuwP4Le7wA2v2IP1YaHSy_PXDfqd3KDUARABIMbayXlglYq4gsgHoAHq3IDRAsgBCakCsTt4pfpeqT6oAwHIA0iqBMQBT9Ar_yxr_5kSP_iE29VegwiQo6p13DK0Yv9QB_8z-4uPT9FVYjgJdfzKG3p5qquVTwVfTaJHkr05UOsxG2omXJ_99FIExacUFOtakKMoeYXHty22KwEqAZaRift1ez7pdamwjH_IQrdxlyvwAUcwHVE3DKOkSm6gjZmD6-CRHLEvzV-g-eigdQP8Am5nx-bgih3lvZeVflBMFD5es4EQWulAvbj3e1pr9Eg4HCB8uSexTCPlD9fwHzqwZhlFmKF3czBN5MAE2I3EnrQDkgUECAQYAZIFBAgFGASgBi6AB_6i_64BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEENLPDdIICQiA4YAQEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi01NzM1MTI4Nzk4NTEyNjYx&sigh=bWAAImL_Ya8&template_id=419&tpd=AGWhJmvzvKOODbyprh3KfAUB5_USB0RKiDWXanUKdYDcV4VT5w
Frame ID: 324A102C6A5FF652D510A723A58C490F
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js
Frame ID: 9E9E70CC8FD9658999C3B6B52D05789E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 8A5BC4E436A1F07BF0EE80866723DA4C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js
Frame ID: BB5CEA648B97FE1591A7F8556C713DF8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 5C53E6F5BC359A34B3BB7DDC89880EB8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://alerts.brand24.com/result/open/?id=55972912118&h=310aa714358aac9bd01c66c37047aaf690eee8ea&sourc... HTTP 302
    https://app.brand24.com/result/open/?id=55972912118&h=310aa714358aac9bd01c66c37047aaf690eee8ea&sourc... HTTP 301
    https://www.six9ja.com/biwom-ft-skales-jeje HTTP 301
    https://www.six9ja.com/biwom-ft-skales-jeje/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i

Page Statistics

155
Requests

100 %
HTTPS

48 %
IPv6

22
Domains

31
Subdomains

22
IPs

5
Countries

1498 kB
Transfer

5433 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://alerts.brand24.com/result/open/?id=55972912118&h=310aa714358aac9bd01c66c37047aaf690eee8ea&source=email&email=WG7OpxyE6VOPHUCjjtHy9XqS7AX8Iqu3LWMp3sJCMuOm6f3Bmp26GJJmsQL7onW-&utm_medium=email&utm_source=daily_report&utm_content=mention_title HTTP 302
    https://app.brand24.com/result/open/?id=55972912118&h=310aa714358aac9bd01c66c37047aaf690eee8ea&source=email&email=WG7OpxyE6VOPHUCjjtHy9XqS7AX8Iqu3LWMp3sJCMuOm6f3Bmp26GJJmsQL7onW-&utm_medium=email&utm_source=daily_report&utm_content=mention_title HTTP 301
    https://www.six9ja.com/biwom-ft-skales-jeje HTTP 301
    https://www.six9ja.com/biwom-ft-skales-jeje/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37
  • https://platform.instagram.com/en_US/embeds.js HTTP 301
  • https://www.instagram.com/embed.js HTTP 302
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
Request Chain 92
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 97
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEGBeNYvHW-6oLHgM25GFoZo&google_cver=1&google_push=AQvitUL2t1OskYnIYY6J4WK-95MpjtI8qV_vyJO6sRP_aHdqRkQqU_dCgcmZN6DjsUjbOGUtgpfeH96-nPAnHFIMWDlPtXdObos HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=akneustar_dmp&google_cm&google_hm=Q0FFU0VHQmVOWXZIVy02b0xIZ00yNUdGb1pv
Request Chain 98
  • https://rtb.openx.net/sync/dds?google_gid=CAESEA8YYISzfzQfMzDircE1upQ&google_cver=1&google_push=AQvitUJGS90hSr6fSsKukgURI_RbAo8ONOModV_upzNZzS54Kuq5bg-yXOsXB4q1H8PfFalP0IbJOpcObKZ5Jx6VjJQxIBdP8Q HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESEA8YYISzfzQfMzDircE1upQ&google_cver=1&google_push=AQvitUJGS90hSr6fSsKukgURI_RbAo8ONOModV_upzNZzS54Kuq5bg-yXOsXB4q1H8PfFalP0IbJOpcObKZ5Jx6VjJQxIBdP8Q&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJGS90hSr6fSsKukgURI_RbAo8ONOModV_upzNZzS54Kuq5bg-yXOsXB4q1H8PfFalP0IbJOpcObKZ5Jx6VjJQxIBdP8Q&google_hm=fqKhx6LKw1kTRatdKlAqZQ==
Request Chain 99
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPplJxNul82KTznlUVga8iw&google_cver=1&google_push=AQvitUKEXam4ygfpA7_ED9tpLxXA6OlCsphMffNLemCM01yNmctyCfQrCVCFPBEUe_1yqV9dVXcxlNCppIypf3Z-jiMHbX-62O0 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPplJxNul82KTznlUVga8iw&google_cver=1&google_push=AQvitUKEXam4ygfpA7_ED9tpLxXA6OlCsphMffNLemCM01yNmctyCfQrCVCFPBEUe_1yqV9dVXcxlNCppIypf3Z-jiMHbX-62O0&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ftsd3lXaS1eGDWZ7yr8jLg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKEXam4ygfpA7_ED9tpLxXA6OlCsphMffNLemCM01yNmctyCfQrCVCFPBEUe_1yqV9dVXcxlNCppIypf3Z-jiMHbX-62O0
Request Chain 100
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEI436pnoh8fLTdUT0O_EXz0&google_cver=1&google_push=AQvitUIJuskteh0Mter-lNQrKELEZkIgfWDdd0Kc8pP0H5ZpkGJfjiU7dCD6os60QPj2g4HJODAUEm7_7XLci-s7lPIu1cdsdA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01aMzhIS0wtMU4tSTRIOA==&google_push=AQvitUIJuskteh0Mter-lNQrKELEZkIgfWDdd0Kc8pP0H5ZpkGJfjiU7dCD6os60QPj2g4HJODAUEm7_7XLci-s7lPIu1cdsdA
Request Chain 101
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENJfkvwZnn_4HhPHMZG1Jxk&google_cver=1&google_push=AQvitUIfdrf___GLaNBEs4N4g-rmO8xDxzrwOv67VitZLV1uCMA5tFVCImBz35RiorHblTjm2j_KFGwN9CwxdWauqhVdxzHSMg4 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENJfkvwZnn_4HhPHMZG1Jxk&google_push=AQvitUIfdrf___GLaNBEs4N4g-rmO8xDxzrwOv67VitZLV1uCMA5tFVCImBz35RiorHblTjm2j_KFGwN9CwxdWauqhVdxzHSMg4&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YGXzpAAUL0Yq53UQPRDDdwAABKYAAAAB&google_push=AQvitUIfdrf___GLaNBEs4N4g-rmO8xDxzrwOv67VitZLV1uCMA5tFVCImBz35RiorHblTjm2j_KFGwN9CwxdWauqhVdxzHSMg4&google_cver=1&google_gid=CAESENJfkvwZnn_4HhPHMZG1Jxk
Request Chain 114
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 116
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 136
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 141
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

155 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.six9ja.com/biwom-ft-skales-jeje/
Redirect Chain
  • https://alerts.brand24.com/result/open/?id=55972912118&h=310aa714358aac9bd01c66c37047aaf690eee8ea&source=email&email=WG7OpxyE6VOPHUCjjtHy9XqS7AX8Iqu3LWMp3sJCMuOm6f3Bmp26GJJmsQL7onW-&utm_medium=emai...
  • https://app.brand24.com/result/open/?id=55972912118&h=310aa714358aac9bd01c66c37047aaf690eee8ea&source=email&email=WG7OpxyE6VOPHUCjjtHy9XqS7AX8Iqu3LWMp3sJCMuOm6f3Bmp26GJJmsQL7onW-&utm_medium=email&u...
  • https://www.six9ja.com/biwom-ft-skales-jeje
  • https://www.six9ja.com/biwom-ft-skales-jeje/
52 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
45.93.125.48 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/7.4.11
Resource Hash
8524acfa6fed131b8a58e0e575e95a9cc3bbbb89b68da2d787451a41d80ddd72
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

:method
GET
:authority
www.six9ja.com
:scheme
https
:path
/biwom-ft-skales-jeje/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by
PHP/7.4.11
content-type
text/html; charset=UTF-8
x-pingback
https://www.six9ja.com/xmlrpc.php
link
<https://www.six9ja.com/wp-json/>; rel="https://api.w.org/" <https://www.six9ja.com/wp-json/wp/v2/posts/36634>; rel="alternate"; type="application/json" <https://www.six9ja.com/?p=36634>; rel=shortlink
content-encoding
br
vary
Accept-Encoding
date
Thu, 01 Apr 2021 16:24:02 GMT
server
LiteSpeed
content-security-policy
upgrade-insecure-requests

Redirect headers

x-powered-by
PHP/7.4.11
content-type
text/html; charset=UTF-8
x-pingback
https://www.six9ja.com/xmlrpc.php
x-redirect-by
WordPress
location
https://www.six9ja.com/biwom-ft-skales-jeje/
content-length
0
date
Thu, 01 Apr 2021 16:24:01 GMT
server
LiteSpeed
content-security-policy
upgrade-insecure-requests
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
style.css
www.six9ja.com/wp-content/themes/six9ja/css/ 		396 KB
64 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.six9ja.com/wp-content/themes/six9ja/css/style.css
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
45.93.125.48 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
30bcdfeca28c11917d55c6fe13e3463ab3f1588939ac14f46bd4cdaed2b80689
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.six9ja.com/biwom-ft-skales-jeje/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:24:02 GMT
content-encoding
br
last-modified
Sun, 13 Sep 2020 22:57:14 GMT
server
LiteSpeed
etag
"6311d-5f5ea3ca-81c2c35b89d0323;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
65151
expires
Thu, 08 Apr 2021 16:24:02 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.six9ja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
535
date
Thu, 01 Apr 2021 16:15:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Thu, 01 Apr 2021 18:15:07 GMT
logo.svg
www.six9ja.com/ 		40 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.six9ja.com/logo.svg
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
45.93.125.48 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7c207e04d129700834b60ba280b807a50abde8f92aa41d56625b71d12a452b0a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.six9ja.com/biwom-ft-skales-jeje/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:24:02 GMT
content-encoding
br
last-modified
Mon, 14 Sep 2020 15:19:51 GMT
server
LiteSpeed
etag
"9f92-5f5f8a17-86449d93dd732d77;br"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
30554
expires
Thu, 08 Apr 2021 16:24:02 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		133 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87f8949474cd91befeb181b57d5a23ed43de14241d24de3f671b36eedb7c4d32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.six9ja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:24:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47705
x-xss-protection
0
server
cafe
etag
5069928187734612852
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 01 Apr 2021 16:24:02 GMT
/
secure.gravatar.com/avatar/ 		983 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/?s=40&d=mm&r=g?
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
fe72e710fa08ea724842080b779a946a2ef297a1337c14e53423fc53269fe98f

