9japaypal.com Open in urlscan Pro
185.141.190.66 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.9japaypal.com/
Effective URL:
https://9japaypal.com/
Submission: On August 26 via api (August 26th 2021, 4:01:51 pm UTC) from US

Summary HTTP 100 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 21 IPs in 2 countries across 14 domains to perform 100 HTTP transactions. The main IP is 185.141.190.66, located in United States and belongs to A2HOSTING, US. The main domain is 9japaypal.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 25th 2021. Valid for: 3 months.

This is the only time 9japaypal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 33	185.141.190.66 185.141.190.66	55293 (A2HOSTING) (A2HOSTING)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
5	35.156.27.17 35.156.27.17	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2006	15169 (GOOGLE) (GOOGLE)
100	21

33 185.141.190.66 (United States) 1 redirects

ASN55293 (A2HOSTING, US)
PTR: 185.141.190.66.static.supercp.com

www.9japaypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
9japaypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.156.27.17 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-27-17.eu-central-1.compute.amazonaws.com

www.ngnrates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	9japaypal.com 1 redirects www.9japaypal.com 9japaypal.com	2 MB
28	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	349 KB
13	doubleclick.net googleads.g.doubleclick.net static.doubleclick.net	186 KB
6	google.com 2 redirects adservice.google.com www.google.com	899 B
5	ngnrates.com www.ngnrates.com	179 KB
3	googletagservices.com www.googletagservices.com	102 KB
3	google-analytics.com www.google-analytics.com	39 KB
3	gstatic.com fonts.gstatic.com	70 KB
2	google.de adservice.google.de	1018 B
2	wp.com stats.wp.com pixel.wp.com	3 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	googleadservices.com partner.googleadservices.com	660 B
1	googletagmanager.com www.googletagmanager.com	40 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	7 KB
100	14

	Domain	Requested by
32	9japaypal.com	9japaypal.com
19	tpc.googlesyndication.com	9japaypal.com googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com 9japaypal.com googleads.g.doubleclick.net
9	pagead2.googlesyndication.com	9japaypal.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
5	www.ngnrates.com	9japaypal.com www.ngnrates.com
4	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
3	static.doubleclick.net	googleads.g.doubleclick.net
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.ngnrates.com
3	fonts.gstatic.com	fonts.googleapis.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	fonts.googleapis.com	9japaypal.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	pixel.wp.com	9japaypal.com
1	stats.wp.com	9japaypal.com
1	www.googletagmanager.com	9japaypal.com
1	maxcdn.bootstrapcdn.com	9japaypal.com
1	www.9japaypal.com	1 redirects
100	19

This site contains links to these domains. Also see Links.

Domain
www.ngnrates.com

Subject Issuer	Validity	Valid
9japaypal.com cPanel, Inc. Certification Authority	`2021-08-25` - `2021-11-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
www.ngnrates.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-16` - `2022-11-14`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://9japaypal.com/
Frame ID: 6A8FB6E6BA15A4905EEDEAE3ED151AE6
Requests: 54 HTTP requests in this frame

Frame: https://www.ngnrates.com/currency-converter/widget
Frame ID: 9A019ACD88C74038738D96C2041B7313
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210823/r20190131/zrt_lookup.html
Frame ID: 6E2223D55BC614AD346FCD8705589921
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1686098584668761&output=html&adk=1812271804&adf=3025194257&lmt=1629993691&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2F9japaypal.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629993690756&bpp=3&bdt=355&idt=235&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8745212543174&frm=20&pv=2&ga_vid=1081010891.1629993691&ga_sid=1629993691&ga_hid=185773341&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44748553%2C31062297&oid=3&pvsid=961803692741856&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=284
Frame ID: C7F76D1E3765F2C7FE484BB24B030CD8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1686098584668761&output=html&h=600&adk=241328492&adf=3582897403&pi=t.aa~a.3233537607~rp.4&w=294&fwrn=4&fwrnh=100&lmt=1629993691&rafmt=1&to=qs&pwprc=8278583418&tp=site_kit&psa=0&format=294x600&url=https%3A%2F%2F9japaypal.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629993691537&bpp=3&bdt=1135&idt=-M&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8745212543174&frm=20&pv=1&ga_vid=1081010891.1629993691&ga_sid=1629993691&ga_hid=185773341&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=996&ady=1216&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44748553%2C31062297&oid=3&pvsid=961803692741856&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vOobe9CpE1&p=https%3A//9japaypal.com&dtd=32
Frame ID: 44FB2BFAAB823FE9533D7F5DE6843BE6
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1686098584668761&output=html&h=240&adk=3859362167&adf=3784567859&pi=t.aa~a.3059151465~rp.2&w=254&fwrn=4&fwrnh=100&lmt=1629993691&rafmt=1&to=qs&pwprc=8278583418&tp=site_kit&psa=0&format=254x240&url=https%3A%2F%2F9japaypal.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629993691537&bpp=1&bdt=1136&idt=1&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C294x600&nras=3&correlator=8745212543174&frm=20&pv=1&ga_vid=1081010891.1629993691&ga_sid=1629993691&ga_hid=185773341&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1016&ady=1856&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44748553%2C31062297&oid=3&pvsid=961803692741856&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=n063hRMV84&p=https%3A//9japaypal.com&dtd=40
Frame ID: 5094CB64D766F5CF9FDDA06B51D0FFD7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10557135749935155174/index.html
Frame ID: C50C423342DBBD28D79E27937937BB84
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CP5kp27onYZHJJJWegQes8L6YBIiNzKtk5L_H2uYNku6whfYjEAEgiOv0igFglQKgAfjg9PoDyAEJqQJSS9SwqcGzPqgDAcgDSKoEvwFP0PzmzzpTRwRJHss_Rh414rvtwMaR6-f4MMhJT1-HCinw5ldN7gcbsAXIshvDsENItcyZbwFKjHKtSRI0dea4zFkj9cXRkKDIy6mKcTOi_qz_CtF270YnRfjfTuHmVdn6xhGpND1m5WDdo5en5I_c4AKwHrT5dWuRKGEgOhFP5zfw_9ywCW2gXi1aJyk4kBFniExb3njkrN7qVeXOZCjAq2QVfrFCPgc-HayrHWG8lwt0d1DpTDylUrIdWaKIxcAEtZrDtMIDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_CeiwWoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcA8gcEEIfuCdIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAESFHB1Yi0xNjg2MDk4NTg0NjY4NzYxGAA&sigh=yAcDW6vG09c&template_id=419
Frame ID: EB3FD98B6D0DB930F54E7456E4CCD04A
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 38ECAB549A8D8639112FE476648A92BE
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 324D51554D375C265234F5706715829A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/UDeKqTBFYaEY2ioWtDs_l49rHnl3Z0jd0o7HlKSj4tA.js
Frame ID: F5ECE28F7D77E6CC699C2E9B4F4CF26D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 6B0E7B2B309C169E1853F0DB05DB394F
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 61DACBFC8D4E5936812FD914E5377010
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.9japaypal.com/ HTTP 301
https://9japaypal.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

100
Requests

100 %
HTTPS

80 %
IPv6

14
Domains

19
Subdomains

21
IPs

2
Countries

3364 kB
Transfer

6045 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ngnrates.com/
Title: Daily Naira Rates on 9japaypal.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.9japaypal.com/ HTTP 301
https://9japaypal.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 91

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

100 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
9japaypal.com/
Redirect Chain

https://www.9japaypal.com/
https://9japaypal.com/

76 KB
16 KB

1253ms
1189ms

Document
text/html

185.141.190.66
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://9japaypal.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.141.190.66 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

185.141.190.66.static.supercp.com

Software

Apache / PHP/7.2.34

Resource Hash

f1e1c4b018d72dcd5272ce7820cb78f135fb878711515d7e48b251c3a3718749

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Host: 9japaypal.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 16:01:29 GMT
Server: Apache
X-Powered-By: PHP/7.2.34
X-UA-Compatible: IE=edge
Link: <https://9japaypal.com/wp-json/>; rel="https://api.w.org/", <https://9japaypal.com/wp-json/wp/v2/pages/238>; rel="alternate"; type="application/json", <https://9japaypal.com/>; rel=shortlink
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Content-Length: 15397
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Thu, 26 Aug 2021 16:01:27 GMT
Server: Apache
X-Powered-By: PHP/7.2.34
X-UA-Compatible: IE=edge
X-Redirect-By: WordPress
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Location: https://9japaypal.com/
Referrer-Policy: no-referrer-when-downgrade
Content-Length: 0
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK autoptimize_d2926453ada0e5136395e2b585347f19.css
9japaypal.com/wp-content/cache/autoptimize/css/ 780 KB
154 KB 54ms
45ms Stylesheet
text/css 185.141.190.66
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://9japaypal.com/wp-content/cache/autoptimize/css/autoptimize_d2926453ada0e5136395e2b585347f19.css

Requested by

Host: 9japaypal.com
URL: https://9japaypal.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.141.190.66 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

185.141.190.66.static.supercp.com

Software

Apache /

Resource Hash

c197be9b52531e532c94fece60ee556c0f4edea41d496c95c7875460715676ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 9japaypal.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://9japaypal.com/
Connection: keep-alive
Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 16:01:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
Vary: Accept-Encoding
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 25 Aug 2021 08:31:15 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "c2f6a-5ca5e12de9859-gzip"
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: text/css
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=499
Expires: Tue, 16 Aug 2022 16:01:30 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 21ms
19ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?ver=5.7.2

Requested by

Host: 9japaypal.com
URL: https://9japaypal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 16:01:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617, 617
age: 9125915
cdn-cachedat: 2021-05-13 03:01:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 046fb5160f8288f8e4ef786cfc38ee95
cf-ray: 684e47750870434b-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 415 B
440 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=IM+Fell+French+Canon+SC%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100i%2C200i%2C300i%2C400i%2C500i%2C600i%2C700i%2C800i%2C900i&subset=latin&ver=5.7.2

Requested by

Host: 9japaypal.com
URL: https://9japaypal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

228f0cc52066fcd6faebea2fedd1f09b1598f652b10ba7fcde51d44bbc165634

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 26 Aug 2021 16:01:30 GMT
server: ESF
date: Thu, 26 Aug 2021 16:01:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 26 Aug 2021 16:01:30 GMT

GET
H/1.1 200
OK autoptimize_single_2c9e38fdad6084a78877fc7b018d185f.css
9japaypal.com/wp-content/cache/autoptimize/css/ 1011 B
915 B 98ms
35ms Stylesheet
text/css 185.141.190.66
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://9japaypal.com/wp-content/cache/autoptimize/css/autoptimize_single_2c9e38fdad6084a78877fc7b018d185f.css?ver=1602298812

Requested by

Host: 9japaypal.com
URL: https://9japaypal.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.141.190.66 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

