urlscan.io logo urlscan.io
SecurityTrails logo

9xadda.com Open in urlscan Pro
15.235.3.209  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://9xadda.com/
Effective URL: https://9xadda.com/
Submission: On March 07 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 2 countries across 18 domains to perform 122 HTTP transactions. The main IP is 15.235.3.209, located in Canada and belongs to OVH, FR. The main domain is 9xadda.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 26th 2023. Valid for: 3 months.
This is the only time 9xadda.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

13    15.235.3.209 (Canada)

ASN16276 (OVH, FR)
PTR: mail.servercpl.com
9xadda.com
8    2607:f8b0:4006:81d::200a (Nutley, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2607:f8b0:4006:822::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
15    2607:f8b0:4006:80d::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
14    2607:f8b0:4006:822::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
www.gstatic.com
9    2607:f8b0:4006:820::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2607:f8b0:4006:821::200e (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2607:f8b0:4006:81f::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
www.googletagservices.com
2    2607:f8b0:4006:808::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
2    2607:f8b0:4006:817::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
16    2607:f8b0:4006:80b::200e (Nutley, United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
24    2607:f8b0:4006:809::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2607:f8b0:4006:816::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google.com
2    2606:ae80:1471:18::1370 (United States)

ASN25751 (VALUECLICK, US)
dclk-match.dotomi.com
7    172.217.165.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lax30s03-in-f2.1e100.net
cm.g.doubleclick.net
1    216.200.232.249 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    34.201.238.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-201-238-83.compute-1.amazonaws.com
rtb.adentifi.com
2    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
1    23.22.253.69 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-253-69.compute-1.amazonaws.com
cc.adingo.jp
1    52.45.175.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com
im.bluevoox.com
2    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
Apex Domain
Subdomains		 Transfer
39 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 140
438 KB
20 google.com
adservice.google.com — Cisco Umbrella Rank: 73
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1939
www.google.com — Cisco Umbrella Rank: 2
57 KB
16 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
cm.g.doubleclick.net — Cisco Umbrella Rank: 202
142 KB
14 gstatic.com
fonts.gstatic.com
www.gstatic.com
141 KB
13 9xadda.com
9xadda.com
6 MB
8 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
6 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 183
194 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
20 KB
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 883
1 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 277
2 KB
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2856
890 B
2 google.ca
adservice.google.ca — Cisco Umbrella Rank: 13896
696 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44
111 KB
1 bluevoox.com
im.bluevoox.com — Cisco Umbrella Rank: 12162
521 B
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 5325
419 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1046
35 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 459
863 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 855
601 B
122 18
Domain Requested by
24 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
16 fundingchoicesmessages.google.com pagead2.googlesyndication.com
15 pagead2.googlesyndication.com 9xadda.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
13 9xadda.com 1 redirects 9xadda.com
9 googleads.g.doubleclick.net pagead2.googlesyndication.com
9xadda.com
googleads.g.doubleclick.net
8 fonts.gstatic.com fonts.googleapis.com
8 fonts.googleapis.com 9xadda.com
googleads.g.doubleclick.net
7 cm.g.doubleclick.net googleads.g.doubleclick.net
6 www.gstatic.com googleads.g.doubleclick.net
4 www.googletagservices.com googleads.g.doubleclick.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 rtb.mfadsrvr.com 2 redirects
2 x.bidswitch.net 2 redirects
2 dclk-match.dotomi.com 2 redirects
2 www.google.com tpc.googlesyndication.com
googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.ca pagead2.googlesyndication.com
2 www.googletagmanager.com 9xadda.com
www.googletagmanager.com
1 im.bluevoox.com 1 redirects
1 cc.adingo.jp 1 redirects
1 rtb.adentifi.com googleads.g.doubleclick.net
1 sync.mathtag.com 1 redirects
1 partner.googleadservices.com pagead2.googlesyndication.com
122 23

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
pinterest.com
www.linkedin.com
Subject Issuer Validity Valid
9xadda.com
cPanel, Inc. Certification Authority		 2023-02-26 -
2023-05-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
adentifi.com
Amazon RSA 2048 M02		 2023-02-22 -
2023-09-03		 6 months crt.sh