Request headers

Referer
https://www.six9ja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Thu, 01 Apr 2021 16:24:02 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="none.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/?s=40&d=mm&r=g?>; rel="canonical"
content-length
983
expires
Thu, 01 Apr 2021 16:29:02 GMT
Biwom-ft-Skales-Jeje.jpg
i1.wp.com/www.six9ja.com/wp-content/uploads/2021/03/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/www.six9ja.com/wp-content/uploads/2021/03/Biwom-ft-Skales-Jeje.jpg?fit=350%2C230&ssl=1
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
0e478163739cb83e1824b04ec47007afc3472f6d695ee5f3e673f6b0ff6bff8d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.six9ja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
MISS hhn 3
date
Thu, 01 Apr 2021 16:24:02 GMT
x-content-type-options
nosniff
last-modified
Thu, 01 Apr 2021 16:24:02 GMT
server
nginx
etag
"90aab78dd26d4ff2"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.six9ja.com/wp-content/uploads/2021/03/Biwom-ft-Skales-Jeje.jpg>; rel="canonical"
content-length
6618
expires
Sun, 02 Apr 2023 04:24:02 GMT
20210331150857_1454992171_3188980518771136133_320_320_75_webp.jpg
i1.wp.com/www.six9ja.com/wp-content/uploads/2021/03/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/www.six9ja.com/wp-content/uploads/2021/03/20210331150857_1454992171_3188980518771136133_320_320_75_webp.jpg?resize=150%2C150&ssl=1
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
5447c58d256bdad7e05a7b9a29b4321797875b6fbca9285cdc5f313055ea4695
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.six9ja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Thu, 01 Apr 2021 16:24:02 GMT
x-content-type-options
nosniff
last-modified
Thu, 01 Apr 2021 04:40:40 GMT
server
nginx
etag
"a845fc08c609bb63"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.six9ja.com/wp-content/uploads/2021/03/20210331150857_1454992171_3188980518771136133_320_320_75_webp.jpg>; rel="canonical"
content-length
5150
expires
Sat, 01 Apr 2023 16:40:40 GMT
20210331080753_1555693208_5028332014292964115_320_213_75_webp.jpg
i2.wp.com/www.six9ja.com/wp-content/uploads/2021/03/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/www.six9ja.com/wp-content/uploads/2021/03/20210331080753_1555693208_5028332014292964115_320_213_75_webp.jpg?resize=150%2C150&ssl=1
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
1772d8068cd4a6eb158e9a594a8cd36ed2d1e431e02fb89329b78674d5e24f5d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.six9ja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Thu, 01 Apr 2021 16:24:02 GMT
x-content-type-options
nosniff
last-modified
Thu, 01 Apr 2021 04:40:40 GMT
server
nginx
etag
"39e2d430135cfc5c"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.six9ja.com/wp-content/uploads/2021/03/20210331080753_1555693208_5028332014292964115_320_213_75_webp.jpg>; rel="canonical"
content-length
4342
expires
Sat, 01 Apr 2023 16:40:40 GMT
20210331150642_-792873839_5677712446058424051_480_808_80_webp.jpg
i1.wp.com/www.six9ja.com/wp-content/uploads/2021/03/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/www.six9ja.com/wp-content/uploads/2021/03/20210331150642_-792873839_5677712446058424051_480_808_80_webp.jpg?resize=150%2C150&ssl=1
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
86e32c9744cda0851f4d4058fb9456377df7aca82b8fe5362a90569bd6b0181d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.six9ja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Thu, 01 Apr 2021 16:24:02 GMT
x-content-type-options
nosniff
last-modified
Wed, 31 Mar 2021 19:58:14 GMT
server
nginx
etag
"939d6dfa3f972653"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.six9ja.com/wp-content/uploads/2021/03/20210331150642_-792873839_5677712446058424051_480_808_80_webp.jpg>; rel="canonical"
content-length
5216
expires
Sat, 01 Apr 2023 07:58:14 GMT
0d69bc407231e0b2d98c439cc4ceb8de.jpg
i0.wp.com/www.six9ja.com/wp-content/uploads/2021/03/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.six9ja.com/wp-content/uploads/2021/03/0d69bc407231e0b2d98c439cc4ceb8de.jpg?resize=150%2C150&ssl=1
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
dd4811a3c25a19829a79400d6b25cef019ceb6bed8ceddc2f5ba320ff576aa94
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.six9ja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Thu, 01 Apr 2021 16:24:02 GMT
x-content-type-options
nosniff
last-modified
Wed, 31 Mar 2021 19:41:23 GMT
server
nginx
etag
"fc0e0e3c4427e14f"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.six9ja.com/wp-content/uploads/2021/03/0d69bc407231e0b2d98c439cc4ceb8de.jpg>; rel="canonical"
content-length
4518
expires
Sat, 01 Apr 2023 07:41:23 GMT
20210331152957_-1544291910_1577684522503773866_480_529_80_webp.jpg
i0.wp.com/www.six9ja.com/wp-content/uploads/2021/03/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.six9ja.com/wp-content/uploads/2021/03/20210331152957_-1544291910_1577684522503773866_480_529_80_webp.jpg?resize=150%2C150&ssl=1
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
4fe4c531ad07f47424e59d53aa3de2aaa74016f28b67fe5b42f15fb5656f2f5d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.six9ja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Thu, 01 Apr 2021 16:24:02 GMT
x-content-type-options
nosniff
last-modified
Wed, 31 Mar 2021 20:34:53 GMT
server
nginx
etag
"3defc5fc977fd488"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.six9ja.com/wp-content/uploads/2021/03/20210331152957_-1544291910_1577684522503773866_480_529_80_webp.jpg>; rel="canonical"
content-length
6938
expires
Sat, 01 Apr 2023 08:34:53 GMT
02261abf9e8a0e01073fd7ac4c798979.jpg
i2.wp.com/www.six9ja.com/wp-content/uploads/2021/03/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/www.six9ja.com/wp-content/uploads/2021/03/02261abf9e8a0e01073fd7ac4c798979.jpg?resize=150%2C150&ssl=1
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
ac5146f7b88a90b462afbd3a689ec439b49751b4246035c9a3e661b1a46aa1a9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.six9ja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Thu, 01 Apr 2021 16:24:02 GMT
x-content-type-options
nosniff
last-modified
Wed, 31 Mar 2021 06:31:59 GMT
server
nginx
etag
"924ebf6622e398fa"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.six9ja.com/wp-content/uploads/2021/03/02261abf9e8a0e01073fd7ac4c798979.jpg>; rel="canonical"
content-length
5786
expires
Fri, 31 Mar 2023 18:31:59 GMT
Mp3-Download-1.jpg
i0.wp.com/www.six9ja.com/wp-content/uploads/2020/12/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.six9ja.com/wp-content/uploads/2020/12/Mp3-Download-1.jpg?resize=150%2C150&ssl=1?quality=90&strip=all&crop=1317px%2C0px%2C947px%2C1261px&resize=315%2C420&zoom=1&ssl=1
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
e8e8e378320ab484ce019771e2bcf33333e07e8c18273ca91296496827a2024f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.six9ja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Thu, 01 Apr 2021 16:24:02 GMT
x-content-type-options
nosniff
last-modified
Mon, 01 Feb 2021 06:19:24 GMT
server
nginx
etag
"b8c222b93b88a6ef"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.six9ja.com/wp-content/uploads/2020/12/Mp3-Download-1.jpg>; rel="canonical"
content-length
14638
expires
Wed, 01 Feb 2023 18:19:24 GMT
Lawrenzo_Ft_Zinoleesky_-_Aradugbo.jpg
i2.wp.com/www.six9ja.com/wp-content/uploads/2021/03/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/www.six9ja.com/wp-content/uploads/2021/03/Lawrenzo_Ft_Zinoleesky_-_Aradugbo.jpg?resize=150%2C150&ssl=1?quality=90&strip=all&crop=1317px%2C0px%2C947px%2C1261px&resize=315%2C420&zoom=1&ssl=1
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
895f1ced1e3a52178396e7b7b53815574c73553fb39b55ed08cc7cf6e47b49ab
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.six9ja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Thu, 01 Apr 2021 16:24:02 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Mar 2021 05:58:08 GMT
server
nginx
etag
"0315d175749f8328"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.six9ja.com/wp-content/uploads/2021/03/Lawrenzo_Ft_Zinoleesky_-_Aradugbo.jpg>; rel="canonical"
content-length
12954
expires
Sun, 26 Mar 2023 17:58:08 GMT
Wizkid-%E2%80%93-E-Don-Spoil-Ft-Bella-Shmurda.jpg
i0.wp.com/www.six9ja.com/wp-content/uploads/2021/03/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.six9ja.com/wp-content/uploads/2021/03/Wizkid-%E2%80%93-E-Don-Spoil-Ft-Bella-Shmurda.jpg?resize=150%2C150&ssl=1?quality=90&strip=all&crop=1317px%2C0px%2C947px%2C1261px&resize=315%2C420&zoom=1&ssl=1
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
8ed4a45959c8f6bcf187a0b3152adfb602091cb23d0f4f7bc2ee900b4f9c07dd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.six9ja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Thu, 01 Apr 2021 16:24:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 28 Mar 2021 11:38:42 GMT
server
nginx
etag
"4e44d7decd59a55d"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.six9ja.com/wp-content/uploads/2021/03/Wizkid-%E2%80%93-E-Don-Spoil-Ft-Bella-Shmurda.jpg>; rel="canonical"
content-length
9512
expires
Tue, 28 Mar 2023 23:38:42 GMT
Dj-Salaree-Amapiano-Hits-Mixtape.jpeg
i0.wp.com/www.six9ja.com/wp-content/uploads/2021/03/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.six9ja.com/wp-content/uploads/2021/03/Dj-Salaree-Amapiano-Hits-Mixtape.jpeg?resize=150%2C150&ssl=1?quality=90&strip=all&crop=1317px%2C0px%2C947px%2C1261px&resize=315%2C420&zoom=1&ssl=1
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
74acf95799c9a52c402ca83d810ff8acb201722fae42f5cd42170c15d120cff0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.six9ja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:24:02 GMT
x-content-type-options
nosniff
x-bytes-saved
1326
content-length
15162
x-nc
HIT hhn 3
last-modified
Wed, 31 Mar 2021 06:57:03 GMT
server
nginx
etag
"97b8e3287ef5ad0b"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.six9ja.com/wp-content/uploads/2021/03/Dj-Salaree-Amapiano-Hits-Mixtape.jpeg>; rel="canonical"
expires
Fri, 31 Mar 2023 18:57:03 GMT
HeadBoy-ft.-Mohbad-%E2%80%93-Get-Up.jpg
i2.wp.com/www.six9ja.com/wp-content/uploads/2021/03/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/www.six9ja.com/wp-content/uploads/2021/03/HeadBoy-ft.-Mohbad-%E2%80%93-Get-Up.jpg?resize=150%2C150&ssl=1?quality=90&strip=all&crop=1317px%2C0px%2C947px%2C1261px&resize=315%2C420&zoom=1&ssl=1
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
98266fe3b7307262c82f1e7813c263dfe9e3c89bf746203b0b452e9bebb15a85
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.six9ja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Thu, 01 Apr 2021 16:24:02 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 08:10:22 GMT
server
nginx
etag
"03ec8110ecd828df"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.six9ja.com/wp-content/uploads/2021/03/HeadBoy-ft.-Mohbad-%E2%80%93-Get-Up.jpg>; rel="canonical"
content-length
15516
expires
Thu, 30 Mar 2023 20:10:22 GMT
Da-Pro-x-Skales-%E2%80%93-IMA.jpg
i0.wp.com/www.six9ja.com/wp-content/uploads/2021/03/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.six9ja.com/wp-content/uploads/2021/03/Da-Pro-x-Skales-%E2%80%93-IMA.jpg?resize=150%2C150&ssl=1
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
4d12d3b2191bfc36ec70e2d3cf1671cb0c4d775a52666e4e8ca252bc695a58c7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.six9ja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Thu, 01 Apr 2021 16:24:02 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Mar 2021 15:59:04 GMT
server
nginx
etag
"a946985293737158"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.six9ja.com/wp-content/uploads/2021/03/Da-Pro-x-Skales-%E2%80%93-IMA.jpg>; rel="canonical"
content-length
4200
expires
Fri, 17 Mar 2023 03:59:04 GMT
OmoAkin_-_Pasa_Pasa_Ft_Skales.jpg
i2.wp.com/www.six9ja.com/wp-content/uploads/2021/03/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/www.six9ja.com/wp-content/uploads/2021/03/OmoAkin_-_Pasa_Pasa_Ft_Skales.jpg?resize=150%2C150&ssl=1
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
f8c265ace563dbb07896bec0a04493345fc40ace8853199e3c33775a02389caf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.six9ja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Thu, 01 Apr 2021 16:24:02 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 16:38:11 GMT
server
nginx
etag
"5942e189fbbb2c9e"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.six9ja.com/wp-content/uploads/2021/03/OmoAkin_-_Pasa_Pasa_Ft_Skales.jpg>; rel="canonical"
content-length
2480
expires
Fri, 31 Mar 2023 04:38:11 GMT
VIDEO_Skales_-_Kayefi.jpg
i2.wp.com/www.six9ja.com/wp-content/uploads/2021/02/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/www.six9ja.com/wp-content/uploads/2021/02/VIDEO_Skales_-_Kayefi.jpg?resize=150%2C150&ssl=1
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
091e4dc60333ac414748b055b5e88170485ff8d63d624959cb31056aa9f5187d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.six9ja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Thu, 01 Apr 2021 16:24:02 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 16:38:11 GMT
server
nginx
etag
"d7ebd8088bf48176"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.six9ja.com/wp-content/uploads/2021/02/VIDEO_Skales_-_Kayefi.jpg>; rel="canonical"
content-length
3206
expires
Fri, 31 Mar 2023 04:38:11 GMT
Skales-%E2%80%93-Kayefi.jpg
i1.wp.com/www.six9ja.com/wp-content/uploads/2021/02/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/www.six9ja.com/wp-content/uploads/2021/02/Skales-%E2%80%93-Kayefi.jpg?resize=150%2C150&ssl=1
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
2b20365f044bf5e7ea42d8feda4fbc0e013bbf47f6360e449c14000bb42a01a5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.six9ja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Thu, 01 Apr 2021 16:24:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 14 Mar 2021 13:24:42 GMT
server
nginx
etag
"1ec585969fa05a19"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.six9ja.com/wp-content/uploads/2021/02/Skales-%E2%80%93-Kayefi.jpg>; rel="canonical"
content-length
8570
expires
Wed, 15 Mar 2023 01:24:42 GMT
c00f83d23f180ad1f2762666a1194498.jpg
i2.wp.com/www.six9ja.com/wp-content/uploads/2021/02/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/www.six9ja.com/wp-content/uploads/2021/02/c00f83d23f180ad1f2762666a1194498.jpg?resize=150%2C150&ssl=1
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
8c5b2233a1490990c490c6f5d67d44286716438a18236489bc17d37fb55ca174
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.six9ja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
MISS hhn 3
date
Thu, 01 Apr 2021 16:24:02 GMT
x-content-type-options
nosniff
last-modified
Thu, 01 Apr 2021 16:24:02 GMT
server
nginx
etag
"004deea9f3b289af"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.six9ja.com/wp-content/uploads/2021/02/c00f83d23f180ad1f2762666a1194498.jpg>; rel="canonical"
content-length
3312
expires
Sun, 02 Apr 2023 04:24:02 GMT
dmca-badge-w100-5x1-08.png
images.dmca.com/Badges/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dmca.com/Badges/dmca-badge-w100-5x1-08.png?ID=b99fe691-1a2d-43fb-ae10-6a564012e8d2
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.29 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
95c559e292078efb159e4c9b2eaa2bef6511671bb0f04b83da335ec676983add

Request headers

Referer
https://www.six9ja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:24:02 GMT
last-modified
Mon, 25 Jul 2016 19:39:16 GMT
server
nginx
x-powered-by
ASP.NET
etag
"abfba43aace6d11:0"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
link
<http://dmca-images.azurewebsites.net/Badges/dmca-badge-w100-5x1-08.png>; rel="canonical"
content-length
2222
expires
Sat, 01 May 2021 16:23:43 GMT
DMCABadgeHelper.min.js
images.dmca.com/Badges/ 		465 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.29 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

Referer
https://www.six9ja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:24:02 GMT
content-encoding
gzip
last-modified
Fri, 21 Jun 2019 20:14:34 GMT
server
nginx
x-powered-by
ASP.NET
etag
"26b181f16d28d51:0"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
link
<http://dmca-images.azurewebsites.net/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length
280
expires
Sat, 01 May 2021 16:23:02 GMT
style.js
www.six9ja.com/wp-content/themes/six9ja/js/ 		161 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.six9ja.com/wp-content/themes/six9ja/js/style.js
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
45.93.125.48 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
0574d0dce2568ae38cbae366dd7384db15440f367fab67cbb92da01731d7f9de
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.six9ja.com/biwom-ft-skales-jeje/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:24:02 GMT
content-encoding
br
last-modified
Wed, 11 Nov 2020 16:00:55 GMT
server
LiteSpeed
etag
"2852e-5fac0ab7-fd91d5a1bf366cf5;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
53042
expires
Thu, 08 Apr 2021 16:24:02 GMT
comment-reply.min.js
c0.wp.com/c/5.7/wp-includes/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.7/wp-includes/js/comment-reply.min.js
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
ab21fef3ac4ee12ebb305942f85de99b290b8a24654c69060e54673d5f3a11f2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.six9ja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Thu, 01 Apr 2021 16:24:02 GMT
content-encoding
br
last-modified
Wed, 06 Jan 2021 15:29:24 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Fri, 01 Apr 2022 16:24:02 GMT
photon.min.js
c0.wp.com/p/jetpack/9.5/_inc/build/photon/ 		758 B
423 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/9.5/_inc/build/photon/photon.min.js
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.six9ja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Thu, 01 Apr 2021 16:24:02 GMT
content-encoding
br
last-modified
Tue, 31 Mar 2020 17:26:38 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Fri, 01 Apr 2022 16:24:02 GMT
form.js
www.six9ja.com/wp-content/plugins/akismet/_inc/ 		700 B
346 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.six9ja.com/wp-content/plugins/akismet/_inc/form.js?ver=4.1.9
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
45.93.125.48 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
0515cbd1f8aee97e1c8e0d1d015ca96c86def13e90d2e73bf813072ccc23d531
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.six9ja.com/biwom-ft-skales-jeje/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:24:02 GMT
content-encoding
br
last-modified
Wed, 03 Mar 2021 05:16:11 GMT
server
LiteSpeed
etag
"2bc-603f1b9b-f21d4e3ff10b4b34;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
250
expires
Thu, 08 Apr 2021 16:24:02 GMT
scout-bold.woff2
metro.co.uk/wp-content/themes/metro-parent/fonts/scout-bold/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://metro.co.uk/wp-content/themes/metro-parent/fonts/scout-bold/scout-bold.woff2?v=2019
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/wp-content/themes/six9ja/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.24 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
57f384548bea4d1b08f7f76fc17fd9946ab6da5d5827180ca9775f80e16dfdba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Origin
https://www.six9ja.com
Referer
https://www.six9ja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:24:02 GMT
x-rq
hhn1 109 87 3131
last-modified
Thu, 18 Jun 2020 18:19:49 GMT
server
nginx
age
1019
etag
"5eebb045-624c"
strict-transport-security
max-age=31536000
x-cache
hit
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-methods
GET, HEAD
accept-ranges
bytes
content-length
25164
expires
Fri, 01 Apr 2022 16:24:02 GMT
icomoon.ttf
metro.co.uk/wp-content/themes/metro-parent/fonts/icomoon/ 		12 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://metro.co.uk/wp-content/themes/metro-parent/fonts/icomoon/icomoon.ttf?sd4i4k
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/wp-content/themes/six9ja/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.24 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
677aa9dee78a5460da047f56435e017928741ca64725a1610bcff656d7dfa6c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Origin
https://www.six9ja.com
Referer
https://www.six9ja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:24:02 GMT
content-encoding
gzip
vary
Accept-Encoding
age
1019
x-cache
hit
content-length
7801
x-rq
hhn1 109 145 3134
last-modified
Tue, 16 Jun 2020 16:02:51 GMT
server
nginx
etag
W/"5ee8ed2b-30cc"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET, HEAD
content-type
application/font-ttf
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Fri, 01 Apr 2022 16:24:02 GMT
scout-light.woff2
metro.co.uk/wp-content/themes/metro-parent/fonts/scout-light/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://metro.co.uk/wp-content/themes/metro-parent/fonts/scout-light/scout-light.woff2?v=2019
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/wp-content/themes/six9ja/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.24 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
92f037cd9be94ba043d27e8933498bf3bf0184b968ae7493ec30b1d65110a29d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Origin
https://www.six9ja.com
Referer
https://www.six9ja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:24:02 GMT
x-rq
hhn1 109 197 3108
last-modified
Wed, 17 Jun 2020 16:56:43 GMT
server
nginx
age
1019
etag
"5eea4b4b-59dc"
strict-transport-security
max-age=31536000
x-cache
hit
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-methods
GET, HEAD
accept-ranges
bytes
content-length
23004
expires
Fri, 01 Apr 2022 16:24:02 GMT
collect
www.google-analytics.com/j/ 		2 B
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j89&a=606996059&t=pageview&_s=1&dl=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&ul=en-us&de=UTF-8&dt=Biwom%20ft%20Skales%20-%20Jeje%20(Mp3%20Download)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1669662607&gjid=1124911369&cid=84140124.1617294243&tid=UA-152607023-1&_gid=205909862.1617294243&_r=1&_slc=1&z=1147723671
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.six9ja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:24:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.six9ja.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
BIWOM-Skales-Jeje.mp3
www.six9ja.com/wp-content/uploads/2021/03/ 		1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://www.six9ja.com/wp-content/uploads/2021/03/BIWOM-Skales-Jeje.mp3
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
45.93.125.48 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.six9ja.com/biwom-ft-skales-jeje/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 01 Apr 2021 16:24:02 GMT
last-modified
Sun, 14 Mar 2021 13:23:24 GMT
server
LiteSpeed
etag
"2fbf55-604e0e4c-3f235ba4aa3b7c8a;;;"
content-security-policy
upgrade-insecure-requests
content-type
application/octet-stream
Content-Range
bytes 0-3129172/3129173
content-disposition
attachment
Content-Length
3129173
truncated
/ 		177 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6fead81d343f693107904c5577dfd9642bb6ec751e305860c940fdcb5e6c4ae8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		351 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4c131a74d2f424e29ffb16d2b03fec20e3f0cae46c4f0aff594cdc8ade80c3ca