185.141.190.66.static.supercp.com

Software

Apache /

Resource Hash

81314bcde79f0ba3305d5199158bc537dff6ceee88f49516fabbe9bb6c787bfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 9japaypal.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://9japaypal.com/
Connection: keep-alive
Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 16:01:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 345
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 25 Aug 2021 08:31:15 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "3f3-5ca5e12dc8902-gzip"
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: text/css
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=500
Expires: Tue, 16 Aug 2022 16:01:30 GMT

GET
H/1.1 200
OK autoptimize_single_c1587c37cb07d33dcbada25b5c5c2dce.css
9japaypal.com/wp-content/cache/autoptimize/css/ 8 KB
1 KB 98ms
35ms Stylesheet
text/css 185.141.190.66
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://9japaypal.com/wp-content/cache/autoptimize/css/autoptimize_single_c1587c37cb07d33dcbada25b5c5c2dce.css?ver=1602298812

Requested by

Host: 9japaypal.com
URL: https://9japaypal.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.141.190.66 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

185.141.190.66.static.supercp.com

Software

Apache /

Resource Hash

fa2eba553dc7fe5f4c24de7396a340a437f3901928ef6de7e2750c37bfb557c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 9japaypal.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://9japaypal.com/
Connection: keep-alive
Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 16:01:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 782
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 25 Aug 2021 08:31:15 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "2197-5ca5e12dc94ba-gzip"
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: text/css
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=500
Expires: Tue, 16 Aug 2022 16:01:30 GMT

GET
H/1.1 200
OK autoptimize_single_42b33ef07114ffad085a151e62802625.css
9japaypal.com/wp-content/cache/autoptimize/css/ 5 KB
1 KB 100ms
36ms Stylesheet
text/css 185.141.190.66
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://9japaypal.com/wp-content/cache/autoptimize/css/autoptimize_single_42b33ef07114ffad085a151e62802625.css?ver=1626172072

Requested by

Host: 9japaypal.com
URL: https://9japaypal.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.141.190.66 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

185.141.190.66.static.supercp.com

Software

Apache /

Resource Hash

672a49d934074051f8bf978911a8722276fa159cceecb17d83e56e108e2805c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 9japaypal.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://9japaypal.com/
Connection: keep-alive
Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 16:01:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 548
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 25 Aug 2021 08:31:15 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "12c0-5ca5e12dca072-gzip"
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: text/css
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=500
Expires: Tue, 16 Aug 2022 16:01:30 GMT

GET
H2 200 css
fonts.googleapis.com/ 42 KB
2 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.7.2

Requested by

Host: 9japaypal.com
URL: https://9japaypal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

30a949187cdd1c73e43b3bdee9398a9ae27f403a9481999fc9f5f946d8af0079

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 26 Aug 2021 15:33:44 GMT
server: ESF
date: Thu, 26 Aug 2021 16:01:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 26 Aug 2021 16:01:30 GMT

GET
H/1.1 200
OK jquery.min.js Show response
9japaypal.com/wp-includes/js/jquery/ 87 KB
31 KB 109ms
43ms Script
application/x-javascript 185.141.190.66
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://9japaypal.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Requested by

Host: 9japaypal.com
URL: https://9japaypal.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.141.190.66 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

185.141.190.66.static.supercp.com

Software

Apache /

Resource Hash

60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 9japaypal.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://9japaypal.com/
Connection: keep-alive
Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 16:01:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 30916
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 16 Mar 2021 14:28:06 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "15d98-5bda82cc67226-gzip"
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=500
Expires: Fri, 26 Aug 2022 16:01:30 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
40 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-179187549-1

Requested by

Host: 9japaypal.com
URL: https://9japaypal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c45b4d9e5b4d77ba26862157dd0b9e4d52d61ffa37d897b1a6d21ecce89f6235

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 16:01:30 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41234
x-xss-protection: 0
last-modified: Thu, 26 Aug 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 26 Aug 2021 16:01:30 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 71ms
49ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 9japaypal.com
URL: https://9japaypal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6aada20fd43e169cf66bccc397c5848368892f7920bd515452b8c3219f256be6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 16:01:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49988
x-xss-protection: 0
server: cafe
etag: 3010167679272132319
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 26 Aug 2021 16:01:30 GMT

GET
H/1.1 200
OK cropped-LogoMakr_9MIo5J.png
9japaypal.com/wp-content/uploads/2020/10/ 4 KB
5 KB 40ms
37ms Image
image/png 185.141.190.66
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9japaypal.com/wp-content/uploads/2020/10/cropped-LogoMakr_9MIo5J.png

Requested by

Host: 9japaypal.com
URL: https://9japaypal.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.141.190.66 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

185.141.190.66.static.supercp.com

Software

Apache /

Resource Hash

65d4897f822321b026af9391f81aeeb7d17625b790318d64f9b455bedfeab1eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 9japaypal.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://9japaypal.com/
Connection: keep-alive
Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 16:01:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 4242
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 12 Oct 2020 01:11:19 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "107b-5b16ef9d21440-gzip"
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=499
Expires: Fri, 26 Aug 2022 16:01:30 GMT

GET
H/1.1 200
OK USSD.png
9japaypal.com/wp-content/uploads/2021/06/ 5 KB
5 KB 42ms
40ms Image
image/png 185.141.190.66
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9japaypal.com/wp-content/uploads/2021/06/USSD.png

Requested by

Host: 9japaypal.com
URL: https://9japaypal.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.141.190.66 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

185.141.190.66.static.supercp.com

Software

Apache /

Resource Hash

07c80e7e21d1cd6fbabf605e3223b961745b390b4b7e341dcde9eb31de58849a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 9japaypal.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://9japaypal.com/
Connection: keep-alive
Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 16:01:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 4683
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 24 Jun 2021 13:00:04 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "143a-5c5829a083d80-gzip"
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=499
Expires: Fri, 26 Aug 2022 16:01:30 GMT

GET
H/1.1 200
OK money-services.jpg
9japaypal.com/wp-content/uploads/2021/07/ 41 KB
42 KB 43ms
41ms Image
image/jpeg 185.141.190.66
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9japaypal.com/wp-content/uploads/2021/07/money-services.jpg

Requested by

Host: 9japaypal.com
URL: https://9japaypal.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.141.190.66 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

185.141.190.66.static.supercp.com

Software

Apache /

Resource Hash

d06d0130752351092111d50d2b40c2006750758465ba4f5113c6ee5b51cbe847

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 9japaypal.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://9japaypal.com/
Connection: keep-alive
Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 16:01:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 42151
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 13 Jul 2021 06:10:01 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "a4fd-5c6fb169c7443-gzip"
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: image/jpeg
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=499
Expires: Fri, 26 Aug 2022 16:01:30 GMT

GET
H/1.1 200
OK mobile-money.jpeg
9japaypal.com/wp-content/uploads/2021/07/ 308 KB
309 KB 38ms
36ms Image
image/jpeg 185.141.190.66
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9japaypal.com/wp-content/uploads/2021/07/mobile-money.jpeg

Requested by

Host: 9japaypal.com
URL: https://9japaypal.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.141.190.66 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

185.141.190.66.static.supercp.com

Software

Apache /

Resource Hash

3d62a87e7d1d4b0f651eeadf4906bf639747f0860ad8aeecd8269e7e4502ea32

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 9japaypal.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://9japaypal.com/
Connection: keep-alive
Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 16:01:30 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 12 Jul 2021 17:43:47 GMT
Server: Apache
ETag: "4d026-5c6f0a9d9e41f"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Content-Type: image/jpeg
Cache-Control: max-age=604800, public
Strict-Transport-Security: max-age=63072000; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=498
Content-Length: 315430
X-Content-Type-Options: nosniff
Expires: Fri, 26 Aug 2022 16:01:30 GMT

GET
H/1.1 200
OK Fuel-price-nigeria.jpg
9japaypal.com/wp-content/uploads/2021/07/ 90 KB
91 KB 43ms
41ms Image
image/jpeg 185.141.190.66
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9japaypal.com/wp-content/uploads/2021/07/Fuel-price-nigeria.jpg

Requested by

Host: 9japaypal.com
URL: https://9japaypal.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.141.190.66 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

185.141.190.66.static.supercp.com

Software

Apache /

Resource Hash

0bbc88528657c36ea6a5266bb4ba58405c5d34022f4480265bd462c1f5096040

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 9japaypal.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://9japaypal.com/
Connection: keep-alive
Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 16:01:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
Vary: Accept-Encoding
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 08 Jul 2021 09:38:10 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "169d3-5c69969bfe2c2-gzip"
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: image/jpeg
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=500
Expires: Fri, 26 Aug 2022 16:01:30 GMT

GET
H/1.1 200
OK ussdt-crypto.jpg
9japaypal.com/wp-content/uploads/2021/07/ 13 KB
13 KB 39ms
39ms Image
image/jpeg 185.141.190.66
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9japaypal.com/wp-content/uploads/2021/07/ussdt-crypto.jpg

Requested by

Host: 9japaypal.com
URL: https://9japaypal.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.141.190.66 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

185.141.190.66.static.supercp.com

Software

Apache /

Resource Hash

f876826d7d1588f8d2f01e671b9b788d68b176ab51d2aaea26f0c64a15bf94cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 9japaypal.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://9japaypal.com/
Connection: keep-alive
Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 16:01:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 13134
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 07 Jul 2021 21:55:28 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "33bb-5c68f98b5baa4-gzip"
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: image/jpeg
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=498
Expires: Fri, 26 Aug 2022 16:01:30 GMT

GET
H/1.1 200
OK fairmoney.jpg
9japaypal.com/wp-content/uploads/2021/07/ 6 KB
7 KB 37ms
36ms Image
image/jpeg 185.141.190.66
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9japaypal.com/wp-content/uploads/2021/07/fairmoney.jpg

Requested by

Host: 9japaypal.com
URL: https://9japaypal.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.141.190.66 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

185.141.190.66.static.supercp.com

Software

Apache /

Resource Hash

dc28014f904e3bf130ebcd1dc4242870f70d956375477a0b316ed743531de5d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 9japaypal.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://9japaypal.com/
Connection: keep-alive
Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 16:01:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 6316
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Sat, 03 Jul 2021 21:28:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "18a1-5c63ec1b16f14-gzip"
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: image/jpeg
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=498
Expires: Fri, 26 Aug 2022 16:01:30 GMT

GET
H/1.1 200
OK Take-a-look-at-my-Canva-design.png
9japaypal.com/wp-content/uploads/2021/06/ 1 MB
1 MB 38ms
38ms Image
image/png 185.141.190.66
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9japaypal.com/wp-content/uploads/2021/06/Take-a-look-at-my-Canva-design.png

Requested by

Host: 9japaypal.com
URL: https://9japaypal.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.141.190.66 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