This page contains 15 frames:

Primary Page: https://9xadda.com/
Frame ID: 535767D17C0BE2E2996ACB83F982692D
Requests: 55 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20190131/zrt_lookup.html
Frame ID: CC35E6F87BE59041B1C31A5B75CCFB31
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6679085186571484&output=html&adk=1812271804&adf=3025194257&lmt=1678168157&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_r&format=0x0&url=https%3A%2F%2F9xadda.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678171083660&bpp=3&bdt=409&idt=194&shv=r20230302&mjsv=m202302220101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7592414932826&frm=20&pv=2&ga_vid=562576923.1678171084&ga_sid=1678171084&ga_hid=1538156138&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759926%2C44759875%2C31072621&oid=2&pvsid=3313716525767128&tmod=1558557189&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=228
Frame ID: 535B8D26ED8292FE5F4B6D60CB6A3243
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 786197C56ADA69A4A3DAC7F01A606F67
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0DE4C32D8145784A70C8AA76CF42E461
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-6679085186571484&output=html&h=600&adk=246301125&adf=3441279695&pi=t.aa~a.220693436~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1678168157&rafmt=1&to=qs&pwprc=6028419322&format=300x600&url=https%3A%2F%2F9xadda.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678171084536&bpp=2&bdt=1285&idt=-M&shv=r20230302&mjsv=m202302220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da7dce61b20bfe02e-220f6461b6de00cd%3AT%3D1678171083%3ART%3D1678171083%3AS%3DALNI_MYCIS-pCx76QD-RlPGZVK7ihpiBuA&gpic=UID%3D000009d193ddfff7%3AT%3D1678171083%3ART%3D1678171083%3AS%3DALNI_MYUMzbRK3ltQJfESHcW9-nECSUoew&prev_fmts=0x0&nras=2&correlator=7592414932826&frm=20&pv=1&ga_vid=562576923.1678171084&ga_sid=1678171084&ga_hid=1538156138&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759926%2C44759875%2C31072621&oid=2&pvsid=3313716525767128&tmod=1558557189&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jyCR0BGDm7&p=https%3A//9xadda.com&dtd=159
Frame ID: 9EDE3CEB80BF5747E6615C3088457C37
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Frame ID: BBEAC0E1017D734B75C8F390CA9E2CFE
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Frame ID: E929663D585A9BFD6E2272517561FCE7
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Frame ID: A25ED984B55277EBC3020230969C0560
Requests: 14 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 3A895F16E1B78F8E6DBB4036B8AC2C78
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js
Frame ID: 53B92339519010ED5824C9F2015D1970
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js
Frame ID: 5BB5A9BF305A62D450DCFE995F80B512
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js
Frame ID: 34E16A927CF4E2EAF9F647FE19966CE9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3DAFBC08C1BEFABE9460632FC8A8AC24
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js
Frame ID: F8C02BC33DE4CEA1B1E9E2C4A9686B1F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

9xADDA | Hindi Punjabi Songs Lyrics —

Page URL History Show full URLs

  1. http://9xadda.com/ HTTP 301
    https://9xadda.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