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210329/r20190131/ 		227 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210329/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5735128798512661&plah=www.six9ja.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
311e18f635513141cf583a4fa0ac2828f450c8197eb57853475194676faaebe2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.six9ja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:24:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86637
x-xss-protection
0
server
cafe
etag
7600525576280132900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 01 Apr 2021 16:24:02 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210329/r20190131/ Frame 2B63 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210329/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ee8a97200cf0e24af175070d017d0bdabe6c619ede7bf7c5585e90de0f39798
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210329/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.six9ja.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.six9ja.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 31 Mar 2021 22:50:27 GMT
expires
Wed, 14 Apr 2021 22:50:27 GMT
content-type
text/html; charset=UTF-8
etag
13254444762018554669
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4647
x-xss-protection
0
age
63215
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
58b07fec4121.js
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain
  • https://platform.instagram.com/en_US/embeds.js
  • https://www.instagram.com/embed.js
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f21c:81e5:face:b00c:0:4420 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8

Request headers

Referer
https://www.six9ja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 08:18:18 GMT
x-fb-trip-id
1679558926
etag
"58b07fec4121"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
4824

Redirect headers

date
Thu, 01 Apr 2021 16:24:03 GMT
x-fb-trip-id
1679558926
x-ig-origin-region
vll
content-type
text/html; charset=utf-8
location
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
cache-control
max-age=21600
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
/
secure.gravatar.com/avatar/ 		983 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/?s=40&d=mm&r=g??w=1024&quality=90&strip=all&zoom=1&resize=40%2C40&ssl=1
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
fe72e710fa08ea724842080b779a946a2ef297a1337c14e53423fc53269fe98f

Request headers

Referer
https://www.six9ja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Thu, 01 Apr 2021 16:24:02 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="none.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/?s=40&d=mm&r=g??w=1024&quality=90&strip=all&zoom=1&resize=40%2C40&ssl=1>; rel="canonical"
content-length
983
expires
Thu, 01 Apr 2021 16:29:02 GMT
truncated
/ 		364 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
223dbeaf95c21e29aad42c8656d9ad41dbe9497df36c95118158609625d95c53

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
cookie.js
partner.googleadservices.com/gampad/ 		200 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.six9ja.com&callback=_gfp_s_&client=ca-pub-5735128798512661
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210329/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5735128798512661&plah=www.six9ja.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
bf73cd609ddd82653a89fc23817d8be234f8e810d8d8990c5e003c7f47a2411a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.six9ja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:24:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
192
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.six9ja.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210329/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5735128798512661&plah=www.six9ja.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.six9ja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 01 Apr 2021 16:24:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.six9ja.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210329/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5735128798512661&plah=www.six9ja.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.six9ja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 01 Apr 2021 16:24:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9C19 		97 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&slotname=6837408304&adk=1360150036&adf=2948748179&pi=t.ma~as.6837408304&w=944&fwrn=4&fwrnh=100&lmt=1617294242&rafmt=1&psa=0&format=944x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617294242846&bpp=34&bdt=791&idt=124&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5725826493251&frm=20&pv=2&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=6argjYLcWQ&p=https%3A//www.six9ja.com&dtd=165
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210329/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5735128798512661&plah=www.six9ja.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ac6cc258fdfc63e2665edbc37f487f2170bc5ae26364dbf8b03b6ad7717536f
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/970x250_Crypto3_CYSEC.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/970x250_Crypto3_CYSEC.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COzJ6ca63e8CFRrKdwodQ9cJRQ&gqi=o_NlYLK4AZCD7_UPg9CJkAo&layout=/sadbundle/%24csp%253Der3%24/16298299648599657255/970x250_Crypto3_CYSEC/970x250_Crypto3_CYSEC.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&slotname=6837408304&adk=1360150036&adf=2948748179&pi=t.ma~as.6837408304&w=944&fwrn=4&fwrnh=100&lmt=1617294242&rafmt=1&psa=0&format=944x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617294242846&bpp=34&bdt=791&idt=124&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5725826493251&frm=20&pv=2&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=6argjYLcWQ&p=https%3A//www.six9ja.com&dtd=165
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.six9ja.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.six9ja.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/970x250_Crypto3_CYSEC.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/970x250_Crypto3_CYSEC.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COzJ6ca63e8CFRrKdwodQ9cJRQ&gqi=o_NlYLK4AZCD7_UPg9CJkAo&layout=/sadbundle/%24csp%253Der3%24/16298299648599657255/970x250_Crypto3_CYSEC/970x250_Crypto3_CYSEC.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 01 Apr 2021 16:24:03 GMT
server
cafe
content-length
31120
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 01-Apr-2021 16:39:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 01 Apr 2021 16:24:03 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210329/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5735128798512661&plah=www.six9ja.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96bbf4f9521f17f3be8143f5c7b7918869757bdae7eee27f6d5bd83809cd4f32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.six9ja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:24:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617017733465819"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28245
x-xss-protection
0
expires
Thu, 01 Apr 2021 16:24:03 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame B292 		79 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&slotname=6837408304&adk=294907757&adf=3345755364&pi=t.ma~as.6837408304&w=540&fwrn=4&fwrnh=100&lmt=1617294243&rafmt=1&psa=0&format=540x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617294242880&bpp=8&bdt=824&idt=154&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=944x280&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=380&ady=1458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Kpy6BsD6hM&p=https%3A//www.six9ja.com&dtd=160
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210329/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5735128798512661&plah=www.six9ja.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f87dea1989dd5439139cc3ac93b9bd6c8555e4b265ddfb4df8428770e45afd9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&slotname=6837408304&adk=294907757&adf=3345755364&pi=t.ma~as.6837408304&w=540&fwrn=4&fwrnh=100&lmt=1617294243&rafmt=1&psa=0&format=540x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617294242880&bpp=8&bdt=824&idt=154&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=944x280&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=380&ady=1458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Kpy6BsD6hM&p=https%3A//www.six9ja.com&dtd=160
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.six9ja.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.six9ja.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 01 Apr 2021 16:24:03 GMT
server
cafe
content-length
25207
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 01-Apr-2021 16:39:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 01 Apr 2021 16:24:03 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame A15B 		14 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&adk=3302272930&adf=2013597281&lmt=1617294243&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&ea=0&flash=0&pra=7&wgl=1&dt=1617294242924&bpp=1&bdt=868&idt=122&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=944x280%2C540x280&nras=1&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=132
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210329/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5735128798512661&plah=www.six9ja.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c8188db62816e6aa39e67913027e143a9ea4a89c27e51940495f971e637f8a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5735128798512661&output=html&adk=3302272930&adf=2013597281&lmt=1617294243&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&ea=0&flash=0&pra=7&wgl=1&dt=1617294242924&bpp=1&bdt=868&idt=122&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=944x280%2C540x280&nras=1&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=132
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.six9ja.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.six9ja.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 01 Apr 2021 16:24:03 GMT
server
cafe
content-length
962
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 01-Apr-2021 16:39:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 01 Apr 2021 16:24:03 GMT
cache-control
private
integrator.js
adservice.google.de/adsid/ 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.six9ja.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210329/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5735128798512661&plah=www.six9ja.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.six9ja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 01 Apr 2021 16:24:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.six9ja.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210329/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5735128798512661&plah=www.six9ja.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.six9ja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 01 Apr 2021 16:24:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F2E3 		101 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&adk=1818760845&adf=948552605&pi=t.aa~a.2550409821~rp.4&w=944&fwrn=4&fwrnh=100&lmt=1617294243&rafmt=1&to=qs&pwprc=2532564415&psa=0&format=944x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617294243245&bpp=2&bdt=1189&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0&nras=2&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=2566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=4fm2NrDDDL&p=https%3A//www.six9ja.com&dtd=23
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210329/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5735128798512661&plah=www.six9ja.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66c0077eef618bd8250af1ae8b23c42cf5579ce34b443ecc681f44b1000e09ba
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/970x250_Crypto3_CYSEC.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/970x250_Crypto3_CYSEC.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI2d-ca63e8CFUCFgwcd4NsO2A&gqi=o_NlYIn8EPOL7_UP36CJoA0&layout=/sadbundle/%24csp%253Der3%24/16298299648599657255/970x250_Crypto3_CYSEC/970x250_Crypto3_CYSEC.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&adk=1818760845&adf=948552605&pi=t.aa~a.2550409821~rp.4&w=944&fwrn=4&fwrnh=100&lmt=1617294243&rafmt=1&to=qs&pwprc=2532564415&psa=0&format=944x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617294243245&bpp=2&bdt=1189&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0&nras=2&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=2566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=4fm2NrDDDL&p=https%3A//www.six9ja.com&dtd=23
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.six9ja.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.six9ja.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/970x250_Crypto3_CYSEC.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/970x250_Crypto3_CYSEC.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI2d-ca63e8CFUCFgwcd4NsO2A&gqi=o_NlYIn8EPOL7_UP36CJoA0&layout=/sadbundle/%24csp%253Der3%24/16298299648599657255/970x250_Crypto3_CYSEC/970x250_Crypto3_CYSEC.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 01 Apr 2021 16:24:03 GMT
server
cafe
content-length
33076
x-xss-protection
0
set-cookie
IDE=AHWqTUlUNUDsB_XTiipnFyDTZ3HWL9by217OugW-BC1l9IqYoCiXdv_vOBXhGhbPxEk; expires=Tue, 26-Apr-2022 16:24:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 01 Apr 2021 16:24:03 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame C0D2 		70 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=123&adk=1489707140&adf=670491075&pi=t.aa~a.4190803023~rp.4&w=290&lmt=1617294243&nsk=16cf3da6&rafmt=11&pwprc=2532564415&psa=0&ad_type=text_image&format=290x123&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617294243245&bpp=1&bdt=1189&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0%2C944x280&nras=3&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Gove1c5gKU&p=https%3A//www.six9ja.com&dtd=28
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210329/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5735128798512661&plah=www.six9ja.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d04f71980a71ec94212af76cfe6f70e561b0cd191a0031ee614205a48a1b6be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5735128798512661&output=html&h=123&adk=1489707140&adf=670491075&pi=t.aa~a.4190803023~rp.4&w=290&lmt=1617294243&nsk=16cf3da6&rafmt=11&pwprc=2532564415&psa=0&ad_type=text_image&format=290x123&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617294243245&bpp=1&bdt=1189&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0%2C944x280&nras=3&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Gove1c5gKU&p=https%3A//www.six9ja.com&dtd=28
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.six9ja.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.six9ja.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 01 Apr 2021 16:24:03 GMT
server
cafe
content-length
26558
x-xss-protection
0
set-cookie
IDE=AHWqTUm25YsYfeK8vyZSpajfC-vhpBe7GOBLVks9MEpJf9hVhmS28szidbHalrcVS1g; expires=Tue, 26-Apr-2022 16:24:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 01 Apr 2021 16:24:03 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 216A 		111 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=123&adk=1489707140&adf=2211370454&pi=t.aa~a.3457073377~rp.4&w=290&lmt=1617294243&nsk=27250076&rafmt=11&pwprc=2532564415&psa=0&ad_type=text_image&format=290x123&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617294243245&bpp=1&bdt=1189&idt=1&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0%2C944x280%2C290x123&nras=4&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=1352&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=y1CWDZxXdb&p=https%3A//www.six9ja.com&dtd=32
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210329/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5735128798512661&plah=www.six9ja.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c1725b114b05a35311914eda9267b46175efe2f6b5cc2f02dccca29f041c7f9
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15932177755558868945/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15932177755558868945/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COeV-sa63e8CFQ76dwodufYETA&gqi=o_NlYIn0EanL7_UP4fGI6Ak&layout=/sadbundle/%24csp%253Der3%24/15932177755558868945/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5735128798512661&output=html&h=123&adk=1489707140&adf=2211370454&pi=t.aa~a.3457073377~rp.4&w=290&lmt=1617294243&nsk=27250076&rafmt=11&pwprc=2532564415&psa=0&ad_type=text_image&format=290x123&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617294243245&bpp=1&bdt=1189&idt=1&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0%2C944x280%2C290x123&nras=4&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=1352&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=y1CWDZxXdb&p=https%3A//www.six9ja.com&dtd=32
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.six9ja.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.six9ja.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15932177755558868945/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15932177755558868945/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COeV-sa63e8CFQ76dwodufYETA&gqi=o_NlYIn0EanL7_UP4fGI6Ak&layout=/sadbundle/%24csp%253Der3%24/15932177755558868945/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 01 Apr 2021 16:24:03 GMT
server
cafe
content-length
36953
x-xss-protection
0
set-cookie
IDE=AHWqTUlrk1smNLbrnKNTYSEscJjOF-RQ3_mbMklru1ZvcjEjEjFyWfxVjmL17hgCxg8; expires=Tue, 26-Apr-2022 16:24:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 01 Apr 2021 16:24:03 GMT
cache-control
private
970x250_Crypto3_CYSEC.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/ Frame B412 		427 KB
66 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/970x250_Crypto3_CYSEC.html
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba7aaf4cd52d6cce9922da400ad02765ce9c4c758e16cec63193dabf2d5d118f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/970x250_Crypto3_CYSEC.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Wed, 31 Mar 2021 03:43:14 GMT
expires
Thu, 31 Mar 2022 03:43:14 GMT
last-modified
Tue, 30 Mar 2021 23:37:47 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
content-length
66356
age
132049
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame 08B6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C2IRgo_NlYKzsAZqU3wPDrqeoBK_Yg_VhodLL89cN-p3coNQBEAEgxtrJeWCViriCyAegAercgNECyAEJqQKjocIRi1upPqgDAcgDSKoEwQFP0NNNNLuPrfm9LV9f_Poirn-S9jzhLUqamp3-p_qdXosSOK3pepCoP_um5KfRWslpPpVykS2c395HIyqrmiDnI93lYR2sFajzUNu-5NehqVsNYoZhaorBD8LYHOvqSgwTDflVQr61UxHj40IFfmexOmuHhs2om8tkb7XWKztm5xEsL_lHXre_Ydb7eGyk1geXlCWlLqO7PmcSaLycVoZDZKyRrAx56JtE6YTUkuGazyzaiHbirzm0ekvukC-4edlswATYjcSetAOSBQQIBBgBkgUECAUYBKAGLoAH_qL_rgGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQy-4Y0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshcaChgIABIUcHViLTU3MzUxMjg3OTg1MTI2NjE&sigh=506FAiV3FrU&template_id=419&tpd=AGWhJmu8a6E5JCeSqMLx7ErGVfdzzR1GRs_k_ojSw4BBqgo3nA
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&slotname=6837408304&adk=1360150036&adf=2948748179&pi=t.ma~as.6837408304&w=944&fwrn=4&fwrnh=100&lmt=1617294242&rafmt=1&psa=0&format=944x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617294242846&bpp=34&bdt=791&idt=124&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5725826493251&frm=20&pv=2&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=6argjYLcWQ&p=https%3A//www.six9ja.com&dtd=165
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 01 Apr 2021 16:24:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/ Frame 08B6 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&slotname=6837408304&adk=1360150036&adf=2948748179&pi=t.ma~as.6837408304&w=944&fwrn=4&fwrnh=100&lmt=1617294242&rafmt=1&psa=0&format=944x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617294242846&bpp=34&bdt=791&idt=124&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5725826493251&frm=20&pv=2&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=6argjYLcWQ&p=https%3A//www.six9ja.com&dtd=165
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36b3f5a93d27d7519d736f048f2bf91c98c39620ca8795152c0b8286040cc975
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:21:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7115
x-xss-protection
0
server
cafe
etag
12304503248286081012
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Apr 2021 16:21:30 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/ Frame 08B6 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&slotname=6837408304&adk=1360150036&adf=2948748179&pi=t.ma~as.6837408304&w=944&fwrn=4&fwrnh=100&lmt=1617294242&rafmt=1&psa=0&format=944x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617294242846&bpp=34&bdt=791&idt=124&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5725826493251&frm=20&pv=2&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=6argjYLcWQ&p=https%3A//www.six9ja.com&dtd=165
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:22:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Apr 2021 16:22:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 08B6 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&slotname=6837408304&adk=1360150036&adf=2948748179&pi=t.ma~as.6837408304&w=944&fwrn=4&fwrnh=100&lmt=1617294242&rafmt=1&psa=0&format=944x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617294242846&bpp=34&bdt=791&idt=124&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5725826493251&frm=20&pv=2&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=6argjYLcWQ&p=https%3A//www.six9ja.com&dtd=165
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:24:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617017751739567"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36599
x-xss-protection
0
expires
Thu, 01 Apr 2021 16:24:03 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/ Frame 08B6 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&slotname=6837408304&adk=1360150036&adf=2948748179&pi=t.ma~as.6837408304&w=944&fwrn=4&fwrnh=100&lmt=1617294242&rafmt=1&psa=0&format=944x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617294242846&bpp=34&bdt=791&idt=124&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5725826493251&frm=20&pv=2&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=6argjYLcWQ&p=https%3A//www.six9ja.com&dtd=165
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:15:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
512
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5599
x-xss-protection
0
server
cafe
etag
2241650964481140939
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Apr 2021 16:15:31 GMT
17324325985697686153
tpc.googlesyndication.com/simgad/ Frame C0D2 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17324325985697686153?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qldX1a9Psmp8tDcmHvKPLNeagZaOg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=123&adk=1489707140&adf=670491075&pi=t.aa~a.4190803023~rp.4&w=290&lmt=1617294243&nsk=16cf3da6&rafmt=11&pwprc=2532564415&psa=0&ad_type=text_image&format=290x123&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617294243245&bpp=1&bdt=1189&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0%2C944x280&nras=3&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Gove1c5gKU&p=https%3A//www.six9ja.com&dtd=28
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b8a928f4f3f10dfaa0dbd56759845df77c19a0dcf0746313e187937ad50990f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 13:08:57 GMT
x-content-type-options
nosniff
last-modified
Fri, 08 Jan 2021 13:28:18 GMT
server
sffe
age
98106
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14515
x-xss-protection
0
expires
Thu, 31 Mar 2022 13:08:57 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/ Frame C0D2 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=123&adk=1489707140&adf=670491075&pi=t.aa~a.4190803023~rp.4&w=290&lmt=1617294243&nsk=16cf3da6&rafmt=11&pwprc=2532564415&psa=0&ad_type=text_image&format=290x123&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617294243245&bpp=1&bdt=1189&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0%2C944x280&nras=3&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Gove1c5gKU&p=https%3A//www.six9ja.com&dtd=28
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36b3f5a93d27d7519d736f048f2bf91c98c39620ca8795152c0b8286040cc975
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:21:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7115
x-xss-protection
0
server
cafe
etag
12304503248286081012
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Apr 2021 16:21:30 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/ Frame C0D2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=123&adk=1489707140&adf=670491075&pi=t.aa~a.4190803023~rp.4&w=290&lmt=1617294243&nsk=16cf3da6&rafmt=11&pwprc=2532564415&psa=0&ad_type=text_image&format=290x123&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617294243245&bpp=1&bdt=1189&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0%2C944x280&nras=3&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Gove1c5gKU&p=https%3A//www.six9ja.com&dtd=28
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:22:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Apr 2021 16:22:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C0D2 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=123&adk=1489707140&adf=670491075&pi=t.aa~a.4190803023~rp.4&w=290&lmt=1617294243&nsk=16cf3da6&rafmt=11&pwprc=2532564415&psa=0&ad_type=text_image&format=290x123&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617294243245&bpp=1&bdt=1189&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0%2C944x280&nras=3&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Gove1c5gKU&p=https%3A//www.six9ja.com&dtd=28
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:24:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617017751739567"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36599
x-xss-protection
0
expires
Thu, 01 Apr 2021 16:24:03 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/ Frame C0D2 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=123&adk=1489707140&adf=670491075&pi=t.aa~a.4190803023~rp.4&w=290&lmt=1617294243&nsk=16cf3da6&rafmt=11&pwprc=2532564415&psa=0&ad_type=text_image&format=290x123&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617294243245&bpp=1&bdt=1189&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0%2C944x280&nras=3&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Gove1c5gKU&p=https%3A//www.six9ja.com&dtd=28
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:15:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
512
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5599
x-xss-protection
0
server
cafe
etag
2241650964481140939
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Apr 2021 16:15:31 GMT
l
www.google.com/ads/measurement/ Frame C0D2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSvm4muscny5xfkwlCz8azHQziVpHiggDQrrcchklGbW0WcLPnbyoQ2hOyCOWWsVUSaN7LxbGECfChisKwCqYON3tPCrQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=123&adk=1489707140&adf=670491075&pi=t.aa~a.4190803023~rp.4&w=290&lmt=1617294243&nsk=16cf3da6&rafmt=11&pwprc=2532564415&psa=0&ad_type=text_image&format=290x123&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617294243245&bpp=1&bdt=1189&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0%2C944x280&nras=3&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Gove1c5gKU&p=https%3A//www.six9ja.com&dtd=28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/ Frame C0D2 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=123&adk=1489707140&adf=670491075&pi=t.aa~a.4190803023~rp.4&w=290&lmt=1617294243&nsk=16cf3da6&rafmt=11&pwprc=2532564415&psa=0&ad_type=text_image&format=290x123&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617294243245&bpp=1&bdt=1189&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0%2C944x280&nras=3&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Gove1c5gKU&p=https%3A//www.six9ja.com&dtd=28
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f08484455172d31ef5c551a8228f73cd46f334707d09677aa3e53d73483a8c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 14:37:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6398
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10479
x-xss-protection
0
server
cafe
etag
5380568613746674957
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Apr 2021 14:37:25 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame C0D2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CSmUZo_NlYKbmEY-S3wPMsbRAvOXH6WHT8I6n_gzGy_2Ekw4QASDG2sl5YJWKuILIB6AB6r6D7gPIAQKpAg_EJGAUqX4-qAMByAPJBKoExAFP0I2XGofoCUJLVcqUZB0nkY-Nrr0aG2U7Mb_-zDF-r1-74PnxB1H4oVnSa36I5YafGLGC2sDDt6L4baumn_V9-eTPz-tkI0EWTKpwvgUrQqJ5CDPZ2WGqitcc-A5X9hTtl41ERDqxjHWudkGQgE0xaV_PxLL5l3-5e02vFAfw_ht87a_5WsAsXXxLrYBbz5mBI6OmyJjLFKkqEu0QnRyzWoi7yEd1CpT72ZFjNJIWNgRe1KzvCswyqo9YEwvn1-ewMXhewAT0_rDgnwOSBQQIBBgBkgUECAUYBKAGAoAH_sD8EagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCSnwjSCAkIgOGAEBABGB-ACgHICwHYEw2yFxoKGAgAEhRwdWItNTczNTEyODc5ODUxMjY2MQ&sigh=qTqz3F1tz6s&tpd=AGWhJmt7387Q6xOzEFU56cq89axQkfpiu5MhM8tz199Ko_v0qg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=123&adk=1489707140&adf=670491075&pi=t.aa~a.4190803023~rp.4&w=290&lmt=1617294243&nsk=16cf3da6&rafmt=11&pwprc=2532564415&psa=0&ad_type=text_image&format=290x123&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617294243245&bpp=1&bdt=1189&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0%2C944x280&nras=3&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Gove1c5gKU&p=https%3A//www.six9ja.com&dtd=28
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=123&adk=1489707140&adf=670491075&pi=t.aa~a.4190803023~rp.4&w=290&lmt=1617294243&nsk=16cf3da6&rafmt=11&pwprc=2532564415&psa=0&ad_type=text_image&format=290x123&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617294243245&bpp=1&bdt=1189&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0%2C944x280&nras=3&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Gove1c5gKU&p=https%3A//www.six9ja.com&dtd=28
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 01 Apr 2021 16:24:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame C784 		143 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=123&adk=1489707140&adf=670491075&pi=t.aa~a.4190803023~rp.4&w=290&lmt=1617294243&nsk=16cf3da6&rafmt=11&pwprc=2532564415&psa=0&ad_type=text_image&format=290x123&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617294243245&bpp=1&bdt=1189&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0%2C944x280&nras=3&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Gove1c5gKU&p=https%3A//www.six9ja.com&dtd=28
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=123&adk=1489707140&adf=670491075&pi=t.aa~a.4190803023~rp.4&w=290&lmt=1617294243&nsk=16cf3da6&rafmt=11&pwprc=2532564415&psa=0&ad_type=text_image&format=290x123&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617294243245&bpp=1&bdt=1189&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0%2C944x280&nras=3&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Gove1c5gKU&p=https%3A//www.six9ja.com&dtd=28
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlrk1smNLbrnKNTYSEscJjOF-RQ3_mbMklru1ZvcjEjEjFyWfxVjmL17hgCxg8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=123&adk=1489707140&adf=670491075&pi=t.aa~a.4190803023~rp.4&w=290&lmt=1617294243&nsk=16cf3da6&rafmt=11&pwprc=2532564415&psa=0&ad_type=text_image&format=290x123&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617294243245&bpp=1&bdt=1189&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0%2C944x280&nras=3&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Gove1c5gKU&p=https%3A//www.six9ja.com&dtd=28