185.141.190.66.static.supercp.com

Software

Apache /

Resource Hash

df0645c7b74b5c9f004ff667f41f77c992f5f9645c4a8692c271acbdd7d47879

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 9japaypal.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://9japaypal.com/
Connection: keep-alive
Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 16:01:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
Vary: Accept-Encoding
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 25 Jun 2021 15:54:51 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "11e3c3-5c59928fdb4dd-gzip"
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=497
Expires: Fri, 26 Aug 2022 16:01:30 GMT

GET
H/1.1 200
OK bitcoin31.png
9japaypal.com/wp-content/uploads/2021/03/ 111 KB
111 KB 38ms
38ms Image
image/png 185.141.190.66
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9japaypal.com/wp-content/uploads/2021/03/bitcoin31.png

Requested by

Host: 9japaypal.com
URL: https://9japaypal.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.141.190.66 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

185.141.190.66.static.supercp.com

Software

Apache /

Resource Hash

eb5b7ab2ceadf41bcfde962ba35afd9bad9ac6a4c5c4089cea7b0b96bd7e7e3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 9japaypal.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://9japaypal.com/
Connection: keep-alive
Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 16:01:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
Vary: Accept-Encoding
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 22 Mar 2021 14:57:28 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "1ba15-5be2148cb9d0e-gzip"
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=497
Expires: Fri, 26 Aug 2022 16:01:30 GMT

GET
H/1.1 200
OK Excess_crude_account1.png
9japaypal.com/wp-content/uploads/2021/03/ 101 KB
102 KB 35ms
35ms Image
image/png 185.141.190.66
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9japaypal.com/wp-content/uploads/2021/03/Excess_crude_account1.png

Requested by

Host: 9japaypal.com
URL: https://9japaypal.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.141.190.66 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

185.141.190.66.static.supercp.com

Software

Apache /

Resource Hash

0cccbc85300e96fda113529a7fd67274ce970c77b4e2839f704e8c219d9647ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 9japaypal.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://9japaypal.com/
Connection: keep-alive
Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 16:01:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
Vary: Accept-Encoding
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 19 Mar 2021 10:28:31 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "19543-5bde12d71e703-gzip"
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=498
Expires: Fri, 26 Aug 2022 16:01:30 GMT

GET
H/1.1 200
OK wp-polyfill.min.js Show response
9japaypal.com/wp-includes/js/dist/vendor/ 97 KB
34 KB 47ms
47ms Script
application/x-javascript 185.141.190.66
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://9japaypal.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4

Requested by

Host: 9japaypal.com
URL: https://9japaypal.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.141.190.66 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

185.141.190.66.static.supercp.com

Software

Apache /

Resource Hash

d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 9japaypal.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://9japaypal.com/
Connection: keep-alive
Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 16:01:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 34241
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 28 Sep 2020 12:43:07 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "183ee-5b05f0223b00b-gzip"
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=499
Expires: Fri, 26 Aug 2022 16:01:30 GMT

GET
H2 200 e-202134.js Show response
stats.wp.com/ 9 KB
3 KB 23ms
22ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202134.js
Requested by: Host: 9japaypal.com
URL: https://9japaypal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT hhn
date: Thu, 26 Aug 2021 16:01:30 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 14 Aug 2022 17:35:36 GMT

GET
H/1.1 200
OK autoptimize_dceea6d1dc51bafe73cc5c5e2d12750e.js Show response
9japaypal.com/wp-content/cache/autoptimize/js/ 627 KB
168 KB 50ms
49ms Script
application/x-javascript 185.141.190.66
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://9japaypal.com/wp-content/cache/autoptimize/js/autoptimize_dceea6d1dc51bafe73cc5c5e2d12750e.js

Requested by

Host: 9japaypal.com
URL: https://9japaypal.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.141.190.66 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

185.141.190.66.static.supercp.com

Software

Apache /

Resource Hash

afff128501f5a39909ff59f505d74b143e7c34b20bfce3ce22b272125539cda5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 9japaypal.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://9japaypal.com/
Connection: keep-alive
Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 16:01:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
Vary: Accept-Encoding
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 25 Aug 2021 08:31:15 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "9cb70-5ca5e12dc61f2-gzip"
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=497
Expires: Fri, 26 Aug 2022 16:01:30 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
9japaypal.com/wp-includes/js/ 14 KB
5 KB 41ms
39ms Script
application/x-javascript 185.141.190.66
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://9japaypal.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2

Requested by

Host: 9japaypal.com
URL: https://9japaypal.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.141.190.66 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

185.141.190.66.static.supercp.com

Software

Apache /

Resource Hash

0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 9japaypal.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://9japaypal.com/
Connection: keep-alive
Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 16:01:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 4662
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 16 Mar 2021 14:28:04 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "3795-5bda82ca9030a-gzip"
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=497
Expires: Fri, 26 Aug 2022 16:01:30 GMT

GET
H2 200 widget Show response
www.ngnrates.com/currency-converter/ Frame 9A01 268 KB
36 KB 92ms
36ms Document
text/html 35.156.27.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ngnrates.com/currency-converter/widget
Requested by: Host: 9japaypal.com
URL: https://9japaypal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.156.27.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-27-17.eu-central-1.compute.amazonaws.com
Software: nginx/1.12.1 / Express
Resource Hash: f96b10d6210322305a1d6e2ff19119ebf4e1b869e94748614b7ae2ed3599b12d

Request headers

:method: GET
:authority: www.ngnrates.com
:scheme: https
:path: /currency-converter/widget
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://9japaypal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://9japaypal.com/

Response headers

server: nginx/1.12.1
date: Thu, 26 Aug 2021 16:01:30 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
content-language: en
etag: W/"42e76-2339411777"
set-cookie: connect.sid=s%3AR3ifvCNKlb1WB-ubk8unBU6cA36yph74.In6vEAtOzejL1K4ydCHr%2F2Z75mcmL0nzC%2Be0dgBjVmA; Path=/; HttpOnly
vary: Accept-Encoding
content-encoding: gzip

GET
H/1.1 200
OK Simple-Line-Icons.woff2
9japaypal.com/wp-content/themes/oceanwp/assets/fonts/simple-line-icons/ 29 KB
30 KB 41ms
39ms Font
application/font-woff2 185.141.190.66
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://9japaypal.com/wp-content/themes/oceanwp/assets/fonts/simple-line-icons/Simple-Line-Icons.woff2?v=2.4.0

Requested by

Host: 9japaypal.com
URL: https://9japaypal.com/wp-content/cache/autoptimize/css/autoptimize_d2926453ada0e5136395e2b585347f19.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.141.190.66 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

185.141.190.66.static.supercp.com

Software

Apache /

Resource Hash

104673f4859604362a18fc6294197d8fffb8cb24ad3211e92eb04f655e18cf4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://9japaypal.com
Accept-Encoding: gzip, deflate, br
Host: 9japaypal.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://9japaypal.com/wp-content/cache/autoptimize/css/autoptimize_d2926453ada0e5136395e2b585347f19.css
Connection: keep-alive
Origin: https://9japaypal.com
Referer: https://9japaypal.com/wp-content/cache/autoptimize/css/autoptimize_d2926453ada0e5136395e2b585347f19.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 16:01:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 30087
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "7570-5b1483023b345-gzip"
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/font-woff2
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=498
Expires: Fri, 26 Aug 2022 16:01:30 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.7.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://9japaypal.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:00:34 GMT
x-content-type-options: nosniff
age: 219656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 03:00:34 GMT

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v13/ 39 KB
39 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v13/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c79f09d1e74eadaf897561f5d70265ed2884663d34ad9c4d7f2aebff3b85a6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://9japaypal.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 12:42:56 GMT
x-content-type-options: nosniff
age: 184714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39440
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 22:03:59 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 12:42:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 16 KB
16 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://9japaypal.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 12:23:16 GMT
x-content-type-options: nosniff
age: 185894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 12:23:16 GMT

GET
H/1.1 200
OK specta11-300x169.png
9japaypal.com/wp-content/uploads/2021/03/ 14 KB
14 KB 42ms
42ms Image
image/png 185.141.190.66
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9japaypal.com/wp-content/uploads/2021/03/specta11-300x169.png

Requested by

Host: 9japaypal.com
URL: https://9japaypal.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.141.190.66 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

185.141.190.66.static.supercp.com

Software

Apache /

Resource Hash

afc1cc7d2fc63ad886cb69d88acec1623bb534fac1196f2ed9a97cfd51f95975

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 9japaypal.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://9japaypal.com/
Connection: keep-alive
Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 16:01:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 13957
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 15 Mar 2021 15:37:14 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "366e-5bd95062d9dd3-gzip"
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=499
Expires: Fri, 26 Aug 2022 16:01:30 GMT

GET
H/1.1 200
OK Carbon-300x90.png
9japaypal.com/wp-content/uploads/2021/03/ 4 KB
4 KB 36ms
35ms Image
image/png 185.141.190.66
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9japaypal.com/wp-content/uploads/2021/03/Carbon-300x90.png

Requested by

Host: 9japaypal.com
URL: https://9japaypal.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.141.190.66 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

185.141.190.66.static.supercp.com

Software

Apache /

Resource Hash

68d20d0ca53ee64a997ed6c417ca0df180c43e5cd4f452268a17476abf34d7cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 9japaypal.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://9japaypal.com/
Connection: keep-alive
Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 16:01:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 3882
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 09 Mar 2021 14:14:52 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "f13-5bd1b2c8304d4-gzip"
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=496
Expires: Fri, 26 Aug 2022 16:01:30 GMT

GET
H/1.1 200
OK logo-done-300x75.png
9japaypal.com/wp-content/uploads/2020/06/ 5 KB
6 KB 50ms
37ms Image
image/png 185.141.190.66
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9japaypal.com/wp-content/uploads/2020/06/logo-done-300x75.png

Requested by

Host: 9japaypal.com
URL: https://9japaypal.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.141.190.66 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

185.141.190.66.static.supercp.com

Software

Apache /

Resource Hash

87c1b41600a9c528d58a7f0b39611ac2285b2c8e680723c4c63acff8e551aa69

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 9japaypal.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://9japaypal.com/
Connection: keep-alive
Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 16:01:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 5345
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 12 Oct 2020 01:40:27 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "14ca-5b16f6202fd73-gzip"
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=496
Expires: Fri, 26 Aug 2022 16:01:30 GMT

GET
H/1.1 200
OK wp-1601376005219..jpg
9japaypal.com/wp-content/uploads/2020/09/ 22 KB
18 KB 36ms
35ms Image
image/jpeg 185.141.190.66
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9japaypal.com/wp-content/uploads/2020/09/wp-1601376005219..jpg

Requested by

Host: 9japaypal.com
URL: https://9japaypal.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.141.190.66 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

185.141.190.66.static.supercp.com

Software

Apache /

Resource Hash

36ab1f0fe770ec29fd86c02ecec47e0f6a9cbbe1c6a809518df9dd07f8e58730

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 9japaypal.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://9japaypal.com/
Connection: keep-alive
Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 16:01:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 18322
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 12 Oct 2020 01:10:26 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "58a1-5b16ef6b0efb9-gzip"
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: image/jpeg
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=497
Expires: Fri, 26 Aug 2022 16:01:30 GMT