122
Requests

95 %
HTTPS

62 %
IPv6

18
Domains

23
Subdomains

16
IPs

2
Countries

7648 kB
Transfer

10079 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://9xadda.com/ HTTP 301
    https://9xadda.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 101
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEMy7cWpIreyr6-_mdLCvvWs&google_cver=1&google_push=Aa02lx9HUPgVofXBE6CRpH3sroxQYNeOg4fXoujPE_BFkcPhDfLW5tsqAZu4H6FFdLtlVzKZcvH7nuqfnRvtI1NxnUoT03m9VPNb0jE HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=40172225017515f2&is_secure=true&networkId=14000&version=1&google_gid=CAESEMy7cWpIreyr6-_mdLCvvWs&google_cver=1&google_push=Aa02lx9HUPgVofXBE6CRpH3sroxQYNeOg4fXoujPE_BFkcPhDfLW5tsqAZu4H6FFdLtlVzKZcvH7nuqfnRvtI1NxnUoT03m9VPNb0jE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAACIm6aHF-ERgNnAjb8AAAAAAA&expiration=1678257486&google_cver=1&is_secure=true&google_gid=CAESEMy7cWpIreyr6-_mdLCvvWs&google_push=Aa02lx9HUPgVofXBE6CRpH3sroxQYNeOg4fXoujPE_BFkcPhDfLW5tsqAZu4H6FFdLtlVzKZcvH7nuqfnRvtI1NxnUoT03m9VPNb0jE
Request Chain 102
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKHkuzDcrbxwvFz5VWzD0Nk&google_cver=1&google_push=Aa02lx_GYfinyw5Sds9AEVebzI5oR8fyS_2GiYdsiptxdqzIXVmmiL3YCAXi6VSJvw4aa0AMUPcFi7KDvj-rCqmpz0iDf1pfyN6oIg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_GYfinyw5Sds9AEVebzI5oR8fyS_2GiYdsiptxdqzIXVmmiL3YCAXi6VSJvw4aa0AMUPcFi7KDvj-rCqmpz0iDf1pfyN6oIg
Request Chain 104
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECSFrqs_SXR_g0IO-3kKSoo&google_cver=1&google_push=Aa02lx-O7X5yp-EgQH5YLwcP-wkbwd_VqQYIPmpo0VigZl_aFGefzux-rYbBcxo0e6tbX5JPbVXzR380v9lBFywzySh7jXntbO4Czo0 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESECSFrqs_SXR_g0IO-3kKSoo&google_cver=1&google_push=Aa02lx-O7X5yp-EgQH5YLwcP-wkbwd_VqQYIPmpo0VigZl_aFGefzux-rYbBcxo0e6tbX5JPbVXzR380v9lBFywzySh7jXntbO4Czo0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx-O7X5yp-EgQH5YLwcP-wkbwd_VqQYIPmpo0VigZl_aFGefzux-rYbBcxo0e6tbX5JPbVXzR380v9lBFywzySh7jXntbO4Czo0&google_hm=mMBQ7wo2QCi2rLpUBNdrLw==
Request Chain 105
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEPSTPxRoJF6doWLN7qO7650&google_cver=1&google_push=Aa02lx8iq8o9AHenldKUqawJcNgw2xFLiXKqLW8RVvrTFCbWLb2f98JJJL3OfsNZ_LT-Kl-8lP1fTiuR5ln1RgSt1rsY06RKUei3KAs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=Aa02lx8iq8o9AHenldKUqawJcNgw2xFLiXKqLW8RVvrTFCbWLb2f98JJJL3OfsNZ_LT-Kl-8lP1fTiuR5ln1RgSt1rsY06RKUei3KAs&google_hm=41ba6a094d235d7466171e0832f03656
Request Chain 106
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEEVdcHLtbhHnMDvtVNTON-A&google_cver=1&google_push=Aa02lx8CYeCYe3I73ErmyXIgxdxcwSmVtBOguMVe6cBLuW3JohpgkJ7y8ZNj-WTVKxAoYA9rf9dMIDNYCyAhjSLp64lvl4TFiq1lGi4v HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aa02lx8CYeCYe3I73ErmyXIgxdxcwSmVtBOguMVe6cBLuW3JohpgkJ7y8ZNj-WTVKxAoYA9rf9dMIDNYCyAhjSLp64lvl4TFiq1lGi4v&google_hm=QlMuMzI4Ni1jNmZhLTQ3MGYtYWRlOQ==
Request Chain 107
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEB3k7JaQZBkDd6nZs8gt0Os&google_cver=1&google_push=Aa02lx9ALIpsBBuU_vGfCG4A66Z48LLlz4t_C1eORWZsGB0jhrm_8rYAQ_fVIR7euwIi-n_L8LRkE_RHlx6Aig-Bshz9T82pudqLqGlX HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEB3k7JaQZBkDd6nZs8gt0Os&google_cver=1&google_push=Aa02lx9ALIpsBBuU_vGfCG4A66Z48LLlz4t_C1eORWZsGB0jhrm_8rYAQ_fVIR7euwIi-n_L8LRkE_RHlx6Aig-Bshz9T82pudqLqGlX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=uboObMG5SBSy0jts6K6XrQ==&no_redirect=1&google_push=Aa02lx9ALIpsBBuU_vGfCG4A66Z48LLlz4t_C1eORWZsGB0jhrm_8rYAQ_fVIR7euwIi-n_L8LRkE_RHlx6Aig-Bshz9T82pudqLqGlX