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 01 Apr 2021 15:41:26 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2557
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9466 		1 KB
936 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=123&adk=1489707140&adf=670491075&pi=t.aa~a.4190803023~rp.4&w=290&lmt=1617294243&nsk=16cf3da6&rafmt=11&pwprc=2532564415&psa=0&ad_type=text_image&format=290x123&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617294243245&bpp=1&bdt=1189&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0%2C944x280&nras=3&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Gove1c5gKU&p=https%3A//www.six9ja.com&dtd=28
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 01 Apr 2021 03:14:09 GMT
expires
Fri, 02 Apr 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
47394
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
13932506516527539508
tpc.googlesyndication.com/simgad/ Frame B292 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13932506516527539508?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlhjE5XJ3OKs1Qmb_ijcymBZabVoA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&slotname=6837408304&adk=294907757&adf=3345755364&pi=t.ma~as.6837408304&w=540&fwrn=4&fwrnh=100&lmt=1617294243&rafmt=1&psa=0&format=540x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617294242880&bpp=8&bdt=824&idt=154&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=944x280&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=380&ady=1458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Kpy6BsD6hM&p=https%3A//www.six9ja.com&dtd=160
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2beb70af9e911540e9b3f26957562493dfd86e571b06a07ab680f607d54a7d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 03:42:36 GMT
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 08:54:20 GMT
server
sffe
age
304887
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35480
x-xss-protection
0
expires
Tue, 29 Mar 2022 03:42:36 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/ Frame B292 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&slotname=6837408304&adk=294907757&adf=3345755364&pi=t.ma~as.6837408304&w=540&fwrn=4&fwrnh=100&lmt=1617294243&rafmt=1&psa=0&format=540x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617294242880&bpp=8&bdt=824&idt=154&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=944x280&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=380&ady=1458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Kpy6BsD6hM&p=https%3A//www.six9ja.com&dtd=160
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36b3f5a93d27d7519d736f048f2bf91c98c39620ca8795152c0b8286040cc975
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:21:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7115
x-xss-protection
0
server
cafe
etag
12304503248286081012
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Apr 2021 16:21:30 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/ Frame B292 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&slotname=6837408304&adk=294907757&adf=3345755364&pi=t.ma~as.6837408304&w=540&fwrn=4&fwrnh=100&lmt=1617294243&rafmt=1&psa=0&format=540x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617294242880&bpp=8&bdt=824&idt=154&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=944x280&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=380&ady=1458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Kpy6BsD6hM&p=https%3A//www.six9ja.com&dtd=160
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:22:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Apr 2021 16:22:57 GMT
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame B292 		67 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&slotname=6837408304&adk=294907757&adf=3345755364&pi=t.ma~as.6837408304&w=540&fwrn=4&fwrnh=100&lmt=1617294243&rafmt=1&psa=0&format=540x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617294242880&bpp=8&bdt=824&idt=154&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=944x280&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=380&ady=1458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Kpy6BsD6hM&p=https%3A//www.six9ja.com&dtd=160
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 01 Apr 2021 03:52:27 GMT
x-content-type-options
nosniff
server
cafe
age
45096
etag
2462972746714251406
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
expires
Fri, 02 Apr 2021 03:52:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B292 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&slotname=6837408304&adk=294907757&adf=3345755364&pi=t.ma~as.6837408304&w=540&fwrn=4&fwrnh=100&lmt=1617294243&rafmt=1&psa=0&format=540x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617294242880&bpp=8&bdt=824&idt=154&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=944x280&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=380&ady=1458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Kpy6BsD6hM&p=https%3A//www.six9ja.com&dtd=160
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:24:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617017751739567"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36599
x-xss-protection
0
expires
Thu, 01 Apr 2021 16:24:03 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/ Frame B292 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&slotname=6837408304&adk=294907757&adf=3345755364&pi=t.ma~as.6837408304&w=540&fwrn=4&fwrnh=100&lmt=1617294243&rafmt=1&psa=0&format=540x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617294242880&bpp=8&bdt=824&idt=154&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=944x280&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=380&ady=1458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Kpy6BsD6hM&p=https%3A//www.six9ja.com&dtd=160
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:15:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
512
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5599
x-xss-protection
0
server
cafe
etag
2241650964481140939
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Apr 2021 16:15:31 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame B292 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cb0-Ho_NlYJu-A4eS3gOPv4moBN60jPZh37C5k9ANnc_or-sdEAEgxtrJeWCViriCyAegAdSjh9wCyAECqQJKAE0z56yzPqgDAcgDyQSqBMQBT9CHcmunFvjulpT8P9Bf60nt-PE_1N1W4koRxMfx0GpGSg3nPF4UAaXJtgx6sSbdOFF9NXJHPueqm1BTF-OP9BDgFx-_lM6N3vV9-Cb6VpX4TYV69GOT8vP37a5Z_ri-QrEJT8numlNgwLGOtVv2pJGdES8YNDr-4ouNVPjAUTKyVh1SYMK5Brca-RRtsX38bBXsBvKyQh4rqB7HAHDpJGK22Xy8PKXkIkss5WoHTaI5VUph8LlSw7GE8wjg3GFtaEXF68AEgKrXu9IDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB5Tc-KMBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEI-sC9IICQiA4YAQEAEYH4AKAcgLAdgTCrIXGgoYCAASFHB1Yi01NzM1MTI4Nzk4NTEyNjYx&sigh=kCr2cluNu2c&tpd=AGWhJmuVGwazYikSjf_WHlz9bxzgfPJtNEMpJERBYjWkG5UKRA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&slotname=6837408304&adk=294907757&adf=3345755364&pi=t.ma~as.6837408304&w=540&fwrn=4&fwrnh=100&lmt=1617294243&rafmt=1&psa=0&format=540x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617294242880&bpp=8&bdt=824&idt=154&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=944x280&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=380&ady=1458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Kpy6BsD6hM&p=https%3A//www.six9ja.com&dtd=160
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&slotname=6837408304&adk=294907757&adf=3345755364&pi=t.ma~as.6837408304&w=540&fwrn=4&fwrnh=100&lmt=1617294243&rafmt=1&psa=0&format=540x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617294242880&bpp=8&bdt=824&idt=154&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=944x280&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=380&ady=1458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Kpy6BsD6hM&p=https%3A//www.six9ja.com&dtd=160
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 01 Apr 2021 16:24:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/ Frame B292 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&slotname=6837408304&adk=294907757&adf=3345755364&pi=t.ma~as.6837408304&w=540&fwrn=4&fwrnh=100&lmt=1617294243&rafmt=1&psa=0&format=540x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617294242880&bpp=8&bdt=824&idt=154&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=944x280&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=380&ady=1458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Kpy6BsD6hM&p=https%3A//www.six9ja.com&dtd=160
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f08484455172d31ef5c551a8228f73cd46f334707d09677aa3e53d73483a8c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 14:37:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6398
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10479
x-xss-protection
0
server
cafe
etag
5380568613746674957
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Apr 2021 14:37:25 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 3091 		143 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&slotname=6837408304&adk=1360150036&adf=2948748179&pi=t.ma~as.6837408304&w=944&fwrn=4&fwrnh=100&lmt=1617294242&rafmt=1&psa=0&format=944x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617294242846&bpp=34&bdt=791&idt=124&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5725826493251&frm=20&pv=2&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=6argjYLcWQ&p=https%3A//www.six9ja.com&dtd=165
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&slotname=6837408304&adk=1360150036&adf=2948748179&pi=t.ma~as.6837408304&w=944&fwrn=4&fwrnh=100&lmt=1617294242&rafmt=1&psa=0&format=944x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617294242846&bpp=34&bdt=791&idt=124&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5725826493251&frm=20&pv=2&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=6argjYLcWQ&p=https%3A//www.six9ja.com&dtd=165
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlrk1smNLbrnKNTYSEscJjOF-RQ3_mbMklru1ZvcjEjEjFyWfxVjmL17hgCxg8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&slotname=6837408304&adk=1360150036&adf=2948748179&pi=t.ma~as.6837408304&w=944&fwrn=4&fwrnh=100&lmt=1617294242&rafmt=1&psa=0&format=944x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617294242846&bpp=34&bdt=791&idt=124&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5725826493251&frm=20&pv=2&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=6argjYLcWQ&p=https%3A//www.six9ja.com&dtd=165