GET
H/1.1 200
OK wp-1601289545735.png
9japaypal.com/wp-content/uploads/2020/09/ 28 KB
28 KB 40ms
39ms Image
image/png 185.141.190.66
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9japaypal.com/wp-content/uploads/2020/09/wp-1601289545735.png

Requested by

Host: 9japaypal.com
URL: https://9japaypal.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.141.190.66 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

185.141.190.66.static.supercp.com

Software

Apache /

Resource Hash

59f23837d2c9021f768c3314e658ed2316dd60a0ec38cbd2166bfdbc9fedf53c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 9japaypal.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://9japaypal.com/
Connection: keep-alive
Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 16:01:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 28427
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 12 Oct 2020 01:10:01 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "6fe1-5b16ef533703e-gzip"
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=498
Expires: Fri, 26 Aug 2022 16:01:30 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
74 B 21ms
21ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A10.0&blog=180751550&post=238&tz=0&srv=9japaypal.com&host=9japaypal.com&ref=&fcp=0&rand=0.7361546212161683
Requested by: Host: 9japaypal.com
URL: https://9japaypal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 16:01:30 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240101/ 252 KB
93 KB 48ms
46ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1686098584668761&plah=9japaypal.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b0cdd883ba5aba9619606b07e5354d7a7d02c613f16304b2be6f14382142a7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 16:01:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95603
x-xss-protection: 0
server: cafe
etag: 14975429524352139583
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 26 Aug 2021 16:01:30 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210823/r20190131/ Frame 6E22 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210823/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210823/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://9japaypal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://9japaypal.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 25 Aug 2021 20:25:52 GMT
expires: Wed, 08 Sep 2021 20:25:52 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
age: 70538
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-179187549-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 4166
date: Thu, 26 Aug 2021 14:52:04 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Thu, 26 Aug 2021 16:52:04 GMT

GET
H/1.1 200
OK ajax-loader.gif
9japaypal.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/ 4 KB
4 KB 41ms
40ms Image
image/gif 185.141.190.66
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9japaypal.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/ajax-loader.gif

Requested by

Host: 9japaypal.com
URL: https://9japaypal.com/wp-content/cache/autoptimize/css/autoptimize_d2926453ada0e5136395e2b585347f19.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.141.190.66 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

185.141.190.66.static.supercp.com

Software

Apache /

Resource Hash

e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 9japaypal.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://9japaypal.com/wp-content/cache/autoptimize/css/autoptimize_d2926453ada0e5136395e2b585347f19.css
Connection: keep-alive
Referer: https://9japaypal.com/wp-content/cache/autoptimize/css/autoptimize_d2926453ada0e5136395e2b585347f19.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 16:01:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 3325
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 01 Oct 2020 12:46:32 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "1052-5b09b67e43ced-gzip"
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: image/gif
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=497
Expires: Fri, 26 Aug 2022 16:01:30 GMT

GET
H/1.1 200
OK arrow-left.png
9japaypal.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/ 441 B
968 B 42ms
42ms Image
image/png 185.141.190.66
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9japaypal.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/arrow-left.png

Requested by

Host: 9japaypal.com
URL: https://9japaypal.com/wp-content/cache/autoptimize/css/autoptimize_d2926453ada0e5136395e2b585347f19.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.141.190.66 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

185.141.190.66.static.supercp.com

Software

Apache /

Resource Hash

144dfc7f3c8315d272c4dc03429633b1b6766e898302f6ff059e7df0cf8c9021

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 9japaypal.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://9japaypal.com/wp-content/cache/autoptimize/css/autoptimize_d2926453ada0e5136395e2b585347f19.css
Connection: keep-alive
Referer: https://9japaypal.com/wp-content/cache/autoptimize/css/autoptimize_d2926453ada0e5136395e2b585347f19.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 16:01:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 397
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 01 Oct 2020 12:46:32 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "1b9-5b09b67e440d5-gzip"
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=496
Expires: Fri, 26 Aug 2022 16:01:30 GMT

GET
H/1.1 200
OK arrow-right.png
9japaypal.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/ 433 B
970 B 35ms
35ms Image
image/png 185.141.190.66
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9japaypal.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/arrow-right.png

Requested by

Host: 9japaypal.com
URL: https://9japaypal.com/wp-content/cache/autoptimize/css/autoptimize_d2926453ada0e5136395e2b585347f19.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.141.190.66 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

185.141.190.66.static.supercp.com

Software

Apache /

Resource Hash

cab8a95ca8e2bf48b0f4e16f3b1298fbb408d416e575b6bb0b766a48d6ec7e45

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 9japaypal.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://9japaypal.com/wp-content/cache/autoptimize/css/autoptimize_d2926453ada0e5136395e2b585347f19.css
Connection: keep-alive
Referer: https://9japaypal.com/wp-content/cache/autoptimize/css/autoptimize_d2926453ada0e5136395e2b585347f19.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 16:01:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 399
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 01 Oct 2020 12:46:32 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "1b1-5b09b67e43ced-gzip"
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=496
Expires: Fri, 26 Aug 2022 16:01:30 GMT

GET
H/1.1 200
OK slick.woff
9japaypal.com/wp-content/themes/oceanwp/assets/fonts/slick/ 1 KB
2 KB 35ms
35ms Font
application/font-woff 185.141.190.66
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://9japaypal.com/wp-content/themes/oceanwp/assets/fonts/slick/slick.woff

Requested by

Host: 9japaypal.com
URL: https://9japaypal.com/wp-content/cache/autoptimize/css/autoptimize_d2926453ada0e5136395e2b585347f19.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.141.190.66 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

185.141.190.66.static.supercp.com

Software

Apache /

Resource Hash

26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://9japaypal.com
Accept-Encoding: gzip, deflate, br
Host: 9japaypal.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://9japaypal.com/wp-content/cache/autoptimize/css/autoptimize_d2926453ada0e5136395e2b585347f19.css
Connection: keep-alive
Origin: https://9japaypal.com
Referer: https://9japaypal.com/wp-content/cache/autoptimize/css/autoptimize_d2926453ada0e5136395e2b585347f19.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 16:01:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 1343
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "564-5b1482ff1fcc6-gzip"
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/font-woff
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=495
Expires: Fri, 26 Aug 2022 16:01:30 GMT

GET
H/1.1 200
OK how-to-withdraw-bitcoin-nigeria-300x169.jpeg
9japaypal.com/wp-content/uploads/2020/12/ 11 KB
11 KB 39ms
37ms Image
image/jpeg 185.141.190.66
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9japaypal.com/wp-content/uploads/2020/12/how-to-withdraw-bitcoin-nigeria-300x169.jpeg

Requested by

Host: 9japaypal.com
URL: https://9japaypal.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.141.190.66 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

185.141.190.66.static.supercp.com

Software

Apache /

Resource Hash

08b2c6304ee68874316f87193fcae0bb31d29d8b7ab9b648cd68593f6cd80a66

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 9japaypal.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://9japaypal.com/
Connection: keep-alive
Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 16:01:31 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 18 Dec 2020 06:05:24 GMT
Server: Apache
ETag: "2bbf-5b6b6e4ef0728"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Content-Type: image/jpeg
Cache-Control: max-age=604800, public
Strict-Transport-Security: max-age=63072000; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=494
Content-Length: 11199
X-Content-Type-Options: nosniff
Expires: Fri, 26 Aug 2022 16:01:31 GMT

GET
H/1.1 200
OK DWDgcsjXkAErBiy-1-scaled-e1574088995720-300x111.jpg
9japaypal.com/wp-content/uploads/2020/07/ 8 KB
9 KB 40ms
37ms Image
image/jpeg 185.141.190.66
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9japaypal.com/wp-content/uploads/2020/07/DWDgcsjXkAErBiy-1-scaled-e1574088995720-300x111.jpg

Requested by

Host: 9japaypal.com
URL: https://9japaypal.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.141.190.66 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

185.141.190.66.static.supercp.com

Software

Apache /

Resource Hash

92a3b7dcf21015a0219bf3808bf50daf7cabe658e82d648eacfa5eb1454a312e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 9japaypal.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://9japaypal.com/
Connection: keep-alive
Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 16:01:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 8230
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 12 Oct 2020 01:11:15 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "202b-5b16ef9939841-gzip"
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: image/jpeg
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=495
Expires: Fri, 26 Aug 2022 16:01:31 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 13ms
13ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=185773341&t=pageview&_s=1&dl=https%3A%2F%2F9japaypal.com%2F&ul=en-us&de=UTF-8&dt=Best%20online%20loans%20in%20Nigeria%2C%20payment%20tips%20and%20tricks-9japaypal.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAAC~&jid=2073093242&gjid=651361708&cid=1081010891.1629993691&tid=UA-179187549-1&_gid=1174004567.1629993691&_r=1&gtm=2ou8p0&did=dZTNiMT&z=576254054

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 26 Aug 2021 16:01:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://9japaypal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 203 B
660 B 100ms
44ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=9japaypal.com&callback=_gfp_s_&client=ca-pub-1686098584668761

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1686098584668761&plah=9japaypal.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

cfbc3c25913196c3a3c5eb38ee4d0a5845810a1a08cd4470feff95a1a7d7f747

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 16:01:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 flags.png
www.ngnrates.com/assets/ Frame 9A01 89 KB
89 KB 23ms
22ms Image
image/png 35.156.27.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ngnrates.com/assets/flags.png
Requested by: Host: www.ngnrates.com
URL: https://www.ngnrates.com/currency-converter/widget
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.156.27.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-27-17.eu-central-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: bd8048912f07fc82ed6e39d0f305a5d7cb1a84242e5db22545be05941306d915

Request headers

Referer: https://www.ngnrates.com/currency-converter/widget
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 16:01:31 GMT
last-modified: Sun, 23 Dec 2018 21:40:57 GMT
server: nginx/1.12.1
etag: "5c2000e9-1630b"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 90891
expires: Sat, 25 Sep 2021 16:01:31 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 35ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=9japaypal.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 26 Aug 2021 16:01:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=9japaypal.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 26 Aug 2021 16:01:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C7F7 21 KB
5 KB 465ms
465ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1686098584668761&output=html&adk=1812271804&adf=3025194257&lmt=1629993691&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2F9japaypal.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629993690756&bpp=3&bdt=355&idt=235&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8745212543174&frm=20&pv=2&ga_vid=1081010891.1629993691&ga_sid=1629993691&ga_hid=185773341&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44748553%2C31062297&oid=3&pvsid=961803692741856&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=284