122 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
9xadda.com/
Redirect Chain
  • http://9xadda.com/
  • https://9xadda.com/
92 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9xadda.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.235.3.209 , Canada, ASN16276 (OVH, FR),
Reverse DNS
mail.servercpl.com
Software
/
Resource Hash
0866bd607b379c73d342df964cfd5f909063fb493ddc2015f60bd696ef1cf996

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
public, max-age=0
content-encoding
gzip
content-length
13247
content-type
text/html; charset=UTF-8
date
Tue, 07 Mar 2023 06:38:03 GMT
expires
Tue, 07 Mar 2023 06:38:03 GMT
last-modified
Tue, 07 Mar 2023 05:49:17 GMT
vary
Accept-Encoding,Accept-Encoding

Redirect headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
707
content-type
text/html
date
Tue, 07 Mar 2023 06:38:03 GMT
location
https://9xadda.com/
vary
Accept-Encoding
8a415574c63c1622d8364a403ff41d54.css
9xadda.com/wp-content/cache/min/1/ 		256 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://9xadda.com/wp-content/cache/min/1/8a415574c63c1622d8364a403ff41d54.css
Requested by
Host: 9xadda.com
URL: https://9xadda.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.235.3.209 , Canada, ASN16276 (OVH, FR),
Reverse DNS
mail.servercpl.com
Software
/
Resource Hash
26413769d06721317e217bdb51ba74ca6952f3c811cc22849f39d7abdcbb32a0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9xadda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:38:03 GMT
content-encoding
br
last-modified
Wed, 01 Mar 2023 11:16:45 GMT
vary
Accept-Encoding,Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
content-length
40280
expires
Wed, 06 Mar 2024 06:38:03 GMT
css
fonts.googleapis.com/ 		6 KB
666 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins%3Aital%2Cwght%400%2C400%3B0%2C500%3B0%2C600%3B0%2C700%3B0%2C800%3B1%2C400&display=swap&ver=6.1.1
Requested by
Host: 9xadda.com
URL: https://9xadda.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7a2354caea7b0425f0de9d7427fb62c9e28157d1bf1c027f438fbcbcf1404154
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9xadda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 07 Mar 2023 06:38:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 06:38:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Mar 2023 06:38:03 GMT
css
fonts.googleapis.com/ 		5 KB
615 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Muli:400,400i,500,600,700&display=swap
Requested by
Host: 9xadda.com
URL: https://9xadda.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
437aaffb3530c34d75613bc2ed427464f642e6747e3d6876f05e9b1a38bfd87a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9xadda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 07 Mar 2023 06:38:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 05:44:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Mar 2023 06:38:03 GMT
css
fonts.googleapis.com/ 		1 KB
871 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Prata&display=swap
Requested by
Host: 9xadda.com
URL: https://9xadda.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
96c4e58e8a03bbdefeb244e74873ce152349cdb30b308628dd7c3e2d7c7e118a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9xadda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 07 Mar 2023 06:38:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 05:54:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Mar 2023 06:38:03 GMT
css
fonts.googleapis.com/ 		811 B
454 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Monsieur+La+Doulaise&display=swap
Requested by
Host: 9xadda.com
URL: https://9xadda.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
17c27844971f9013c06cd17d63f04479251b35ef59e87a0e012e4dc9ebe70507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9xadda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 07 Mar 2023 06:38:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 06:38:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Mar 2023 06:38:03 GMT
jquery.min.js