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 01 Apr 2021 15:41:26 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2557
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 08B6 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
03ba5c7cf6b680cfb496edf8c03f568aee99b4fd0143bb484a21d233a700e8a3

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame C0D2 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5afbda5418a2e55db38f1c6a553a5e199d357c943566ffcb29a42826c16edfd4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame B412 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/970x250_Crypto3_CYSEC.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 04:49:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41681
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 02 Apr 2021 04:49:22 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame B412 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/970x250_Crypto3_CYSEC.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 13:07:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11793
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 02 Apr 2021 13:07:30 GMT
createjs-2015.11.26.min.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/libs/ Frame B412 		186 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/libs/createjs-2015.11.26.min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/970x250_Crypto3_CYSEC.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60f05d358e0777fa5948d114025fac40231d57ee6e877d44c3629518927a5091
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
132049
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49532
x-xss-protection
0
last-modified
Tue, 30 Mar 2021 23:37:47 GMT
server
sffe
date
Wed, 31 Mar 2021 03:43:14 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Mar 2022 03:43:14 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 3604 		143 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&slotname=6837408304&adk=294907757&adf=3345755364&pi=t.ma~as.6837408304&w=540&fwrn=4&fwrnh=100&lmt=1617294243&rafmt=1&psa=0&format=540x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617294242880&bpp=8&bdt=824&idt=154&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=944x280&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=380&ady=1458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Kpy6BsD6hM&p=https%3A//www.six9ja.com&dtd=160
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&slotname=6837408304&adk=294907757&adf=3345755364&pi=t.ma~as.6837408304&w=540&fwrn=4&fwrnh=100&lmt=1617294243&rafmt=1&psa=0&format=540x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617294242880&bpp=8&bdt=824&idt=154&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=944x280&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=380&ady=1458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Kpy6BsD6hM&p=https%3A//www.six9ja.com&dtd=160
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlUNUDsB_XTiipnFyDTZ3HWL9by217OugW-BC1l9IqYoCiXdv_vOBXhGhbPxEk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&slotname=6837408304&adk=294907757&adf=3345755364&pi=t.ma~as.6837408304&w=540&fwrn=4&fwrnh=100&lmt=1617294243&rafmt=1&psa=0&format=540x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617294242880&bpp=8&bdt=824&idt=154&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=944x280&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=380&ady=1458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Kpy6BsD6hM&p=https%3A//www.six9ja.com&dtd=160

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 01 Apr 2021 15:41:26 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2558
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame B292 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0670cbb2ae61662de9d5ce521c8541d4280c78c0c0b0c69ec8ca5f10b22ef0a8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15932177755558868945/ Frame BE1A 		11 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15932177755558868945/index.html
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f19b2b7a7f705f29b8b651aa204ac34d25bcaa85945f831ce49ec9c846645ad7
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/15932177755558868945/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3404
date
Mon, 29 Mar 2021 02:25:08 GMT
expires
Tue, 29 Mar 2022 02:25:08 GMT
last-modified
Fri, 16 Aug 2019 15:12:27 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
age
309536
cache-control
public, max-age=31536000
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame CDBE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CIRC2o_NlYKe4Eo703wO57ZPgBJG-7Jte_cG6zYQKurW2mN8QEAEgxtrJeWCViriCyAegAYfoq_QCyAEJqQIoBIlxJ7CzPqgDAcgDSKoE0wFP0GZDRsA78SQHTnzwx4qsRHf6j4qPjbNiQtMvS213DRKKTUBfO6wILaMMV2W9C0oOp0yTgryQ8ugDtGhBfHd9bGRecYuvxo2LHmRGIwckoY_T7hvhWg205-hmnh2s8hiDt1Z7xYCCc9BdXVQe7iMp-m3T_oY3uCsMghWBw5DBMd-spErnblEkbJ9CDLI6oU0t3rpoEDM2LbjsTzaE6YJ6VPGLxakWL-gszrdTXC_iLdWjlKCXOmjT_ONNLllAsJUFy4k1i5cuN0-6jsla_vOHGgdXwASQ_Zq5pAKSBQQIBBgBkgUECAUYBKAGLoAH4JbTiwGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ5skI0ggJCIDhgBAQARgfgAoByAsB2BMMshcaChgIABIUcHViLTU3MzUxMjg3OTg1MTI2NjE&sigh=VJW6EIsX0Gc&template_id=419&tpd=AGWhJmu7Q6EzkUl6B8r_CQfknBaXFXeydNWeVc7XtgI3QZ_NRA
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=123&adk=1489707140&adf=2211370454&pi=t.aa~a.3457073377~rp.4&w=290&lmt=1617294243&nsk=27250076&rafmt=11&pwprc=2532564415&psa=0&ad_type=text_image&format=290x123&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617294243245&bpp=1&bdt=1189&idt=1&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0%2C944x280%2C290x123&nras=4&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=1352&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=y1CWDZxXdb&p=https%3A//www.six9ja.com&dtd=32
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 01 Apr 2021 16:24:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/ Frame CDBE 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=123&adk=1489707140&adf=2211370454&pi=t.aa~a.3457073377~rp.4&w=290&lmt=1617294243&nsk=27250076&rafmt=11&pwprc=2532564415&psa=0&ad_type=text_image&format=290x123&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617294243245&bpp=1&bdt=1189&idt=1&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0%2C944x280%2C290x123&nras=4&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=1352&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=y1CWDZxXdb&p=https%3A//www.six9ja.com&dtd=32
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36b3f5a93d27d7519d736f048f2bf91c98c39620ca8795152c0b8286040cc975
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:21:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
154
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7115
x-xss-protection
0
server
cafe
etag
12304503248286081012
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Apr 2021 16:21:30 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/ Frame CDBE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=123&adk=1489707140&adf=2211370454&pi=t.aa~a.3457073377~rp.4&w=290&lmt=1617294243&nsk=27250076&rafmt=11&pwprc=2532564415&psa=0&ad_type=text_image&format=290x123&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617294243245&bpp=1&bdt=1189&idt=1&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0%2C944x280%2C290x123&nras=4&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=1352&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=y1CWDZxXdb&p=https%3A//www.six9ja.com&dtd=32
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:22:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Apr 2021 16:22:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CDBE 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=123&adk=1489707140&adf=2211370454&pi=t.aa~a.3457073377~rp.4&w=290&lmt=1617294243&nsk=27250076&rafmt=11&pwprc=2532564415&psa=0&ad_type=text_image&format=290x123&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617294243245&bpp=1&bdt=1189&idt=1&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0%2C944x280%2C290x123&nras=4&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=1352&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=y1CWDZxXdb&p=https%3A//www.six9ja.com&dtd=32
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:24:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617017751739567"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36599
x-xss-protection
0
expires
Thu, 01 Apr 2021 16:24:04 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/ Frame CDBE 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=123&adk=1489707140&adf=2211370454&pi=t.aa~a.3457073377~rp.4&w=290&lmt=1617294243&nsk=27250076&rafmt=11&pwprc=2532564415&psa=0&ad_type=text_image&format=290x123&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617294243245&bpp=1&bdt=1189&idt=1&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0%2C944x280%2C290x123&nras=4&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=1352&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=y1CWDZxXdb&p=https%3A//www.six9ja.com&dtd=32
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:15:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
513
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5599
x-xss-protection
0
server
cafe
etag
2241650964481140939
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Apr 2021 16:15:31 GMT
l
www.google.com/ads/measurement/ Frame CDBE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTkn7cKDg5skV8vgGevHxSx8WuJWIb-JHyCVAwLg92seiTRWaD_wDiPriQWxHUa4GNzlx_okZ6jcDjZ0zfQFUdkcHAHxw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=123&adk=1489707140&adf=2211370454&pi=t.aa~a.3457073377~rp.4&w=290&lmt=1617294243&nsk=27250076&rafmt=11&pwprc=2532564415&psa=0&ad_type=text_image&format=290x123&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617294243245&bpp=1&bdt=1189&idt=1&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0%2C944x280%2C290x123&nras=4&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=1352&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=y1CWDZxXdb&p=https%3A//www.six9ja.com&dtd=32
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
s
googleads.g.doubleclick.net/pagead/drt/ Frame D5C1 		143 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=123&adk=1489707140&adf=2211370454&pi=t.aa~a.3457073377~rp.4&w=290&lmt=1617294243&nsk=27250076&rafmt=11&pwprc=2532564415&psa=0&ad_type=text_image&format=290x123&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617294243245&bpp=1&bdt=1189&idt=1&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0%2C944x280%2C290x123&nras=4&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=1352&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=y1CWDZxXdb&p=https%3A//www.six9ja.com&dtd=32
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=123&adk=1489707140&adf=2211370454&pi=t.aa~a.3457073377~rp.4&w=290&lmt=1617294243&nsk=27250076&rafmt=11&pwprc=2532564415&psa=0&ad_type=text_image&format=290x123&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617294243245&bpp=1&bdt=1189&idt=1&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0%2C944x280%2C290x123&nras=4&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=1352&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=y1CWDZxXdb&p=https%3A//www.six9ja.com&dtd=32
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlUNUDsB_XTiipnFyDTZ3HWL9by217OugW-BC1l9IqYoCiXdv_vOBXhGhbPxEk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=123&adk=1489707140&adf=2211370454&pi=t.aa~a.3457073377~rp.4&w=290&lmt=1617294243&nsk=27250076&rafmt=11&pwprc=2532564415&psa=0&ad_type=text_image&format=290x123&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617294243245&bpp=1&bdt=1189&idt=1&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0%2C944x280%2C290x123&nras=4&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=1352&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=y1CWDZxXdb&p=https%3A//www.six9ja.com&dtd=32