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a78f41d1e203564ecabcffea57922f076c345791518d37485d681c0e0cbb132a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1686098584668761&output=html&adk=1812271804&adf=3025194257&lmt=1629993691&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2F9japaypal.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629993690756&bpp=3&bdt=355&idt=235&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8745212543174&frm=20&pv=2&ga_vid=1081010891.1629993691&ga_sid=1629993691&ga_hid=185773341&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44748553%2C31062297&oid=3&pvsid=961803692741856&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=284
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://9japaypal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://9japaypal.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 26 Aug 2021 16:01:31 GMT
server: cafe
content-length: 5520
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 26-Aug-2021 16:16:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 26 Aug 2021 16:01:31 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 39ms
19ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a52935114e24e8f2d5c6d33f048a4690635181cde1e030731351f91e80b4c884

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 16:01:31 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629890992072652"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27633
x-xss-protection: 0
expires: Thu, 26 Aug 2021 16:01:31 GMT

GET
H2 200 jquery.min.js Show response
www.ngnrates.com/js/ Frame 9A01 95 KB
39 KB 23ms
22ms Script
application/javascript 35.156.27.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ngnrates.com/js/jquery.min.js
Requested by: Host: www.ngnrates.com
URL: https://www.ngnrates.com/currency-converter/widget
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.156.27.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-27-17.eu-central-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Referer: https://www.ngnrates.com/currency-converter/widget
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 16:01:31 GMT
content-encoding: gzip
last-modified: Sun, 27 May 2018 12:17:32 GMT
server: nginx/1.12.1
etag: W/"5b0aa1dc-17b8b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Sat, 25 Sep 2021 16:01:31 GMT

GET
H2 200 bootstrap.min.js Show response
www.ngnrates.com/js/ Frame 9A01 36 KB
12 KB 25ms
24ms Script
application/javascript 35.156.27.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ngnrates.com/js/bootstrap.min.js
Requested by: Host: www.ngnrates.com
URL: https://www.ngnrates.com/currency-converter/widget
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.156.27.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-27-17.eu-central-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Referer: https://www.ngnrates.com/currency-converter/widget
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 16:01:31 GMT
content-encoding: gzip
last-modified: Sun, 27 May 2018 12:17:32 GMT
server: nginx/1.12.1
etag: W/"5b0aa1dc-90b5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Sat, 25 Sep 2021 16:01:31 GMT

GET
H2 200 ngn_iframe_converter.js Show response
www.ngnrates.com/js/ Frame 9A01 7 KB
3 KB 25ms
24ms Script
application/javascript 35.156.27.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ngnrates.com/js/ngn_iframe_converter.js?v=16
Requested by: Host: www.ngnrates.com
URL: https://www.ngnrates.com/currency-converter/widget
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.156.27.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-27-17.eu-central-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 772ec792f20e0819b498767b59380026fe7cf698b42e3b07e2c9b856d508436e

Request headers

Referer: https://www.ngnrates.com/currency-converter/widget
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 16:01:31 GMT
content-encoding: gzip
last-modified: Fri, 07 Feb 2020 21:42:21 GMT
server: nginx/1.12.1
etag: W/"5e3dd9bd-1a32"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Sat, 25 Sep 2021 16:01:31 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame 9A01 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.ngnrates.com
URL: https://www.ngnrates.com/currency-converter/widget

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ngnrates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 4167
date: Thu, 26 Aug 2021 14:52:04 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Thu, 26 Aug 2021 16:52:04 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=9japaypal.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 26 Aug 2021 16:01:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 17ms
17ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=9japaypal.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 26 Aug 2021 16:01:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 44FB 95 KB
30 KB 1125ms
1125ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1686098584668761&output=html&h=600&adk=241328492&adf=3582897403&pi=t.aa~a.3233537607~rp.4&w=294&fwrn=4&fwrnh=100&lmt=1629993691&rafmt=1&to=qs&pwprc=8278583418&tp=site_kit&psa=0&format=294x600&url=https%3A%2F%2F9japaypal.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629993691537&bpp=3&bdt=1135&idt=-M&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8745212543174&frm=20&pv=1&ga_vid=1081010891.1629993691&ga_sid=1629993691&ga_hid=185773341&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=996&ady=1216&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44748553%2C31062297&oid=3&pvsid=961803692741856&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vOobe9CpE1&p=https%3A//9japaypal.com&dtd=32

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a499d095c8c4aaaea31e4f3499749607adf89857c582d9497f0f09ac25c92385

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CN3F5NeHz_ICFReN3godRDYEQg&gqi=27onYYqbI46W7_UPhLub2Ao&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1686098584668761&output=html&h=600&adk=241328492&adf=3582897403&pi=t.aa~a.3233537607~rp.4&w=294&fwrn=4&fwrnh=100&lmt=1629993691&rafmt=1&to=qs&pwprc=8278583418&tp=site_kit&psa=0&format=294x600&url=https%3A%2F%2F9japaypal.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629993691537&bpp=3&bdt=1135&idt=-M&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8745212543174&frm=20&pv=1&ga_vid=1081010891.1629993691&ga_sid=1629993691&ga_hid=185773341&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=996&ady=1216&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44748553%2C31062297&oid=3&pvsid=961803692741856&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vOobe9CpE1&p=https%3A//9japaypal.com&dtd=32
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://9japaypal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://9japaypal.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CN3F5NeHz_ICFReN3godRDYEQg&gqi=27onYYqbI46W7_UPhLub2Ao&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 26 Aug 2021 16:01:32 GMT
server: cafe
content-length: 30469
x-xss-protection: 0
set-cookie: IDE=AHWqTUmERmh3XOlj1ApsKaYSR0QABhZCgo1gvlAuUaL-zKJ-6u9qzs_vBRg3tvZ1_kI; expires=Tue, 20-Sep-2022 16:01:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 26 Aug 2021 16:01:32 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5094 120 KB
38 KB 885ms
885ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1686098584668761&output=html&h=240&adk=3859362167&adf=3784567859&pi=t.aa~a.3059151465~rp.2&w=254&fwrn=4&fwrnh=100&lmt=1629993691&rafmt=1&to=qs&pwprc=8278583418&tp=site_kit&psa=0&format=254x240&url=https%3A%2F%2F9japaypal.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629993691537&bpp=1&bdt=1136&idt=1&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C294x600&nras=3&correlator=8745212543174&frm=20&pv=1&ga_vid=1081010891.1629993691&ga_sid=1629993691&ga_hid=185773341&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1016&ady=1856&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44748553%2C31062297&oid=3&pvsid=961803692741856&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=n063hRMV84&p=https%3A//9japaypal.com&dtd=40

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60fcfc4cd8906194e73cc290c6fe68be148d821ad68ddd217ef71f96221908d7

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10557135749935155174/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10557135749935155174/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNGi5deHz_ICFRVP4AodLLgPQw&gqi=27onYZbYI-3P7_UP3NigyAM&layout=/sadbundle/%24csp%253Der3%24/10557135749935155174/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1686098584668761&output=html&h=240&adk=3859362167&adf=3784567859&pi=t.aa~a.3059151465~rp.2&w=254&fwrn=4&fwrnh=100&lmt=1629993691&rafmt=1&to=qs&pwprc=8278583418&tp=site_kit&psa=0&format=254x240&url=https%3A%2F%2F9japaypal.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629993691537&bpp=1&bdt=1136&idt=1&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C294x600&nras=3&correlator=8745212543174&frm=20&pv=1&ga_vid=1081010891.1629993691&ga_sid=1629993691&ga_hid=185773341&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1016&ady=1856&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44748553%2C31062297&oid=3&pvsid=961803692741856&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=n063hRMV84&p=https%3A//9japaypal.com&dtd=40
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://9japaypal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://9japaypal.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10557135749935155174/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10557135749935155174/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNGi5deHz_ICFRVP4AodLLgPQw&gqi=27onYZbYI-3P7_UP3NigyAM&layout=/sadbundle/%24csp%253Der3%24/10557135749935155174/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 26 Aug 2021 16:01:32 GMT
server: cafe
content-length: 38612
x-xss-protection: 0
set-cookie: IDE=AHWqTUmEKCvQx9jSo5dcLcldMXu0eXmuP-U2rfbqeZI9fNHrX9pkMnVtymh56tECciM; expires=Tue, 20-Sep-2022 16:01:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 26 Aug 2021 16:01:32 GMT
cache-control: private

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10557135749935155174/ Frame C50C 8 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10557135749935155174/index.html

Requested by

Host: 9japaypal.com
URL: https://9japaypal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c52c02de7778e3d34c444a707aaed2c52bb4f82fbb0a7f4bcc5f618af0952856

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/10557135749935155174/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2594
date: Thu, 26 Aug 2021 01:57:25 GMT
expires: Fri, 26 Aug 2022 01:57:25 GMT
last-modified: Wed, 21 Apr 2021 15:14:30 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 50647
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame EB3F 0
0 36ms
35ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CP5kp27onYZHJJJWegQes8L6YBIiNzKtk5L_H2uYNku6whfYjEAEgiOv0igFglQKgAfjg9PoDyAEJqQJSS9SwqcGzPqgDAcgDSKoEvwFP0PzmzzpTRwRJHss_Rh414rvtwMaR6-f4MMhJT1-HCinw5ldN7gcbsAXIshvDsENItcyZbwFKjHKtSRI0dea4zFkj9cXRkKDIy6mKcTOi_qz_CtF270YnRfjfTuHmVdn6xhGpND1m5WDdo5en5I_c4AKwHrT5dWuRKGEgOhFP5zfw_9ywCW2gXi1aJyk4kBFniExb3njkrN7qVeXOZCjAq2QVfrFCPgc-HayrHWG8lwt0d1DpTDylUrIdWaKIxcAEtZrDtMIDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_CeiwWoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcA8gcEEIfuCdIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAESFHB1Yi0xNjg2MDk4NTg0NjY4NzYxGAA&sigh=yAcDW6vG09c&template_id=419

Requested by

Host: 9japaypal.com
URL: https://9japaypal.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1686098584668761&output=html&h=240&adk=3859362167&adf=3784567859&pi=t.aa~a.3059151465~rp.2&w=254&fwrn=4&fwrnh=100&lmt=1629993691&rafmt=1&to=qs&pwprc=8278583418&tp=site_kit&psa=0&format=254x240&url=https%3A%2F%2F9japaypal.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629993691537&bpp=1&bdt=1136&idt=1&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C294x600&nras=3&correlator=8745212543174&frm=20&pv=1&ga_vid=1081010891.1629993691&ga_sid=1629993691&ga_hid=185773341&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1016&ady=1856&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44748553%2C31062297&oid=3&pvsid=961803692741856&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=n063hRMV84&p=https%3A//9japaypal.com&dtd=40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 26 Aug 2021 16:01:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210823/r20110914/ Frame EB3F 18 KB
8 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210823/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1686098584668761&output=html&h=240&adk=3859362167&adf=3784567859&pi=t.aa~a.3059151465~rp.2&w=254&fwrn=4&fwrnh=100&lmt=1629993691&rafmt=1&to=qs&pwprc=8278583418&tp=site_kit&psa=0&format=254x240&url=https%3A%2F%2F9japaypal.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629993691537&bpp=1&bdt=1136&idt=1&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C294x600&nras=3&correlator=8745212543174&frm=20&pv=1&ga_vid=1081010891.1629993691&ga_sid=1629993691&ga_hid=185773341&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1016&ady=1856&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44748553%2C31062297&oid=3&pvsid=961803692741856&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=n063hRMV84&p=https%3A//9japaypal.com&dtd=40