9xadda.com/wp-includes/js/jquery/ 		88 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://9xadda.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: 9xadda.com
URL: https://9xadda.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
15.235.3.209 , Canada, ASN16276 (OVH, FR),
Reverse DNS
mail.servercpl.com
Software
/
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9xadda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:38:03 GMT
content-encoding
br
last-modified
Wed, 02 Nov 2022 06:17:08 GMT
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
30324
expires
Wed, 06 Mar 2024 06:38:03 GMT
js
www.googletagmanager.com/gtag/ 		112 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-253337458-1
Requested by
Host: 9xadda.com
URL: https://9xadda.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ac7ead356730a3af51e9ff2a39a977e9a8925b322e165a7a6b291a6c2456c315
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9xadda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:38:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44740
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 07 Mar 2023 06:38:03 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6679085186571484&host=ca-host-pub-2644536267352236
Requested by
Host: 9xadda.com
URL: https://9xadda.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a1c9b6a41703c73a0302bb40ede8583fe4c6fd361f53703c60159ed232523eab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9xadda.com/
Origin
https://9xadda.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:38:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48555
x-xss-protection
0
server
cafe
etag
15276765457668815070
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 07 Mar 2023 06:38:03 GMT
aa5b41d001cfa1414cb6ed9cbd8be1b4.js
9xadda.com/wp-content/cache/min/1/ 		144 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://9xadda.com/wp-content/cache/min/1/aa5b41d001cfa1414cb6ed9cbd8be1b4.js
Requested by
Host: 9xadda.com
URL: https://9xadda.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
15.235.3.209 , Canada, ASN16276 (OVH, FR),
Reverse DNS
mail.servercpl.com
Software
/
Resource Hash
680e5bed2ba67feabd5c3e5a2ece4281891b66d21da3614c0aab68ac267f0e3c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9xadda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:38:03 GMT
content-encoding
br
last-modified
Sun, 05 Mar 2023 02:56:11 GMT
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
content-length
38617
expires
Wed, 06 Mar 2024 06:38:03 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3Aital%2Cwght%400%2C400%3B0%2C500%3B0%2C600%3B0%2C700%3B0%2C800%3B1%2C400&display=swap&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://9xadda.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 18:44:58 GMT
x-content-type-options
nosniff
age
388385
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 18:44:58 GMT
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
wp-emoji-release.min.js
9xadda.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://9xadda.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by
Host: 9xadda.com
URL: https://9xadda.com/wp-content/cache/min/1/aa5b41d001cfa1414cb6ed9cbd8be1b4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
15.235.3.209 , Canada, ASN16276 (OVH, FR),
Reverse DNS
mail.servercpl.com
Software
/
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9xadda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:38:03 GMT
content-encoding
br
last-modified
Tue, 12 Apr 2022 09:26:24 GMT
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
content-length
4619
expires
Wed, 06 Mar 2024 06:38:03 GMT
/
9xadda.com/ 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9xadda.com/
Requested by
Host: 9xadda.com
URL: https://9xadda.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
15.235.3.209 , Canada, ASN16276 (OVH, FR),
Reverse DNS
mail.servercpl.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9xadda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:38:03 GMT
content-encoding
gzip
last-modified