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 01 Apr 2021 15:41:26 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2558
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame C784
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
133 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=123&adk=1489707140&adf=670491075&pi=t.aa~a.4190803023~rp.4&w=290&lmt=1617294243&nsk=16cf3da6&rafmt=11&pwprc=2532564415&psa=0&ad_type=text_image&format=290x123&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617294243245&bpp=1&bdt=1189&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0%2C944x280&nras=3&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Gove1c5gKU&p=https%3A//www.six9ja.com&dtd=28
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlUNUDsB_XTiipnFyDTZ3HWL9by217OugW-BC1l9IqYoCiXdv_vOBXhGhbPxEk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 01 Apr 2021 16:24:04 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Thu, 01-Apr-2021 17:24:04 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 01 Apr 2021 16:24:04 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 01 Apr 2021 16:24:04 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame CDBE 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e8dfa52c19fc0bf5755290f2333cd03ae1636b633bc89749acec72ea1beb23c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
gen_csp
pagead2.googlesyndication.com/pagead/ Frame CDBE 		0
46 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COeV-sa63e8CFQ76dwodufYETA&gqi=o_NlYIn0EanL7_UP4fGI6Ak&layout=/sadbundle/%24csp%253Der3%24/15932177755558868945/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=123&adk=1489707140&adf=2211370454&pi=t.aa~a.3457073377~rp.4&w=290&lmt=1617294243&nsk=27250076&rafmt=11&pwprc=2532564415&psa=0&ad_type=text_image&format=290x123&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617294243245&bpp=1&bdt=1189&idt=1&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0%2C944x280%2C290x123&nras=4&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=1352&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=y1CWDZxXdb&p=https%3A//www.six9ja.com&dtd=32
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:24:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/images/ Frame B412 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/images/c1.jpg?1617143733365
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&slotname=6837408304&adk=1360150036&adf=2948748179&pi=t.ma~as.6837408304&w=944&fwrn=4&fwrnh=100&lmt=1617294242&rafmt=1&psa=0&format=944x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617294242846&bpp=34&bdt=791&idt=124&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5725826493251&frm=20&pv=2&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=6argjYLcWQ&p=https%3A//www.six9ja.com&dtd=165
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28e3c5ce90d833f2245c960fb702ddb9bc95c4d2c1708e5db0a4402a48282886
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
132049
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8769
x-xss-protection
0
last-modified
Tue, 30 Mar 2021 23:37:47 GMT
server
sffe
date
Wed, 31 Mar 2021 03:43:15 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Mar 2022 03:43:15 GMT
dpixel
cms.quantserve.com/ Frame 9466 		35 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMldbHxCnPbjWPDqQUeHwkM&google_cver=1&google_push=AQvitUII2nZ5BVzj0DrUriBoEWdz5-G50wCNFXcauc0VwT5maLF3rxODJ3CMYeu1WCLhU_t3k3aMyk8N-8tEE9tMuDTwmtZl3CM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=123&adk=1489707140&adf=670491075&pi=t.aa~a.4190803023~rp.4&w=290&lmt=1617294243&nsk=16cf3da6&rafmt=11&pwprc=2532564415&psa=0&ad_type=text_image&format=290x123&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617294243245&bpp=1&bdt=1189&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0%2C944x280&nras=3&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Gove1c5gKU&p=https%3A//www.six9ja.com&dtd=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:24:04 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9466
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEGBeNYvHW-6oLHgM25GFoZo&google_cver=1&google_push=AQvitUL2t1OskYnIYY6J4WK-95MpjtI8qV_vyJO6sRP_aHdqRkQqU_dCgcmZN6DjsUjbOGUtgpfeH96-nPAnHFIMWDlPtXdObos
  • https://cm.g.doubleclick.net/pixel?google_nid=akneustar_dmp&google_cm&google_hm=Q0FFU0VHQmVOWXZIVy02b0xIZ00yNUdGb1pv
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=akneustar_dmp&google_cm&google_hm=Q0FFU0VHQmVOWXZIVy02b0xIZ00yNUdGb1pv
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=123&adk=1489707140&adf=670491075&pi=t.aa~a.4190803023~rp.4&w=290&lmt=1617294243&nsk=16cf3da6&rafmt=11&pwprc=2532564415&psa=0&ad_type=text_image&format=290x123&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617294243245&bpp=1&bdt=1189&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0%2C944x280&nras=3&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Gove1c5gKU&p=https%3A//www.six9ja.com&dtd=28
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:24:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 01 Apr 2021 16:24:03 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=akneustar_dmp&google_cm&google_hm=Q0FFU0VHQmVOWXZIVy02b0xIZ00yNUdGb1pv
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9466
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEA8YYISzfzQfMzDircE1upQ&google_cver=1&google_push=AQvitUJGS90hSr6fSsKukgURI_RbAo8ONOModV_upzNZzS54Kuq5bg-yXOsXB4q1H8PfFalP0IbJOpcObKZ5Jx6VjJQxIBdP8Q
  • https://rtb.openx.net/sync/dds?google_gid=CAESEA8YYISzfzQfMzDircE1upQ&google_cver=1&google_push=AQvitUJGS90hSr6fSsKukgURI_RbAo8ONOModV_upzNZzS54Kuq5bg-yXOsXB4q1H8PfFalP0IbJOpcObKZ5Jx6VjJQxIBdP8Q&ox...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJGS90hSr6fSsKukgURI_RbAo8ONOModV_upzNZzS54Kuq5bg-yXOsXB4q1H8PfFalP0IbJOpcObKZ5Jx6VjJQxIBdP8Q&google_hm=fqKhx6LKw1kTRatdKlAqZQ==
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJGS90hSr6fSsKukgURI_RbAo8ONOModV_upzNZzS54Kuq5bg-yXOsXB4q1H8PfFalP0IbJOpcObKZ5Jx6VjJQxIBdP8Q&google_hm=fqKhx6LKw1kTRatdKlAqZQ==
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:24:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:24:03 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJGS90hSr6fSsKukgURI_RbAo8ONOModV_upzNZzS54Kuq5bg-yXOsXB4q1H8PfFalP0IbJOpcObKZ5Jx6VjJQxIBdP8Q&google_hm=fqKhx6LKw1kTRatdKlAqZQ==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
tde2c5nmmrsg82gfride5gifijp6k7mb
pixel
cm.g.doubleclick.net/ Frame 9466
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ftsd3lXaS1eGDWZ7yr8jLg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ftsd3lXaS1eGDWZ7yr8jLg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKEXam4ygfpA7_ED9tpLxXA6OlCsphMffNLemCM01yNmctyCfQrCVCFPBEUe_1yqV9dVXcxlNCppIypf3Z-jiMHbX-62O0
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:24:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ftsd3lXaS1eGDWZ7yr8jLg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUKEXam4ygfpA7_ED9tpLxXA6OlCsphMffNLemCM01yNmctyCfQrCVCFPBEUe_1yqV9dVXcxlNCppIypf3Z-jiMHbX-62O0
Date
Thu, 01 Apr 2021 16:24:02 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
0
Content-Type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 9466
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEI436pnoh8fLTdUT0O_EXz0&google_cver=1&google_push=AQvitUIJuskteh0Mter-lNQrKELEZkIgfWDdd0Kc8pP0H5ZpkGJfjiU7dCD6os60QPj2g4HJODA...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01aMzhIS0wtMU4tSTRIOA==&google_push=AQvitUIJuskteh0Mter-lNQrKELEZkIgfWDdd0Kc8pP0H5ZpkGJfjiU7dCD6os60QPj2g4HJODAUEm7_7XLci-s7lPIu1cdsdA
170 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01aMzhIS0wtMU4tSTRIOA==&google_push=AQvitUIJuskteh0Mter-lNQrKELEZkIgfWDdd0Kc8pP0H5ZpkGJfjiU7dCD6os60QPj2g4HJODAUEm7_7XLci-s7lPIu1cdsdA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=123&adk=1489707140&adf=670491075&pi=t.aa~a.4190803023~rp.4&w=290&lmt=1617294243&nsk=16cf3da6&rafmt=11&pwprc=2532564415&psa=0&ad_type=text_image&format=290x123&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617294243245&bpp=1&bdt=1189&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0%2C944x280&nras=3&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Gove1c5gKU&p=https%3A//www.six9ja.com&dtd=28
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:24:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01aMzhIS0wtMU4tSTRIOA==&google_push=AQvitUIJuskteh0Mter-lNQrKELEZkIgfWDdd0Kc8pP0H5ZpkGJfjiU7dCD6os60QPj2g4HJODAUEm7_7XLci-s7lPIu1cdsdA
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
pixel
cm.g.doubleclick.net/ Frame 9466
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENJfkvwZnn_4HhPHMZG1Jxk&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENJfkvwZnn_4HhPHMZG1Jxk&google_push=AQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YGXzpAAUL0Yq53UQPRDDdwAABKYAAAAB&google_push=AQvitUIfdrf___GLaNBEs4N4g-rmO8xDxzrwOv67VitZLV1uCMA5tFVCImBz35RiorHblTjm2j_KFGwN9CwxdWauqh...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YGXzpAAUL0Yq53UQPRDDdwAABKYAAAAB&google_push=AQvitUIfdrf___GLaNBEs4N4g-rmO8xDxzrwOv67VitZLV1uCMA5tFVCImBz35RiorHblTjm2j_KFGwN9CwxdWauqhVdxzHSMg4&google_cver=1&google_gid=CAESENJfkvwZnn_4HhPHMZG1Jxk
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:24:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 01 Apr 2021 16:24:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YGXzpAAUL0Yq53UQPRDDdwAABKYAAAAB&google_push=AQvitUIfdrf___GLaNBEs4N4g-rmO8xDxzrwOv67VitZLV1uCMA5tFVCImBz35RiorHblTjm2j_KFGwN9CwxdWauqhVdxzHSMg4&google_cver=1&google_gid=CAESENJfkvwZnn_4HhPHMZG1Jxk
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
459
Expires
Thu, 01 Apr 2021 16:24:04 GMT
trk
ag.innovid.com/ Frame 9466 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEB3YPoHK8kzegG2-BlN3n9U&google_cver=1&google_push=AQvitUIYS_SXUMMMxYohOhz_2T7RnUVgcj5Zm7HfG07l2khx4pQM8XJ6Ze8bttK3dPrMVCPUTEwPZ4xI1FikX5jrrodtOWh5uA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=123&adk=1489707140&adf=670491075&pi=t.aa~a.4190803023~rp.4&w=290&lmt=1617294243&nsk=16cf3da6&rafmt=11&pwprc=2532564415&psa=0&ad_type=text_image&format=290x123&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617294243245&bpp=1&bdt=1189&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0%2C944x280&nras=3&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Gove1c5gKU&p=https%3A//www.six9ja.com&dtd=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8100:1c45:c4d6:f2b8:9306 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:24:04 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
1
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 9466 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L6cVVjLAh9nQyttU8QEo-IQIqAUTY0YQ2rJO4XU0nlwQxBAqQS5HtCE0j8fXj0Y27uQzy1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=123&adk=1489707140&adf=670491075&pi=t.aa~a.4190803023~rp.4&w=290&lmt=1617294243&nsk=16cf3da6&rafmt=11&pwprc=2532564415&psa=0&ad_type=text_image&format=290x123&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617294243245&bpp=1&bdt=1189&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0%2C944x280&nras=3&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Gove1c5gKU&p=https%3A//www.six9ja.com&dtd=28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:24:04 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
970x250_Crypto3_CYSEC.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/ Frame 0BCA 		427 KB
65 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/970x250_Crypto3_CYSEC.html
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba7aaf4cd52d6cce9922da400ad02765ce9c4c758e16cec63193dabf2d5d118f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/970x250_Crypto3_CYSEC.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Wed, 31 Mar 2021 03:43:14 GMT
expires
Thu, 31 Mar 2022 03:43:14 GMT
last-modified
Tue, 30 Mar 2021 23:37:47 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
content-length
66356
age
132050
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame 324A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CF8YFo_NlYM2_EcCKjuwP4Le7wA2v2IP1YaHSy_PXDfqd3KDUARABIMbayXlglYq4gsgHoAHq3IDRAsgBCakCsTt4pfpeqT6oAwHIA0iqBMQBT9Ar_yxr_5kSP_iE29VegwiQo6p13DK0Yv9QB_8z-4uPT9FVYjgJdfzKG3p5qquVTwVfTaJHkr05UOsxG2omXJ_99FIExacUFOtakKMoeYXHty22KwEqAZaRift1ez7pdamwjH_IQrdxlyvwAUcwHVE3DKOkSm6gjZmD6-CRHLEvzV-g-eigdQP8Am5nx-bgih3lvZeVflBMFD5es4EQWulAvbj3e1pr9Eg4HCB8uSexTCPlD9fwHzqwZhlFmKF3czBN5MAE2I3EnrQDkgUECAQYAZIFBAgFGASgBi6AB_6i_64BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEENLPDdIICQiA4YAQEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi01NzM1MTI4Nzk4NTEyNjYx&sigh=bWAAImL_Ya8&template_id=419&tpd=AGWhJmvzvKOODbyprh3KfAUB5_USB0RKiDWXanUKdYDcV4VT5w
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&adk=1818760845&adf=948552605&pi=t.aa~a.2550409821~rp.4&w=944&fwrn=4&fwrnh=100&lmt=1617294243&rafmt=1&to=qs&pwprc=2532564415&psa=0&format=944x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617294243245&bpp=2&bdt=1189&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0&nras=2&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=2566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=4fm2NrDDDL&p=https%3A//www.six9ja.com&dtd=23
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 01 Apr 2021 16:24:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/ Frame 324A 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&adk=1818760845&adf=948552605&pi=t.aa~a.2550409821~rp.4&w=944&fwrn=4&fwrnh=100&lmt=1617294243&rafmt=1&to=qs&pwprc=2532564415&psa=0&format=944x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617294243245&bpp=2&bdt=1189&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0&nras=2&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=2566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=4fm2NrDDDL&p=https%3A//www.six9ja.com&dtd=23
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36b3f5a93d27d7519d736f048f2bf91c98c39620ca8795152c0b8286040cc975
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:21:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
154
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7115
x-xss-protection
0
server
cafe
etag
12304503248286081012
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Apr 2021 16:21:30 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/ Frame 324A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&adk=1818760845&adf=948552605&pi=t.aa~a.2550409821~rp.4&w=944&fwrn=4&fwrnh=100&lmt=1617294243&rafmt=1&to=qs&pwprc=2532564415&psa=0&format=944x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617294243245&bpp=2&bdt=1189&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0&nras=2&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=2566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=4fm2NrDDDL&p=https%3A//www.six9ja.com&dtd=23
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:22:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Apr 2021 16:22:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 324A 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&adk=1818760845&adf=948552605&pi=t.aa~a.2550409821~rp.4&w=944&fwrn=4&fwrnh=100&lmt=1617294243&rafmt=1&to=qs&pwprc=2532564415&psa=0&format=944x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617294243245&bpp=2&bdt=1189&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0&nras=2&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=2566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=4fm2NrDDDL&p=https%3A//www.six9ja.com&dtd=23
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:24:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617017751739567"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36599
x-xss-protection
0
expires
Thu, 01 Apr 2021 16:24:04 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/ Frame 324A 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210329/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&adk=1818760845&adf=948552605&pi=t.aa~a.2550409821~rp.4&w=944&fwrn=4&fwrnh=100&lmt=1617294243&rafmt=1&to=qs&pwprc=2532564415&psa=0&format=944x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617294243245&bpp=2&bdt=1189&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0&nras=2&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=2566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=4fm2NrDDDL&p=https%3A//www.six9ja.com&dtd=23
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:15:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
513
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5599
x-xss-protection
0
server
cafe
etag
2241650964481140939
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Apr 2021 16:15:31 GMT
l
www.google.com/ads/measurement/ Frame 324A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS4rOtZqhxUB51FAH2hXZsSqXLPsXqgukopKoeusubolWM61FVl2duWj9sBQ-rSLF55xmKNBsOvNWLk8-w4CyAxex565A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&adk=1818760845&adf=948552605&pi=t.aa~a.2550409821~rp.4&w=944&fwrn=4&fwrnh=100&lmt=1617294243&rafmt=1&to=qs&pwprc=2532564415&psa=0&format=944x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617294243245&bpp=2&bdt=1189&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0&nras=2&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=2566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=4fm2NrDDDL&p=https%3A//www.six9ja.com&dtd=23
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame BE1A 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15932177755558868945/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 04:49:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41682
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 02 Apr 2021 04:49:22 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame BE1A 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15932177755558868945/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 13:07:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11794
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 02 Apr 2021 13:07:30 GMT
HYPE-648.thin.min.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15932177755558868945/ Frame BE1A 		53 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15932177755558868945/HYPE-648.thin.min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15932177755558868945/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2baccefb5cede601d5fc018290c68a748e3199cf5c00cc77dbbf6491531d3592
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
187476
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23314
x-xss-protection
0
last-modified
Fri, 16 Aug 2019 15:12:27 GMT
server
sffe
date
Tue, 30 Mar 2021 12:19:28 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Mar 2022 12:19:28 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 3091
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
21 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&slotname=6837408304&adk=1360150036&adf=2948748179&pi=t.ma~as.6837408304&w=944&fwrn=4&fwrnh=100&lmt=1617294242&rafmt=1&psa=0&format=944x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617294242846&bpp=34&bdt=791&idt=124&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5725826493251&frm=20&pv=2&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=6argjYLcWQ&p=https%3A//www.six9ja.com&dtd=165
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlUNUDsB_XTiipnFyDTZ3HWL9by217OugW-BC1l9IqYoCiXdv_vOBXhGhbPxEk; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 01 Apr 2021 16:24:04 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Thu, 01-Apr-2021 17:24:04 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 01 Apr 2021 16:24:04 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 01 Apr 2021 16:24:04 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
c2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/images/ Frame B412 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/images/c2.jpg?1617143733365
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24cbca0ed88285ae9e7f36b5d44662d4cadd4ccdcc72e89c83b5291ce2950c11
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
132049
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8487
x-xss-protection
0
last-modified
Tue, 30 Mar 2021 23:37:47 GMT
server
sffe
date
Wed, 31 Mar 2021 03:43:15 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Mar 2022 03:43:15 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 3604
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
21 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&slotname=6837408304&adk=294907757&adf=3345755364&pi=t.ma~as.6837408304&w=540&fwrn=4&fwrnh=100&lmt=1617294243&rafmt=1&psa=0&format=540x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617294242880&bpp=8&bdt=824&idt=154&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=944x280&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=380&ady=1458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Kpy6BsD6hM&p=https%3A//www.six9ja.com&dtd=160
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlUNUDsB_XTiipnFyDTZ3HWL9by217OugW-BC1l9IqYoCiXdv_vOBXhGhbPxEk; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 01 Apr 2021 16:24:04 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Thu, 01-Apr-2021 17:24:04 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 01 Apr 2021 16:24:04 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 01 Apr 2021 16:24:04 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame B292 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&slotname=6837408304&adk=294907757&adf=3345755364&pi=t.ma~as.6837408304&w=540&fwrn=4&fwrnh=100&lmt=1617294243&rafmt=1&psa=0&format=540x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617294242880&bpp=8&bdt=824&idt=154&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=944x280&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=380&ady=1458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Kpy6BsD6hM&p=https%3A//www.six9ja.com&dtd=160
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
171e4490a3cc5595ef00086146585af13d272d4788e9ba28c5e311ed96e0d0e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 15:41:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2556
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20910
x-xss-protection
0
server
cafe
etag
12678503221648305187
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Thu, 01 Apr 2021 16:41:28 GMT
71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js
pagead2.googlesyndication.com/bg/ Frame 9E9E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&slotname=6837408304&adk=294907757&adf=3345755364&pi=t.ma~as.6837408304&w=540&fwrn=4&fwrnh=100&lmt=1617294243&rafmt=1&psa=0&format=540x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1617294242880&bpp=8&bdt=824&idt=154&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=944x280&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=380&ady=1458&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Kpy6BsD6hM&p=https%3A//www.six9ja.com&dtd=160
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef586bf784948e62385ac9952a5ff1485f8b794c6b29328b71b67038ba26bc4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 09:59:54 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
23050
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5693
x-xss-protection
0
expires
Fri, 01 Apr 2022 09:59:54 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 8A5B 		143 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&adk=1818760845&adf=948552605&pi=t.aa~a.2550409821~rp.4&w=944&fwrn=4&fwrnh=100&lmt=1617294243&rafmt=1&to=qs&pwprc=2532564415&psa=0&format=944x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617294243245&bpp=2&bdt=1189&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0&nras=2&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=2566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=4fm2NrDDDL&p=https%3A//www.six9ja.com&dtd=23
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&adk=1818760845&adf=948552605&pi=t.aa~a.2550409821~rp.4&w=944&fwrn=4&fwrnh=100&lmt=1617294243&rafmt=1&to=qs&pwprc=2532564415&psa=0&format=944x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617294243245&bpp=2&bdt=1189&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0&nras=2&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=2566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=4fm2NrDDDL&p=https%3A//www.six9ja.com&dtd=23
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlUNUDsB_XTiipnFyDTZ3HWL9by217OugW-BC1l9IqYoCiXdv_vOBXhGhbPxEk; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&adk=1818760845&adf=948552605&pi=t.aa~a.2550409821~rp.4&w=944&fwrn=4&fwrnh=100&lmt=1617294243&rafmt=1&to=qs&pwprc=2532564415&psa=0&format=944x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617294243245&bpp=2&bdt=1189&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0&nras=2&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=2566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=4fm2NrDDDL&p=https%3A//www.six9ja.com&dtd=23