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 15:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Sep 2021 15:59:38 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210823/r20110914/client/ Frame EB3F 2 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210823/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 15:54:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 393
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Sep 2021 15:54:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EB3F 124 KB
38 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d57cbb2d62c0670a321f68eb85bbc1b920a69d42268be512f588f6f35c775268

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 16:01:32 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629891004154027"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38302
x-xss-protection: 0
expires: Thu, 26 Aug 2021 16:01:32 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210823/r20110914/client/ Frame EB3F 14 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210823/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbb80dcea54f7729198af5e295a98e3cacc3a66a7c308cda48625042944170b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 15:55:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6213
x-xss-protection: 0
server: cafe
etag: 5878208181763659450
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Sep 2021 15:55:20 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame EB3F 0
0 15ms
15ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSPM0IJHJ166LDO9cmzYxVdF2BKb3bMl7UhmrBAsseoDbOkPxYUuasExGDqJ_2TpuwJ0lJXPSa1Vhs6C4OBnTvJTl49uA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1686098584668761&output=html&h=240&adk=3859362167&adf=3784567859&pi=t.aa~a.3059151465~rp.2&w=254&fwrn=4&fwrnh=100&lmt=1629993691&rafmt=1&to=qs&pwprc=8278583418&tp=site_kit&psa=0&format=254x240&url=https%3A%2F%2F9japaypal.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629993691537&bpp=1&bdt=1136&idt=1&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C294x600&nras=3&correlator=8745212543174&frm=20&pv=1&ga_vid=1081010891.1629993691&ga_sid=1629993691&ga_hid=185773341&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1016&ady=1856&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44748553%2C31062297&oid=3&pvsid=961803692741856&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=n063hRMV84&p=https%3A//9japaypal.com&dtd=40
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame C50C 9 KB
3 KB 24ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10557135749935155174/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 16:43:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83898
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 26 Aug 2021 16:43:14 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C50C 26 KB
10 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10557135749935155174/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 20:35:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69963
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 26 Aug 2021 20:35:29 GMT

GET
H3-29 200 background.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10557135749935155174/ Frame C50C 8 KB
8 KB 7ms
6ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10557135749935155174/background.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10557135749935155174/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

103fa4c31311b3f1d7b1eb043472143fccd228492266141a1a44a5cdd9572de2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 5295
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7967
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 15:14:30 GMT
server: sffe
date: Thu, 26 Aug 2021 14:33:17 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Aug 2022 14:33:17 GMT

GET
H3-29 200 cta.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10557135749935155174/ Frame C50C 897 B
923 B 7ms
6ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10557135749935155174/cta.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10557135749935155174/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7cbbd3be7af4254767cabe8b89e9240195c3c8ae86bcd6fa2dcd0987f28ffb22

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 118081
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 897
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 15:14:30 GMT
server: sffe
date: Wed, 25 Aug 2021 07:13:31 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Aug 2022 07:13:31 GMT

GET
H3-29 200 copytext.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10557135749935155174/ Frame C50C 1 KB
1 KB 9ms
8ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10557135749935155174/copytext.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10557135749935155174/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94b173ce83e26e33c2cc21710b5fe6980a06d8ea85d1c4508e817cb04e295c88

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 5295
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 15:14:30 GMT
server: sffe
date: Thu, 26 Aug 2021 14:33:17 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Aug 2022 14:33:17 GMT

GET
H3-29 200 headline.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10557135749935155174/ Frame C50C 1 KB
1 KB 8ms
7ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10557135749935155174/headline.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10557135749935155174/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38b62d07851447c2930b4cffc1ab263fed9f2c3783164df5ab80ee59193db15e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 5295
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1059
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 15:14:30 GMT
server: sffe
date: Thu, 26 Aug 2021 14:33:17 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Aug 2022 14:33:17 GMT

GET
H3-29 200 eyecatcher.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10557135749935155174/ Frame C50C 2 KB
2 KB 10ms
9ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10557135749935155174/eyecatcher.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10557135749935155174/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

551e5d1f615f374e9e6dcd2cc055d821069465557990ab173998979ad7e57864

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 5295
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1972
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 15:14:30 GMT
server: sffe
date: Thu, 26 Aug 2021 14:33:17 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Aug 2022 14:33:17 GMT

GET
H3-29 200 logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10557135749935155174/ Frame C50C 4 KB
4 KB 9ms
9ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10557135749935155174/logo.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10557135749935155174/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e29aa4d3a5d4948809fcd1d7fd555cdb4714c019212b24824eea9e15ff999aa5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 5295
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3632
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 15:14:30 GMT
server: sffe
date: Thu, 26 Aug 2021 14:33:17 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Aug 2022 14:33:17 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 38EC 143 B
163 B 8ms
7ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1686098584668761&output=html&h=240&adk=3859362167&adf=3784567859&pi=t.aa~a.3059151465~rp.2&w=254&fwrn=4&fwrnh=100&lmt=1629993691&rafmt=1&to=qs&pwprc=8278583418&tp=site_kit&psa=0&format=254x240&url=https%3A%2F%2F9japaypal.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629993691537&bpp=1&bdt=1136&idt=1&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C294x600&nras=3&correlator=8745212543174&frm=20&pv=1&ga_vid=1081010891.1629993691&ga_sid=1629993691&ga_hid=185773341&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1016&ady=1856&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44748553%2C31062297&oid=3&pvsid=961803692741856&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=n063hRMV84&p=https%3A//9japaypal.com&dtd=40
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmEKCvQx9jSo5dcLcldMXu0eXmuP-U2rfbqeZI9fNHrX9pkMnVtymh56tECciM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1686098584668761&output=html&h=240&adk=3859362167&adf=3784567859&pi=t.aa~a.3059151465~rp.2&w=254&fwrn=4&fwrnh=100&lmt=1629993691&rafmt=1&to=qs&pwprc=8278583418&tp=site_kit&psa=0&format=254x240&url=https%3A%2F%2F9japaypal.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629993691537&bpp=1&bdt=1136&idt=1&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C294x600&nras=3&correlator=8745212543174&frm=20&pv=1&ga_vid=1081010891.1629993691&ga_sid=1629993691&ga_hid=185773341&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1016&ady=1856&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44748553%2C31062297&oid=3&pvsid=961803692741856&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=n063hRMV84&p=https%3A//9japaypal.com&dtd=40

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 26 Aug 2021 15:42:58 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1114
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame EB3F 0
463 B 66ms
43ms Other
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNGi5deHz_ICFRVP4AodLLgPQw&gqi=27onYZbYI-3P7_UP3NigyAM&layout=/sadbundle/%24csp%253Der3%24/10557135749935155174/index.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Thu, 26 Aug 2021 16:01:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 38EC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
39ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmEKCvQx9jSo5dcLcldMXu0eXmuP-U2rfbqeZI9fNHrX9pkMnVtymh56tECciM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 26 Aug 2021 16:01:32 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 26-Aug-2021 17:01:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 26 Aug 2021 16:01:32 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 26 Aug 2021 16:01:32 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame EB3F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ba960ea81478fbef01cf65b30d36c32b7d2a9675f903b07e8b46afe98855e4f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 UDeKqTBFYaEY2ioWtDs_l49rHnl3Z0jd0o7HlKSj4tA.js Show response
pagead2.googlesyndication.com/bg/ Frame C50C 35 KB
13 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UDeKqTBFYaEY2ioWtDs_l49rHnl3Z0jd0o7HlKSj4tA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50378aa9304561a118da2a16b43b3f978f6b1e79776748ddd28ec794a4a3e2d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 12:51:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13427
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 15:08:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Aug 2022 12:51:19 GMT

GET
H3-29 200 ssrh.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 44FB 84 KB
29 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/ssrh.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1686098584668761&output=html&h=600&adk=241328492&adf=3582897403&pi=t.aa~a.3233537607~rp.4&w=294&fwrn=4&fwrnh=100&lmt=1629993691&rafmt=1&to=qs&pwprc=8278583418&tp=site_kit&psa=0&format=294x600&url=https%3A%2F%2F9japaypal.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629993691537&bpp=3&bdt=1135&idt=-M&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8745212543174&frm=20&pv=1&ga_vid=1081010891.1629993691&ga_sid=1629993691&ga_hid=185773341&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=996&ady=1216&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44748553%2C31062297&oid=3&pvsid=961803692741856&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vOobe9CpE1&p=https%3A//9japaypal.com&dtd=32

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 13:05:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10579
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30063
x-xss-protection: 0
server: cafe
etag: 16132151104434394549
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 27 Aug 2021 13:05:13 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210823/r20110914/ Frame 44FB 18 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210823/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 15:47:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 839
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Sep 2021 15:47:33 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210823/r20110914/client/ Frame 44FB 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210823/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 15:47:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 861
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Sep 2021 15:47:11 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 44FB 124 KB
37 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d57cbb2d62c0670a321f68eb85bbc1b920a69d42268be512f588f6f35c775268

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 16:01:32 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629891004154027"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38302
x-xss-protection: 0
expires: Thu, 26 Aug 2021 16:01:32 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210823/r20110914/client/ Frame 44FB 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210823/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbb80dcea54f7729198af5e295a98e3cacc3a66a7c308cda48625042944170b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 15:25:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6213
x-xss-protection: 0
server: cafe
etag: 5878208181763659450
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Sep 2021 15:25:27 GMT

GET
H2 200 16205031257397664746_568893014072885787.png
static.doubleclick.net/dynamic/5/322568101/ Frame 44FB 28 KB
28 KB 7ms
6ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/322568101/16205031257397664746_568893014072885787.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d65843c3ad8aaa2ccc358e55005748ccabd9984f729c2c28db5639444c67f5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 21 Aug 2021 15:46:41 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Aug 2021 14:31:14 GMT
server: sffe
age: 432891
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28620
x-xss-protection: 0
expires: Sun, 21 Aug 2022 15:46:41 GMT

GET
H2 200 9592430220413798323_10552479182413085641.png
static.doubleclick.net/dynamic/5/322568101/ Frame 44FB 37 KB
37 KB 13ms
12ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/322568101/9592430220413798323_10552479182413085641.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36b3f48dd401aaf9daf03276d11575d3be4e36be5f4732141b8ba54aa0bdf18b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 23:35:42 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Aug 2021 14:33:28 GMT
server: sffe
age: 145550
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37833
x-xss-protection: 0
expires: Wed, 24 Aug 2022 23:35:42 GMT