Tue, 07 Mar 2023 05:49:17 GMT
vary
Accept-Encoding,Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
content-length
13247
expires
Tue, 07 Mar 2023 06:38:03 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3Aital%2Cwght%400%2C400%3B0%2C500%3B0%2C600%3B0%2C700%3B0%2C800%3B1%2C400&display=swap&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://9xadda.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 21:06:51 GMT
x-content-type-options
nosniff
age
379872
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 21:06:51 GMT
fontawesome-webfont.woff2
9xadda.com/wp-content/themes/polite/fonts/ 		70 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://9xadda.com/wp-content/themes/polite/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: 9xadda.com
URL: https://9xadda.com/wp-content/cache/min/1/8a415574c63c1622d8364a403ff41d54.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
15.235.3.209 , Canada, ASN16276 (OVH, FR),
Reverse DNS
mail.servercpl.com
Software
/
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer
https://9xadda.com/wp-content/cache/min/1/8a415574c63c1622d8364a403ff41d54.css
Origin
https://9xadda.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:38:03 GMT
last-modified
Tue, 21 Feb 2023 08:49:02 GMT
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
71896
expires
Wed, 05 Jul 2023 06:38:03 GMT
pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3Aital%2Cwght%400%2C400%3B0%2C500%3B0%2C600%3B0%2C700%3B0%2C800%3B1%2C400&display=swap&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://9xadda.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 09:02:27 GMT
x-content-type-options
nosniff
age
423336
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7824
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:52:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 09:02:27 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3Aital%2Cwght%400%2C400%3B0%2C500%3B0%2C600%3B0%2C700%3B0%2C800%3B1%2C400&display=swap&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://9xadda.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 18:41:41 GMT
x-content-type-options
nosniff
age
388582
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 18:41:41 GMT
pxiEyp8kv8JHgFVrJJnecmNE.woff2
fonts.gstatic.com/s/poppins/v20/ 		5 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3Aital%2Cwght%400%2C400%3B0%2C500%3B0%2C600%3B0%2C700%3B0%2C800%3B1%2C400&display=swap&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb8bdeabc838774d9808eb7c4cfcea963b57855e34f84b54797076940c8e5986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://9xadda.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 09:02:23 GMT
x-content-type-options
nosniff
age
423340
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5544
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 09:02:23 GMT
9xadda-1.png
9xadda.com/wp-content/uploads/2023/02/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9xadda.com/wp-content/uploads/2023/02/9xadda-1.png
Requested by
Host: 9xadda.com
URL: https://9xadda.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
15.235.3.209 , Canada, ASN16276 (OVH, FR),
Reverse DNS
mail.servercpl.com
Software
/
Resource Hash
3145e78c5eb6f5a67d8a67463f8fcf4f78fd9e4194c5f872282da20b519a342c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9xadda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:38:03 GMT
last-modified
Wed, 22 Feb 2023 17:42:26 GMT
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=10368000,public
accept-ranges
bytes
content-length
82554
expires
Wed, 05 Jul 2023 06:38:03 GMT
png_20230307_082250_0000.png
9xadda.com/wp-content/uploads/2023/03/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9xadda.com/wp-content/uploads/2023/03/png_20230307_082250_0000.png
Requested by
Host: 9xadda.com
URL: https://9xadda.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
15.235.3.209 , Canada, ASN16276 (OVH, FR),
Reverse DNS
mail.servercpl.com
Software
/
Resource Hash
2dbcda8196ef066e5b4bb83d956fda797bf3db2b7884abeb94d7af04abc2b273