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 01 Apr 2021 15:41:26 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2558
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
fischers-fritze-armband-leder-garnele-braun_320x100_2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15932177755558868945/ Frame BE1A 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15932177755558868945/fischers-fritze-armband-leder-garnele-braun_320x100_2.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15932177755558868945/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e35ffd892a450fd5b79c5e9b1bd04c86f891bcaf766b746f3c9eef8c4cec07b6
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
309535
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11292
x-xss-protection
0
last-modified
Fri, 16 Aug 2019 15:12:27 GMT
server
sffe
date
Mon, 29 Mar 2021 02:25:09 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Mar 2022 02:25:09 GMT
fischers-fritze-logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15932177755558868945/ Frame BE1A 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15932177755558868945/fischers-fritze-logo.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15932177755558868945/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d6cf8512c59dd4003d0bfda0972fea8429f16b1577b3a961280a199a2d76e05f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
19858
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1350
x-xss-protection
0
last-modified
Fri, 16 Aug 2019 15:12:27 GMT
server
sffe
date
Thu, 01 Apr 2021 10:53:06 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Apr 2022 10:53:06 GMT
fischers-fritze-manufaktur-armband_320x100_mood-1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15932177755558868945/ Frame BE1A 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15932177755558868945/fischers-fritze-manufaktur-armband_320x100_mood-1.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15932177755558868945/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
950261b3ddb871d07dc7a78da69f24d94123004542abdc73692407b427436f70
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
309535
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6627
x-xss-protection
0
last-modified
Fri, 16 Aug 2019 15:12:27 GMT
server
sffe
date
Mon, 29 Mar 2021 02:25:09 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Mar 2022 02:25:09 GMT
fischers-fritze-manufaktur-armband_320x100_mood-2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15932177755558868945/ Frame BE1A 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15932177755558868945/fischers-fritze-manufaktur-armband_320x100_mood-2.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15932177755558868945/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f0a768ef204a9a906b31362163a0ca29d23c42978abfe1842c6104ce1f39906
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
309535
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3712
x-xss-protection
0
last-modified
Fri, 16 Aug 2019 15:12:27 GMT
server
sffe
date
Mon, 29 Mar 2021 02:25:09 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Mar 2022 02:25:09 GMT
fischers-fritze-manufaktur-armband_320x100_txt.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15932177755558868945/ Frame BE1A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15932177755558868945/fischers-fritze-manufaktur-armband_320x100_txt.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15932177755558868945/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b4281bff9bc98326b9037d37a0991bc4130d9db3af0dbe6984e9e2ba2079fd9
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
309535
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1758
x-xss-protection
0
last-modified
Fri, 16 Aug 2019 15:12:27 GMT
server
sffe
date
Mon, 29 Mar 2021 02:25:09 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Mar 2022 02:25:09 GMT
fischers-fritze-armband-segeltau-garnele-rot_320x100_3-1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15932177755558868945/ Frame BE1A 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15932177755558868945/fischers-fritze-armband-segeltau-garnele-rot_320x100_3-1.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15932177755558868945/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db534bfdbc5b2683391e9ab78b1bcac3e0dad856e5a7196654d51839f859ba6a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
309535
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11901
x-xss-protection
0
last-modified
Fri, 16 Aug 2019 15:12:27 GMT
server
sffe
date
Mon, 29 Mar 2021 02:25:09 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Mar 2022 02:25:09 GMT
fischers-fritze-armband-segeltau-garnele-schwarz_320x100_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15932177755558868945/ Frame BE1A 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15932177755558868945/fischers-fritze-armband-segeltau-garnele-schwarz_320x100_1.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15932177755558868945/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d1c80c4a9e9c8ceac851d89cfdc4e75b8225f798aa15dc40fa84952cc6fd97e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
309535
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10418
x-xss-protection
0
last-modified
Fri, 16 Aug 2019 15:12:27 GMT
server
sffe
date
Mon, 29 Mar 2021 02:25:09 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Mar 2022 02:25:09 GMT
fischers-fritze-entdecken_320x100_btn.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15932177755558868945/ Frame BE1A 		556 B
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15932177755558868945/fischers-fritze-entdecken_320x100_btn.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15932177755558868945/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6cc3606186ad37907132b3193f0a7798a1ea96a6f9f1f07d4ff393bab5f87f2
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
309535
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
556
x-xss-protection
0
last-modified
Fri, 16 Aug 2019 15:12:27 GMT
server
sffe
date
Mon, 29 Mar 2021 02:25:09 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Mar 2022 02:25:09 GMT
truncated
/ Frame 324A 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f02a2c050f0e4b6c6e63f518455d7bcce1180051f05202a8010a495fb45b6f6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js
pagead2.googlesyndication.com/bg/ Frame B412 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef586bf784948e62385ac9952a5ff1485f8b794c6b29328b71b67038ba26bc4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 09:59:54 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
23050
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5693
x-xss-protection
0
expires
Fri, 01 Apr 2022 09:59:54 GMT
gen_csp
pagead2.googlesyndication.com/pagead/ Frame 324A 		0
23 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI2d-ca63e8CFUCFgwcd4NsO2A&gqi=o_NlYIn8EPOL7_UP36CJoA0&layout=/sadbundle/%24csp%253Der3%24/16298299648599657255/970x250_Crypto3_CYSEC/970x250_Crypto3_CYSEC.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&adk=1818760845&adf=948552605&pi=t.aa~a.2550409821~rp.4&w=944&fwrn=4&fwrnh=100&lmt=1617294243&rafmt=1&to=qs&pwprc=2532564415&psa=0&format=944x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617294243245&bpp=2&bdt=1189&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0&nras=2&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=2566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=4fm2NrDDDL&p=https%3A//www.six9ja.com&dtd=23
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:24:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js
pagead2.googlesyndication.com/bg/ Frame BB5C 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=123&adk=1489707140&adf=670491075&pi=t.aa~a.4190803023~rp.4&w=290&lmt=1617294243&nsk=16cf3da6&rafmt=11&pwprc=2532564415&psa=0&ad_type=text_image&format=290x123&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617294243245&bpp=1&bdt=1189&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0%2C944x280&nras=3&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=1228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Gove1c5gKU&p=https%3A//www.six9ja.com&dtd=28
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef586bf784948e62385ac9952a5ff1485f8b794c6b29328b71b67038ba26bc4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 09:59:54 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
23050
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5693
x-xss-protection
0
expires
Fri, 01 Apr 2022 09:59:54 GMT
c3.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/images/ Frame B412 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/images/c3.jpg?1617143733365
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c3b6a1bb44797d2090c3cd0df14e5930f21764bec666d2b642a7ce221a08380
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
132048
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8518
x-xss-protection
0
last-modified
Tue, 30 Mar 2021 23:37:47 GMT
server
sffe
date
Wed, 31 Mar 2021 03:43:16 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Mar 2022 03:43:16 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 0BCA 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/970x250_Crypto3_CYSEC.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 04:49:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41682
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 02 Apr 2021 04:49:22 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 0BCA 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/970x250_Crypto3_CYSEC.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 13:07:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11794
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 02 Apr 2021 13:07:30 GMT
createjs-2015.11.26.min.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/libs/ Frame 0BCA 		186 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/libs/createjs-2015.11.26.min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/970x250_Crypto3_CYSEC.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60f05d358e0777fa5948d114025fac40231d57ee6e877d44c3629518927a5091
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
132050
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49532
x-xss-protection
0
last-modified
Tue, 30 Mar 2021 23:37:47 GMT
server
sffe
date
Wed, 31 Mar 2021 03:43:14 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Mar 2022 03:43:14 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame D5C1
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
25 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=123&adk=1489707140&adf=2211370454&pi=t.aa~a.3457073377~rp.4&w=290&lmt=1617294243&nsk=27250076&rafmt=11&pwprc=2532564415&psa=0&ad_type=text_image&format=290x123&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&pra=3&wgl=1&fa=26&dt=1617294243245&bpp=1&bdt=1189&idt=1&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0%2C944x280%2C290x123&nras=4&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=982&ady=1352&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=y1CWDZxXdb&p=https%3A//www.six9ja.com&dtd=32
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlUNUDsB_XTiipnFyDTZ3HWL9by217OugW-BC1l9IqYoCiXdv_vOBXhGhbPxEk; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 01 Apr 2021 16:24:04 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Thu, 01-Apr-2021 17:24:04 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 01 Apr 2021 16:24:04 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 01 Apr 2021 16:24:04 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
c5.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/images/ Frame B412 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/images/c5.jpg?1617143733365
Requested by
Host: www.six9ja.com
URL: https://www.six9ja.com/biwom-ft-skales-jeje/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48bb8352a6dcfefa13c24ca11be58b98be7f6dd959147f65cff088117e5fe0b6
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
132048
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7161
x-xss-protection
0
last-modified
Tue, 30 Mar 2021 23:37:47 GMT
server
sffe
date
Wed, 31 Mar 2021 03:43:16 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Mar 2022 03:43:16 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 08B6 		42 B
66 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuzd8-2L-YM2oH4ZZYcNQymJcmcw0Mry61-Ik54nGgcyNpwFPnsqBjhuu0ohpKppbpR3iH2em-9RDAAL_HOr-viPxi_DhHPiLvI5LcQOoZ2jm0P1EtuiX6NZCt7aQ&sai=AMfl-YS0xOQn5XeysL0QfyP1HhTkWKh6OTGnKFW6CxB6xJRWY4T81p_ba5y1AV9J_DnUR9PVQbn7kSu8wSEM&sig=Cg0ArKJSzJpnJE3-SBZPEAE&id=osdim&mcvt=1126&p=289,328,532.3125,1272&mtos=1126,1126,1126,1126,1126&tos=1126,0,0,0,0&v=20210329&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=1360150036&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1617294243022&dlt=521&rpt=77&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:24:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame B292 		0
54 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kmz38hzx&ctx=2&gqid=o_NlYIn-Aq_M7_UP_PGOoAM&qqid=CNub68a63e8CFQeJdwodj18CRQ&met.6=6.1_Cg0YngUgRCoGCAQSAhABCg0Y0gYgYioGCAESAhABCgsY1wsgdioECAgSAAoLGIcNIFcqBAgHEgAKCxjeDSBXKgQICBIA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4019:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:24:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame B292 		0
54 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=2~kmz38i0m&ctx=2&gqid=o_NlYIn-Aq_M7_UP_PGOoAM&qqid=CNub68a63e8CFQeJdwodj18CRQ&met.4=fb.gy~lb.qb~ol.117~bdt.-rd~bpp.-49~idt.-7~dtd.-1~dt.-4h&met.3=422.m6~739.qc~740.ql_1~735.r6_2~555.rj~556.rj~422.ru~422.ru~740.rv~740.rv~740.rv~740.rw~740.rw~740.y7~738.111~740.11e~740.15d~740.1aa~113.1fh_5~112.1fg_7~246.1g3_2&met.1=1.kmz38gkh~6.0~7.0~8.0~9.0~10.0~12.1~13.ds~14.dt~15.e0~16.qc~17.qc~18.qd~19.111~20.111~21.117&met.7=CAUQCBgBMPEDOLsKaAFw8AN4p8UBgAH3xAGIAZn2BLABAbgBAw~CBcQBhgBIOAEKOAEMI4FOC5o5gRw_QR4mJYCgAGYlQKIAZiVArABAbgBAw~CBwQChgBIOAEKOAEMIcFOCdo5gRw9QR45zeAAcs3iAHriQGwAQG4AQM~CBwQChgBIOEEKOEEMIcFOCdo5wRw_AR4swqAAZcKiAHRE7ABAbgBAw~CBwQBhgBIOEEKOEEMIgFOCdo5wRw_AR4ugGAAUOIAUOwAQG4AQM~CCoQChgBIOEEKOEEMI0FOCw~CBwQChgBIOEEKOEEMIcFOCZo5wRw-wR4-yuAAd8riAGTZbABAbgBAw~CCEQBBgBIOcEKOcEMJYFOC9o6ARwkgV4FbABAbgBAw~CBwQChgBIOkEKOkEMIsFOCJo7QRwiAV4jFKAAe9RiAGZxwGwAQG4AQM~CCgQBRgBIMQGKMQGMMwHOIgBaMYHcMwHeLwBgAGRAYgBjwGwAQG4AQM~CCgQChgBINkKKNkKMJgMOL8BQNkKSN0KUN0KWMcLYPcKaMwLcPwLeNunAYABrqMBiAHHrwOwAQG4AQM
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4019:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:24:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 8A5B
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
156 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5735128798512661&output=html&h=280&adk=1818760845&adf=948552605&pi=t.aa~a.2550409821~rp.4&w=944&fwrn=4&fwrnh=100&lmt=1617294243&rafmt=1&to=qs&pwprc=2532564415&psa=0&format=944x280&url=https%3A%2F%2Fwww.six9ja.com%2Fbiwom-ft-skales-jeje%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1617294243245&bpp=2&bdt=1189&idt=-M&shv=r20210329&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D07dce75189c12507-22228a39f0ba00d4%3AT%3D1617294243%3ART%3D1617294243%3AS%3DALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw&prev_fmts=944x280%2C540x280%2C0x0&nras=2&correlator=5725826493251&frm=20&pv=1&ga_vid=84140124.1617294243&ga_sid=1617294243&ga_hid=606996059&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=2566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C44740079%2C44739387&oid=3&pvsid=3518599111769607&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=4fm2NrDDDL&p=https%3A//www.six9ja.com&dtd=23
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlUNUDsB_XTiipnFyDTZ3HWL9by217OugW-BC1l9IqYoCiXdv_vOBXhGhbPxEk; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 01 Apr 2021 16:24:05 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Thu, 01-Apr-2021 17:24:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 01 Apr 2021 16:24:05 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 01 Apr 2021 16:24:05 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
c1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/images/ Frame 0BCA 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/images/c1.jpg?1617143733365
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/libs/createjs-2015.11.26.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28e3c5ce90d833f2245c960fb702ddb9bc95c4d2c1708e5db0a4402a48282886
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
132050
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8769
x-xss-protection
0
last-modified
Tue, 30 Mar 2021 23:37:47 GMT
server
sffe
date
Wed, 31 Mar 2021 03:43:15 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Mar 2022 03:43:15 GMT
csi
csi.gstatic.com/ Frame B292 		0
331 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=3~kmz38i0n&ctx=2&gqid=o_NlYIn-Aq_M7_UP_PGOoAM&qqid=CNub68a63e8CFQeJdwodj18CRQ&met.6=6.1_CgwY1w4gtQIqBAgHEgA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4019:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:24:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js
pagead2.googlesyndication.com/bg/ Frame BE1A 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef586bf784948e62385ac9952a5ff1485f8b794c6b29328b71b67038ba26bc4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 09:59:54 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
23051
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5693
x-xss-protection
0
expires
Fri, 01 Apr 2022 09:59:54 GMT
c2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/images/ Frame 0BCA 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/images/c2.jpg?1617143733365
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/libs/createjs-2015.11.26.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24cbca0ed88285ae9e7f36b5d44662d4cadd4ccdcc72e89c83b5291ce2950c11
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
132050
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8487
x-xss-protection
0
last-modified
Tue, 30 Mar 2021 23:37:47 GMT
server
sffe
date
Wed, 31 Mar 2021 03:43:15 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Mar 2022 03:43:15 GMT
71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js
pagead2.googlesyndication.com/bg/ Frame 0BCA 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef586bf784948e62385ac9952a5ff1485f8b794c6b29328b71b67038ba26bc4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 09:59:54 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
23051
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5693
x-xss-protection
0
expires
Fri, 01 Apr 2022 09:59:54 GMT
c3.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/images/ Frame 0BCA 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/images/c3.jpg?1617143733365
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/libs/createjs-2015.11.26.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c3b6a1bb44797d2090c3cd0df14e5930f21764bec666d2b642a7ce221a08380
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
132049
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8518
x-xss-protection
0
last-modified
Tue, 30 Mar 2021 23:37:47 GMT
server
sffe
date
Wed, 31 Mar 2021 03:43:16 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Mar 2022 03:43:16 GMT
csi
csi.gstatic.com/ Frame B292 		0
54 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=4~kmz38i9z&ctx=2&gqid=o_NlYIn-Aq_M7_UP_PGOoAM&qqid=CNub68a63e8CFQeJdwodj18CRQ&met.6=6.1_CgsY5hEgUioECAcSAA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4019:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:24:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c5.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/images/ Frame 0BCA 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/images/c5.jpg?1617143733365
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16298299648599657255/970x250_Crypto3_CYSEC/libs/createjs-2015.11.26.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48bb8352a6dcfefa13c24ca11be58b98be7f6dd959147f65cff088117e5fe0b6
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
132049
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7161
x-xss-protection
0
last-modified
Tue, 30 Mar 2021 23:37:47 GMT
server
sffe
date
Wed, 31 Mar 2021 03:43:16 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Mar 2022 03:43:16 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210329&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210329/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5735128798512661&plah=www.six9ja.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d5c001e602a68cac688c46343921938a934f6aa125061b06337cbe4a90ec68a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.six9ja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 01 Apr 2021 16:24:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
csi
csi.gstatic.com/ Frame B292 		0
21 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=5~kmz38ie5&ctx=2&gqid=o_NlYIn-Aq_M7_UP_PGOoAM&qqid=CNub68a63e8CFQeJdwodj18CRQ&met.6=6.1_CgsY1hIgVCoECAcSAA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4019:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:24:06 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210329/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5735128798512661&plah=www.six9ja.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.six9ja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:24:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 01 Apr 2021 16:24:05 GMT
csi
csi.gstatic.com/ Frame B292 		0
318 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=6~kmz38ihe&ctx=2&gqid=o_NlYIn-Aq_M7_UP_PGOoAM&qqid=CNub68a63e8CFQeJdwodj18CRQ&met.6=6.1_CgwYxRMgtAIqBAgHEgA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4019:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:24:06 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 5C53 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.six9ja.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.six9ja.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Thu, 01 Apr 2021 15:13:16 GMT
expires
Fri, 01 Apr 2022 15:13:16 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
4250
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js
pagead2.googlesyndication.com/bg/ Frame 5C53 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef586bf784948e62385ac9952a5ff1485f8b794c6b29328b71b67038ba26bc4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 09:59:54 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
23052
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5693
x-xss-protection
0
expires
Fri, 01 Apr 2022 09:59:54 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210329&jk=3518599111769607&bg=!EBOlE1fNAAY56aLOOek7ACkAdvg8WqmcsdjSzL0Pz9WsM6srnLfD2ejhVhOEV0PNt3vhD7jPhS0k6QIAAAGFUgAAADJoAQcKAV5f1DnEso-0pgeRsei5l8scvH-kr5mnj8DcBZgfU5tSHdT04RmXAbcHJjTt_K5WWFDn98DB2uXiN1XOE12eNfgZNdSWjXUaIL6xaEOXsbnxUt0bImJg2oaP4SK7-vRhS5GLtk9s0eU6du87pNws3CLnQ_OaHnhS84xOfs3ZdM98bcRG_OvQl_Brl_hPXJc_WMl-aIB3TDm_SE9n6qSrOv1cAQvOS3Fsy7jnbEGWmFR0xQbb7YdrsIf7urPPjzvXVOfmuRwtYwBwGD1AAqI932OnZKxIzgQQ5Tip-rTwSvVIgeRqvtwY-o7KES4WZ5VSro3NNFAxMebF21FBuE2lHgBvYH92dbiQX3ROA5vwbUp9JrMX1qlg-jELvktQCPwhIYo5MxSmAK_t9keqXS2ogjMN-kLS8uni6wKEfiLJapGMsemtnGtPgyao3VZrN-4D9dYFeZb1CsvqWwtNfsIqoJkB03UWGG0oxPFe6O2JjIjw22n3a9kymt0lA8VHwQUNXYTj5nMPWNdt2bYt_R_4FqSYISpumdTZ1SyfL4zWWdHsnD9fHObKNzPtex6AHwdYrkqlaT9ZV-WxivT_fvJNEAR_l7_51bpg7nF1Z_sEvoT2rZXBx4KfJDSHkbEzWUrjh-NmC0asRylpyT7aHuKEUf5vr982YX65a6en_RU9dVTlKPqcW7OUMu_vqxxIwp3ttkUxMwycowgHpyJThE1FZinzgdJhS1HGGrGfjZATeVEM3-8FXJ2_wKtw9uFUVram5KL7b7sXh_AvimOkb_PhR6v_N93e3AdVRacwFBtivh-P9mBMNmF2xkaJ0GTMqyuFUDhh0FZM3klwiazGtdl7DfEu2MNbE-e-4Q1rsU2jrvlJieRoqRjGbepNDAUpb8zaKOWaklWBdtlTNCiFr1c-u_EFxPLVHN3Q008I23ApDUhdHRxK5jkB9Xixoe3WxlfuQ9DZu2s5TPgNOVFM36xulu6KdBQ3VbvjxjNW6DV0iqoBjQHnBlL5U-hRcrDdvpO29IWSRUFSdJyHizuikkAnsvpXexqUi9nOHrZF3u5bEGpCeNFgpQfQjsafN_T6WPiH3AQBfux6
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.six9ja.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:24:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame B292 		0
54 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=7~kmz38iqv&ctx=2&gqid=o_NlYIn-Aq_M7_UP_PGOoAM&qqid=CNub68a63e8CFQeJdwodj18CRQ&met.6=6.1_CgsYkUcgMyoECAcSAA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4019:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:24:12 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame B292 		0
44 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=8~kmz38nnb&ctx=2&gqid=o_NlYIn-Aq_M7_UP_PGOoAM&qqid=CNub68a63e8CFQeJdwodj18CRQ&met.6=6.1_CgwY10kguAEqBAgHEgA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4019:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:24:12 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame B292 		0
54 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=9~kmz38o1c&ctx=2&gqid=o_NlYIn-Aq_M7_UP_PGOoAM&qqid=CNub68a63e8CFQeJdwodj18CRQ&met.6=6.1_CgsYskwgNSoECAcSAA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4019:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:24:13 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame B292 		0
44 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=a~kmz38o5t&ctx=2&gqid=o_NlYIn-Aq_M7_UP_PGOoAM&qqid=CNub68a63e8CFQeJdwodj18CRQ&met.6=6.1_CgsYpk0gNCoECAcSAA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4019:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:24:13 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame B292 		0
54 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=b~kmz38oaa&ctx=2&gqid=o_NlYIn-Aq_M7_UP_PGOoAM&qqid=CNub68a63e8CFQeJdwodj18CRQ&met.6=6.1_CgsY3mcgYCoECAcSAA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4019:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 01 Apr 2021 16:24:16 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| advanced_ads_ready function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| addComment object| metro undefined| $ function| jQuery function| ClipboardJS object| jQuery112404015579362527004 object| ButtonWebConfig object| ak_js object| commentForm undefined| replyRowContainer undefined| children function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| __s object| instgrm object| GoogleGcLKhOms object| google_image_requests