GET
H2 200 16248356939153644460_7719505117827907787.png
static.doubleclick.net/dynamic/5/322568101/ Frame 44FB 43 KB
43 KB 17ms
17ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/322568101/16248356939153644460_7719505117827907787.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

130e0f808b59f2dd5a57cc9c83c17b40cd8ceea68ccc04955cd0f1c1896c1e65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 21:17:56 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Aug 2021 14:32:48 GMT
server: sffe
age: 153816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43824
x-xss-protection: 0
expires: Wed, 24 Aug 2022 21:17:56 GMT

GET
H3-29 200 16958457649546660245
tpc.googlesyndication.com/simgad/ Frame 44FB 53 KB
53 KB 8ms
7ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16958457649546660245

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b17d7a0509ddd51d9d9a42a4feecd6f1788efe83a3387f69ec73248c113ab47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 03:25:20 GMT
x-content-type-options: nosniff
age: 218172
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54574
x-xss-protection: 0
last-modified: Thu, 10 Jun 2021 13:40:04 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 03:25:20 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 44FB 0
0 30ms
30ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C8zN327onYZ3sI5ea-gbE7JCQBNmAzLBk84Ws6JYO0KfMtt4JEAEgiOv0igFglQKgAaSh7NoDyAEJqQJSS9SwqcGzPqgDAcgDywSqBLYBT9ADevl11uwsx0Eu6kfz1Y6D1ofuqmzJRpGrVm0UAxbWlVybGAP3HdAxZJxFCs60n8RLyNfDftAs7rBMtLI0j7z_R92IguUlysOl8VEWQgP_E5yX72XYcP1s-wFGOod-FNMf6AynpUbc85AKtc0vMV3L6l6LzApkZtMq9PprEW7SoFDRxPpXJFMOy3SkSyU3e38TUrYFrlrrBE_A5fB-jESj8zOrPVcervu3QIz4AlwiClUeTm7ABMzGiLL0A5IFBAgEGAGSBQQIBRgEoAYugAej7LcEqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCAhg_SCAkIgOGAEBABGB-ACgHICwHYEw2IFALQFQGAFwGyFxwKGggBEhRwdWItMTY4NjA5ODU4NDY2ODc2MRgA&sigh=m-ZCGiG_MZk&template_id=494

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1686098584668761&output=html&h=600&adk=241328492&adf=3582897403&pi=t.aa~a.3233537607~rp.4&w=294&fwrn=4&fwrnh=100&lmt=1629993691&rafmt=1&to=qs&pwprc=8278583418&tp=site_kit&psa=0&format=294x600&url=https%3A%2F%2F9japaypal.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629993691537&bpp=3&bdt=1135&idt=-M&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8745212543174&frm=20&pv=1&ga_vid=1081010891.1629993691&ga_sid=1629993691&ga_hid=185773341&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=996&ady=1216&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44748553%2C31062297&oid=3&pvsid=961803692741856&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vOobe9CpE1&p=https%3A//9japaypal.com&dtd=32
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 26 Aug 2021 16:01:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 324D 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1686098584668761&output=html&h=600&adk=241328492&adf=3582897403&pi=t.aa~a.3233537607~rp.4&w=294&fwrn=4&fwrnh=100&lmt=1629993691&rafmt=1&to=qs&pwprc=8278583418&tp=site_kit&psa=0&format=294x600&url=https%3A%2F%2F9japaypal.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629993691537&bpp=3&bdt=1135&idt=-M&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8745212543174&frm=20&pv=1&ga_vid=1081010891.1629993691&ga_sid=1629993691&ga_hid=185773341&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=996&ady=1216&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44748553%2C31062297&oid=3&pvsid=961803692741856&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vOobe9CpE1&p=https%3A//9japaypal.com&dtd=32
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUmERmh3XOlj1ApsKaYSR0QABhZCgo1gvlAuUaL-zKJ-6u9qzs_vBRg3tvZ1_kI
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1686098584668761&output=html&h=600&adk=241328492&adf=3582897403&pi=t.aa~a.3233537607~rp.4&w=294&fwrn=4&fwrnh=100&lmt=1629993691&rafmt=1&to=qs&pwprc=8278583418&tp=site_kit&psa=0&format=294x600&url=https%3A%2F%2F9japaypal.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629993691537&bpp=3&bdt=1135&idt=-M&shv=r20210823&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8745212543174&frm=20&pv=1&ga_vid=1081010891.1629993691&ga_sid=1629993691&ga_hid=185773341&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=996&ady=1216&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44748553%2C31062297&oid=3&pvsid=961803692741856&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vOobe9CpE1&p=https%3A//9japaypal.com&dtd=32

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 26 Aug 2021 15:42:58 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1114
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 44FB 0
20 B 54ms
40ms Other
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CN3F5NeHz_ICFReN3godRDYEQg&gqi=27onYYqbI46W7_UPhLub2Ao&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Thu, 26 Aug 2021 16:01:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 324D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
39ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUmERmh3XOlj1ApsKaYSR0QABhZCgo1gvlAuUaL-zKJ-6u9qzs_vBRg3tvZ1_kI
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 26 Aug 2021 16:01:32 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 26-Aug-2021 17:01:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 26 Aug 2021 16:01:32 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 26 Aug 2021 16:01:32 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 44FB 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a61233d74bd895e736cf0a66a11e993a0598cc01bb7cf771a66d87f7e722660

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 21ms
20ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210823&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7f5371ea17682a9f67311e35bb4569638ef223cad423f4a98cf626cce893d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 26 Aug 2021 16:01:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8528
x-xss-protection: 0

GET
H3-29 200 UDeKqTBFYaEY2ioWtDs_l49rHnl3Z0jd0o7HlKSj4tA.js Show response
pagead2.googlesyndication.com/bg/ Frame F5EC 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UDeKqTBFYaEY2ioWtDs_l49rHnl3Z0jd0o7HlKSj4tA.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50378aa9304561a118da2a16b43b3f978f6b1e79776748ddd28ec794a4a3e2d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 12:51:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13427
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 15:08:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Aug 2022 12:51:19 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 16:01:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 26 Aug 2021 16:01:32 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 6B0E 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://9japaypal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://9japaypal.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Thu, 26 Aug 2021 14:35:24 GMT
expires: Fri, 26 Aug 2022 14:35:24 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 5168
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 61DA 783 B
531 B 18ms
18ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5cb8af58323b1969e3c400d1d8bc9c2bab6b25c61d446888ef10cb2c76c47e14

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XChcfzniSDar9nEGLyJWHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://9japaypal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://9japaypal.com/

Response headers

expires: Thu, 26 Aug 2021 16:01:32 GMT
date: Thu, 26 Aug 2021 16:01:32 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-XChcfzniSDar9nEGLyJWHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 UDeKqTBFYaEY2ioWtDs_l49rHnl3Z0jd0o7HlKSj4tA.js Show response
pagead2.googlesyndication.com/bg/ Frame 6B0E 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UDeKqTBFYaEY2ioWtDs_l49rHnl3Z0jd0o7HlKSj4tA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50378aa9304561a118da2a16b43b3f978f6b1e79776748ddd28ec794a4a3e2d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 12:51:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13427
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 15:08:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Aug 2022 12:51:19 GMT

GET
H3-29 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 31ms
31ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210823&jk=961803692741856&bg=!EBOlE1fNAAYXVutgF1Y7ACkAdvg8Wsi5p_uKdDHhxqj5Flc-vHyfl6VgJ0P9sHaZgToWCeGchzTS6QIAAABtUgAAAA1oAQcKABZTSJQ6YKwQomcMHaB7Qc-NEtzmJag_mQJqvlpS-Vi2QXC132DMc4vCQQRAl-mB2ICzVKHCDSDeZ6d6P0zkWI3t8Fd0pWduAQlzSCZvevDruI7mnbdYiSkzGT7tgAzpYeoBjZ8e6-c2bL-k9diJpskrk8a-SCIXQ3VZ9q-FVdI1rL5vhTBzDaUEwWZKM2MVod0APhc-TZa2DtzDLnb4cu1ehGgbobfGgSUKee1smR0e1udsRrWQN1iVpp1caHQi2WjrExrpoWJLS_FFralSzXy7O-N01hXyhC1LrRVJUTAgPGphfDLgk9yIhXJ_1pi392wGSH1ECqZcIbTEPTz75Y9-K7FS-n_HJsDmd8FNboBQcvJhUtZ-0XwWGfYj59bZv_VlpvxqFACOJFJlI_UYEcvmy5wbHq7t2obILF_m1R_DhXycl6WkLih2ngaaL3SLxqb1K2CzxOeme5dDoKprjMlBin7wcIxsf_P0Fk80dVhNpeQ0XkL-OsTgsyQtaPgBXBFrVFtV8nxtxJfihFqa-sxS79xOobfgkDXRO_x7KpevuQILbbvX7URNDjlBndCTdICOR9BaIU_dIF1yswgK7rr8PJTnVzySPY1fa8vPP47RCaTW1IN6hQxx-HfuuLgi9_SfxctRCGmRx-LeVAncM-I0wBbOJtrB2fNHK9ScngIXTsJYkq_Wml7mEyBBmqBFNKsQ3JDBItSHBcGcTln9e801JmVZAqdiOv7W49-aZsyvzz8NtDahWF3wFm6m8aP_fY81pQMU0fdNJxAGcNQTwPL2kNpDx5eqNgbr0qj30ukD7_EHxoKruR-_pwSkpa3lELGegZsKNo6VqS8AIhNUUGTr_8et
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H/1.1 200
OK / Show response
9japaypal.com/ 76 KB
16 KB 1163ms
1100ms XHR
text/html 185.141.190.66
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://9japaypal.com/?mashsb-refresh

Requested by

Host: 9japaypal.com
URL: https://9japaypal.com/wp-content/cache/autoptimize/js/autoptimize_dceea6d1dc51bafe73cc5c5e2d12750e.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.141.190.66 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

185.141.190.66.static.supercp.com

Software

Apache / PHP/7.2.34

Resource Hash

7837c0e6e812a8e425fa4143a270efe387cd7ef33149a0e60ea2caca8c773676

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: 9japaypal.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://9japaypal.com/
Connection: keep-alive
Referer: https://9japaypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 16:01:37 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
Link: <https://9japaypal.com/wp-json/>; rel="https://api.w.org/", <https://9japaypal.com/wp-json/wp/v2/pages/238>; rel="alternate"; type="application/json", <https://9japaypal.com/>; rel=shortlink
X-Powered-By: PHP/7.2.34
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: text/html; charset=UTF-8
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 15397
X-Content-Type-Options: nosniff
Keep-Alive: timeout=3, max=500
X-UA-Compatible: IE=edge

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-20 06:08:09	Name: IDE Value: AHWqTUmERmh3XOlj1ApsKaYSR0QABhZCgo1gvlAuUaL-zKJ-6u9qzs_vBRg3tvZ1_kI
			.doubleclick.net/	1970-01-19 20:46:37	Name: DSID Value: NO_DATA

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://9japaypal.com/wp-content/cache/autoptimize/js/autoptimize_dceea6d1dc51bafe73cc5c5e2d12750e.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://9japaypal.com/wp-content/cache/autoptimize/js/autoptimize_dceea6d1dc51bafe73cc5c5e2d12750e.js(Line 3) Message: not rate limited: 1629993719
console-api	debug	URL: https://www.ngnrates.com/js/ngn_iframe_converter.js?v=16(Line 154) Message: changed class: c-cl-1
console-api	debug	URL: https://www.ngnrates.com/js/ngn_iframe_converter.js?v=16(Line 155) Message: market: lagos
console-api	debug	URL: https://www.ngnrates.com/js/ngn_iframe_converter.js?v=16(Line 156) Message: pivot currency: USD
console-api	debug	URL: https://www.ngnrates.com/js/ngn_iframe_converter.js?v=16(Line 157) Message: to change currency: NGN
console-api	debug	URL: https://www.ngnrates.com/js/ngn_iframe_converter.js?v=16(Line 158) Message: pivotMult:1 pivotCurVal:522.0000 toChangeCurVal:1
console-api	debug	URL: https://www.ngnrates.com/js/ngn_iframe_converter.js?v=16(Line 159) Message: toChangeFinal: 522.0000
console-api	debug	URL: https://www.ngnrates.com/js/ngn_iframe_converter.js?v=16(Line 154) Message: changed class: c-cl-2
console-api	debug	URL: https://www.ngnrates.com/js/ngn_iframe_converter.js?v=16(Line 155) Message: market: lagos
console-api	debug	URL: https://www.ngnrates.com/js/ngn_iframe_converter.js?v=16(Line 156) Message: pivot currency: NGN
console-api	debug	URL: https://www.ngnrates.com/js/ngn_iframe_converter.js?v=16(Line 157) Message: to change currency: USD
console-api	debug	URL: https://www.ngnrates.com/js/ngn_iframe_converter.js?v=16(Line 158) Message: pivotMult:522.0000 pivotCurVal:1 toChangeCurVal:522.0000
console-api	debug	URL: https://www.ngnrates.com/js/ngn_iframe_converter.js?v=16(Line 159) Message: toChangeFinal: 1
console-api	debug	URL: https://www.ngnrates.com/js/ngn_iframe_converter.js?v=16(Line 154) Message: changed class: c-ml
console-api	debug	URL: https://www.ngnrates.com/js/ngn_iframe_converter.js?v=16(Line 155) Message: market: lagos
console-api	debug	URL: https://www.ngnrates.com/js/ngn_iframe_converter.js?v=16(Line 156) Message: pivot currency: USD
console-api	debug	URL: https://www.ngnrates.com/js/ngn_iframe_converter.js?v=16(Line 157) Message: to change currency: NGN
console-api	debug	URL: https://www.ngnrates.com/js/ngn_iframe_converter.js?v=16(Line 158) Message: pivotMult:1 pivotCurVal:522.0000 toChangeCurVal:1
console-api	debug	URL: https://www.ngnrates.com/js/ngn_iframe_converter.js?v=16(Line 159) Message: toChangeFinal: 522.0000

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9japaypal.com
adservice.google.com
adservice.google.de
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.wp.com
static.doubleclick.net
stats.wp.com
tpc.googlesyndication.com
www.9japaypal.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.ngnrates.com
142.250.184.226
185.141.190.66
192.0.76.3
2606:4700::6812:acf
2a00:1450:4001:802::2002
2a00:1450:4001:803::2006
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2008
2a00:1450:4001:812::2001
2a00:1450:4001:813::200a
2a00:1450:4001:828::2001
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
35.156.27.17
07c80e7e21d1cd6fbabf605e3223b961745b390b4b7e341dcde9eb31de58849a
08b2c6304ee68874316f87193fcae0bb31d29d8b7ab9b648cd68593f6cd80a66
0bbc88528657c36ea6a5266bb4ba58405c5d34022f4480265bd462c1f5096040
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0cccbc85300e96fda113529a7fd67274ce970c77b4e2839f704e8c219d9647ea
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
103fa4c31311b3f1d7b1eb043472143fccd228492266141a1a44a5cdd9572de2
104673f4859604362a18fc6294197d8fffb8cb24ad3211e92eb04f655e18cf4a
130e0f808b59f2dd5a57cc9c83c17b40cd8ceea68ccc04955cd0f1c1896c1e65
144dfc7f3c8315d272c4dc03429633b1b6766e898302f6ff059e7df0cf8c9021
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a61233d74bd895e736cf0a66a11e993a0598cc01bb7cf771a66d87f7e722660
228f0cc52066fcd6faebea2fedd1f09b1598f652b10ba7fcde51d44bbc165634
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
30a949187cdd1c73e43b3bdee9398a9ae27f403a9481999fc9f5f946d8af0079
36ab1f0fe770ec29fd86c02ecec47e0f6a9cbbe1c6a809518df9dd07f8e58730
36b3f48dd401aaf9daf03276d11575d3be4e36be5f4732141b8ba54aa0bdf18b
38b62d07851447c2930b4cffc1ab263fed9f2c3783164df5ab80ee59193db15e
3d62a87e7d1d4b0f651eeadf4906bf639747f0860ad8aeecd8269e7e4502ea32
47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50378aa9304561a118da2a16b43b3f978f6b1e79776748ddd28ec794a4a3e2d0
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
551e5d1f615f374e9e6dcd2cc055d821069465557990ab173998979ad7e57864
59f23837d2c9021f768c3314e658ed2316dd60a0ec38cbd2166bfdbc9fedf53c
5b17d7a0509ddd51d9d9a42a4feecd6f1788efe83a3387f69ec73248c113ab47
5cb8af58323b1969e3c400d1d8bc9c2bab6b25c61d446888ef10cb2c76c47e14
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
60fcfc4cd8906194e73cc290c6fe68be148d821ad68ddd217ef71f96221908d7
65d4897f822321b026af9391f81aeeb7d17625b790318d64f9b455bedfeab1eb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
672a49d934074051f8bf978911a8722276fa159cceecb17d83e56e108e2805c0
68d20d0ca53ee64a997ed6c417ca0df180c43e5cd4f452268a17476abf34d7cd
6aada20fd43e169cf66bccc397c5848368892f7920bd515452b8c3219f256be6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
772ec792f20e0819b498767b59380026fe7cf698b42e3b07e2c9b856d508436e
7837c0e6e812a8e425fa4143a270efe387cd7ef33149a0e60ea2caca8c773676
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7cbbd3be7af4254767cabe8b89e9240195c3c8ae86bcd6fa2dcd0987f28ffb22
81314bcde79f0ba3305d5199158bc537dff6ceee88f49516fabbe9bb6c787bfa
87c1b41600a9c528d58a7f0b39611ac2285b2c8e680723c4c63acff8e551aa69
8c79f09d1e74eadaf897561f5d70265ed2884663d34ad9c4d7f2aebff3b85a6b
92a3b7dcf21015a0219bf3808bf50daf7cabe658e82d648eacfa5eb1454a312e
94b173ce83e26e33c2cc21710b5fe6980a06d8ea85d1c4508e817cb04e295c88
9b0cdd883ba5aba9619606b07e5354d7a7d02c613f16304b2be6f14382142a7b
9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff
9ba960ea81478fbef01cf65b30d36c32b7d2a9675f903b07e8b46afe98855e4f
9d65843c3ad8aaa2ccc358e55005748ccabd9984f729c2c28db5639444c67f5e
a499d095c8c4aaaea31e4f3499749607adf89857c582d9497f0f09ac25c92385
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a52935114e24e8f2d5c6d33f048a4690635181cde1e030731351f91e80b4c884
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a78f41d1e203564ecabcffea57922f076c345791518d37485d681c0e0cbb132a
afc1cc7d2fc63ad886cb69d88acec1623bb534fac1196f2ed9a97cfd51f95975
afff128501f5a39909ff59f505d74b143e7c34b20bfce3ce22b272125539cda5
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
ba7f5371ea17682a9f67311e35bb4569638ef223cad423f4a98cf626cce893d7
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bd8048912f07fc82ed6e39d0f305a5d7cb1a84242e5db22545be05941306d915
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
c197be9b52531e532c94fece60ee556c0f4edea41d496c95c7875460715676ab
c45b4d9e5b4d77ba26862157dd0b9e4d52d61ffa37d897b1a6d21ecce89f6235
c52c02de7778e3d34c444a707aaed2c52bb4f82fbb0a7f4bcc5f618af0952856
cab8a95ca8e2bf48b0f4e16f3b1298fbb408d416e575b6bb0b766a48d6ec7e45
cfbc3c25913196c3a3c5eb38ee4d0a5845810a1a08cd4470feff95a1a7d7f747
d06d0130752351092111d50d2b40c2006750758465ba4f5113c6ee5b51cbe847
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
d57cbb2d62c0670a321f68eb85bbc1b920a69d42268be512f588f6f35c775268
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
dbb80dcea54f7729198af5e295a98e3cacc3a66a7c308cda48625042944170b9
dc28014f904e3bf130ebcd1dc4242870f70d956375477a0b316ed743531de5d0
df0645c7b74b5c9f004ff667f41f77c992f5f9645c4a8692c271acbdd7d47879
e29aa4d3a5d4948809fcd1d7fd555cdb4714c019212b24824eea9e15ff999aa5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
eb5b7ab2ceadf41bcfde962ba35afd9bad9ac6a4c5c4089cea7b0b96bd7e7e3c
f1e1c4b018d72dcd5272ce7820cb78f135fb878711515d7e48b251c3a3718749
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f876826d7d1588f8d2f01e671b9b788d68b176ab51d2aaea26f0c64a15bf94cd
f96b10d6210322305a1d6e2ff19119ebf4e1b869e94748614b7ae2ed3599b12d
fa2eba553dc7fe5f4c24de7396a340a437f3901928ef6de7e2750c37bfb557c3
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

9japaypal.com Open in urlscan Pro 185.141.190.66 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

100 Requests

100 %HTTPS

80 %IPv6

14 Domains

19 Subdomains

21 IPs

2 Countries

3364 kBTransfer

6045 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

9japaypal.com Open in urlscan Pro
185.141.190.66 Public Scan

Screenshot
Live screenshot

Full Image

100
Requests

100 %
HTTPS

80 %
IPv6

14
Domains

19
Subdomains

21
IPs

2
Countries

3364 kB
Transfer

6045 kB
Size

2
Cookies

100 HTTP transactions
2 data transactions