6 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUlUNUDsB_XTiipnFyDTZ3HWL9by217OugW-BC1l9IqYoCiXdv_vOBXhGhbPxEk
.six9ja.com/ Name: _gid
Value: GA1.2.205909862.1617294243
.six9ja.com/ Name: __gads
Value: ID=07dce75189c12507-22228a39f0ba00d4:T=1617294243:RT=1617294243:S=ALNI_MY6le4JRaJ6JniJINHNXHe3xo_MVw
.six9ja.com/ Name: _gat
Value: 1
.six9ja.com/ Name: _ga
Value: GA1.2.84140124.1617294243

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
alerts.brand24.com
app.brand24.com
c0.wp.com
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
d.agkn.com
googleads.g.doubleclick.net
i0.wp.com
i1.wp.com
i2.wp.com
image6.pubmatic.com
images.dmca.com
metro.co.uk
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
platform.instagram.com
rtb.openx.net
secure.gravatar.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.instagram.com
www.six9ja.com
142.250.185.98
142.250.186.34
142.250.186.98
151.139.242.29
18.196.98.222
184.30.24.241
185.36.169.152
185.64.190.78
192.0.66.24
192.0.77.2
192.0.77.37
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:802::200e
2a00:1450:4001:808::2004
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:813::2002
2a00:1450:4001:828::2001
2a00:1450:4001:82b::200e
2a00:1450:4019:80d::2003
2a03:2880:f21c:81c4:face:b00c:0:43fe
2a03:2880:f21c:81e5:face:b00c:0:4420
2a04:fa87:fffe::c000:4902
2a05:d01c:1d8:8100:1c45:c4d6:f2b8:9306
35.227.252.103
45.93.125.48
46.248.167.111
69.173.144.139
03ba5c7cf6b680cfb496edf8c03f568aee99b4fd0143bb484a21d233a700e8a3
0515cbd1f8aee97e1c8e0d1d015ca96c86def13e90d2e73bf813072ccc23d531
0574d0dce2568ae38cbae366dd7384db15440f367fab67cbb92da01731d7f9de
0670cbb2ae61662de9d5ce521c8541d4280c78c0c0b0c69ec8ca5f10b22ef0a8
091e4dc60333ac414748b055b5e88170485ff8d63d624959cb31056aa9f5187d
0ac6cc258fdfc63e2665edbc37f487f2170bc5ae26364dbf8b03b6ad7717536f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e478163739cb83e1824b04ec47007afc3472f6d695ee5f3e673f6b0ff6bff8d
171e4490a3cc5595ef00086146585af13d272d4788e9ba28c5e311ed96e0d0e2
1772d8068cd4a6eb158e9a594a8cd36ed2d1e431e02fb89329b78674d5e24f5d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
223dbeaf95c21e29aad42c8656d9ad41dbe9497df36c95118158609625d95c53
24cbca0ed88285ae9e7f36b5d44662d4cadd4ccdcc72e89c83b5291ce2950c11
28e3c5ce90d833f2245c960fb702ddb9bc95c4d2c1708e5db0a4402a48282886
2b20365f044bf5e7ea42d8feda4fbc0e013bbf47f6360e449c14000bb42a01a5
2baccefb5cede601d5fc018290c68a748e3199cf5c00cc77dbbf6491531d3592
2f02a2c050f0e4b6c6e63f518455d7bcce1180051f05202a8010a495fb45b6f6
30bcdfeca28c11917d55c6fe13e3463ab3f1588939ac14f46bd4cdaed2b80689
311e18f635513141cf583a4fa0ac2828f450c8197eb57853475194676faaebe2
36b3f5a93d27d7519d736f048f2bf91c98c39620ca8795152c0b8286040cc975
3c8188db62816e6aa39e67913027e143a9ea4a89c27e51940495f971e637f8a8
3d1c80c4a9e9c8ceac851d89cfdc4e75b8225f798aa15dc40fa84952cc6fd97e
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
48bb8352a6dcfefa13c24ca11be58b98be7f6dd959147f65cff088117e5fe0b6
4c131a74d2f424e29ffb16d2b03fec20e3f0cae46c4f0aff594cdc8ade80c3ca
4d12d3b2191bfc36ec70e2d3cf1671cb0c4d775a52666e4e8ca252bc695a58c7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fe4c531ad07f47424e59d53aa3de2aaa74016f28b67fe5b42f15fb5656f2f5d
5447c58d256bdad7e05a7b9a29b4321797875b6fbca9285cdc5f313055ea4695
55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8
57f384548bea4d1b08f7f76fc17fd9946ab6da5d5827180ca9775f80e16dfdba
5afbda5418a2e55db38f1c6a553a5e199d357c943566ffcb29a42826c16edfd4
5b8a928f4f3f10dfaa0dbd56759845df77c19a0dcf0746313e187937ad50990f
5c3b6a1bb44797d2090c3cd0df14e5930f21764bec666d2b642a7ce221a08380
60f05d358e0777fa5948d114025fac40231d57ee6e877d44c3629518927a5091
66c0077eef618bd8250af1ae8b23c42cf5579ce34b443ecc681f44b1000e09ba
677aa9dee78a5460da047f56435e017928741ca64725a1610bcff656d7dfa6c5
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6b4281bff9bc98326b9037d37a0991bc4130d9db3af0dbe6984e9e2ba2079fd9
6fead81d343f693107904c5577dfd9642bb6ec751e305860c940fdcb5e6c4ae8
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74acf95799c9a52c402ca83d810ff8acb201722fae42f5cd42170c15d120cff0
7c1725b114b05a35311914eda9267b46175efe2f6b5cc2f02dccca29f041c7f9
7c207e04d129700834b60ba280b807a50abde8f92aa41d56625b71d12a452b0a
7d04f71980a71ec94212af76cfe6f70e561b0cd191a0031ee614205a48a1b6be
7d5c001e602a68cac688c46343921938a934f6aa125061b06337cbe4a90ec68a
7ee8a97200cf0e24af175070d017d0bdabe6c619ede7bf7c5585e90de0f39798
7f0a768ef204a9a906b31362163a0ca29d23c42978abfe1842c6104ce1f39906
80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825
8524acfa6fed131b8a58e0e575e95a9cc3bbbb89b68da2d787451a41d80ddd72
86e32c9744cda0851f4d4058fb9456377df7aca82b8fe5362a90569bd6b0181d
87f8949474cd91befeb181b57d5a23ed43de14241d24de3f671b36eedb7c4d32
895f1ced1e3a52178396e7b7b53815574c73553fb39b55ed08cc7cf6e47b49ab
8c5b2233a1490990c490c6f5d67d44286716438a18236489bc17d37fb55ca174
8ed4a45959c8f6bcf187a0b3152adfb602091cb23d0f4f7bc2ee900b4f9c07dd
92f037cd9be94ba043d27e8933498bf3bf0184b968ae7493ec30b1d65110a29d
950261b3ddb871d07dc7a78da69f24d94123004542abdc73692407b427436f70
95c559e292078efb159e4c9b2eaa2bef6511671bb0f04b83da335ec676983add
96bbf4f9521f17f3be8143f5c7b7918869757bdae7eee27f6d5bd83809cd4f32
98266fe3b7307262c82f1e7813c263dfe9e3c89bf746203b0b452e9bebb15a85
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e8dfa52c19fc0bf5755290f2333cd03ae1636b633bc89749acec72ea1beb23c
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ab21fef3ac4ee12ebb305942f85de99b290b8a24654c69060e54673d5f3a11f2
ac5146f7b88a90b462afbd3a689ec439b49751b4246035c9a3e661b1a46aa1a9
b6cc3606186ad37907132b3193f0a7798a1ea96a6f9f1f07d4ff393bab5f87f2
ba7aaf4cd52d6cce9922da400ad02765ce9c4c758e16cec63193dabf2d5d118f
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
bf73cd609ddd82653a89fc23817d8be234f8e810d8d8990c5e003c7f47a2411a
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d6cf8512c59dd4003d0bfda0972fea8429f16b1577b3a961280a199a2d76e05f
db534bfdbc5b2683391e9ab78b1bcac3e0dad856e5a7196654d51839f859ba6a
dd4811a3c25a19829a79400d6b25cef019ceb6bed8ceddc2f5ba320ff576aa94
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
e35ffd892a450fd5b79c5e9b1bd04c86f891bcaf766b746f3c9eef8c4cec07b6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
e8e8e378320ab484ce019771e2bcf33333e07e8c18273ca91296496827a2024f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef586bf784948e62385ac9952a5ff1485f8b794c6b29328b71b67038ba26bc4f
f08484455172d31ef5c551a8228f73cd46f334707d09677aa3e53d73483a8c9c
f19b2b7a7f705f29b8b651aa204ac34d25bcaa85945f831ce49ec9c846645ad7
f2beb70af9e911540e9b3f26957562493dfd86e571b06a07ab680f607d54a7d3
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f87dea1989dd5439139cc3ac93b9bd6c8555e4b265ddfb4df8428770e45afd9c
f8c265ace563dbb07896bec0a04493345fc40ace8853199e3c33775a02389caf
fe72e710fa08ea724842080b779a946a2ef297a1337c14e53423fc53269fe98f