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9xadda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:38:03 GMT
last-modified
Tue, 07 Mar 2023 05:48:20 GMT
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=10368000,public
accept-ranges
bytes
content-length
2151478
expires
Wed, 05 Jul 2023 06:38:03 GMT
png_20230307_082534_0000.png
9xadda.com/wp-content/uploads/2023/03/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9xadda.com/wp-content/uploads/2023/03/png_20230307_082534_0000.png
Requested by
Host: 9xadda.com
URL: https://9xadda.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
15.235.3.209 , Canada, ASN16276 (OVH, FR),
Reverse DNS
mail.servercpl.com
Software
/
Resource Hash
6506d689b4b6c430844f6c54349e6b2d5b4fd8eb896b7468bb4c14736bb85878

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9xadda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:38:03 GMT
last-modified
Tue, 07 Mar 2023 04:45:16 GMT
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=10368000,public
accept-ranges
bytes
content-length
1591895
expires
Wed, 05 Jul 2023 06:38:03 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302220101/ 		361 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302220101/show_ads_impl_fy2021.js?bust=31072621
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6679085186571484&host=ca-host-pub-2644536267352236
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
74d4e8ac69e9076f6419dac7a8bf378b337441314782c4fa8aa59cd792cadf6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9xadda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:38:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121624
x-xss-protection
0
server
cafe
etag
15583290096923255931
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Mar 2023 06:38:03 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230302/r20190131/ Frame CC35 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230302/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6679085186571484&host=ca-host-pub-2644536267352236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9xadda.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
6320
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 07 Mar 2023 04:52:43 GMT
etag
2378337311435320485
expires
Tue, 21 Mar 2023 04:52:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-253337458-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9xadda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 07 Mar 2023 04:47:24 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
6639
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Tue, 07 Mar 2023 06:47:24 GMT
js
www.googletagmanager.com/gtag/ 		183 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1HF1FGPVY4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-253337458-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0a64ba4d18d2e54d4a27390236e7834eff2d42aa53f371e1db06b47cbd46fe3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9xadda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:38:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
68868
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 07 Mar 2023 06:38:03 GMT
png_20230305_081018_0000.png
9xadda.com/wp-content/uploads/2023/03/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9xadda.com/wp-content/uploads/2023/03/png_20230305_081018_0000.png
Requested by
Host: 9xadda.com
URL: https://9xadda.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
15.235.3.209 , Canada, ASN16276 (OVH, FR),
Reverse DNS
mail.servercpl.com
Software
/
Resource Hash
020c68b7031e6bd60ef17f9c70fad61959b6a4901b85aa82e5b3111220aee000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9xadda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:38:03 GMT
last-modified
Sun, 05 Mar 2023 03:08:59 GMT
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=10368000,public
accept-ranges
bytes
content-length
1441507
expires
Wed, 05 Jul 2023 06:38:03 GMT
collect
www.google-analytics.com/j/ 		1 B
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=1538156138&t=pageview&_s=1&dl=https%3A%2F%2F9xadda.com%2F&ul=en-us&de=UTF-8&dt=9xADDA%20%7C%20Hindi%20Punjabi%20Songs%20Lyrics%20%E2%80%94&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAACAAI~&jid=297561106&gjid=1247849984&cid=562576923.1678171084&tid=UA-253337458-1&_gid=1333344463.1678171084&_r=1&gtm=457e3310&did=dZTNiMT&gdid=dZTNiMT&z=137414395
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://9xadda.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 06:38:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://9xadda.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-1HF1FGPVY4&gtm=45je3310&_p=1538156138&gdid=dZTNiMT&cid=562576923.1678171084&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1678171083&sct=1&seg=0&dl=https%3A%2F%2F9xadda.com%2F&dt=9xADDA%20%7C%20Hindi%20Punjabi%20Songs%20Lyrics%20%E2%80%94&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1HF1FGPVY4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9xadda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 06:38:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://9xadda.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		387 B
601 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=9xadda.com&callback=_gfp_s_&client=ca-pub-6679085186571484
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302220101/show_ads_impl_fy2021.js?bust=31072621
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
93c6a9663de0553cfe480ec754a5b6ebf4e311186206b97f973a9a4aa7c51386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9xadda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:38:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
250
x-xss-protection
0
integrator.js
adservice.google.ca/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=9xadda.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302220101/show_ads_impl_fy2021.js?bust=31072621
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9xadda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:38:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=9xadda.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302220101/show_ads_impl_fy2021.js?bust=31072621
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9xadda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:38:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 535B 		421 KB
89 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6679085186571484&output=html&adk=1812271804&adf=3025194257&lmt=1678168157&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_r&format=0x0&url=https%3A%2F%2F9xadda.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678171083660&bpp=3&bdt=409&idt=194&shv=r20230302&mjsv=m202302220101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7592414932826&frm=20&pv=2&ga_vid=562576923.1678171084&ga_sid=1678171084&ga_hid=1538156138&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759926%2C44759875%2C31072621&oid=2&pvsid=3313716525767128&tmod=1558557189&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=228
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302220101/show_ads_impl_fy2021.js?bust=31072621
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e181c266dd2b15173ce2f921c0ddda96e2ec6ef45a3b90bff6611f947143037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9xadda.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
90596
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 07 Mar 2023 06:38:04 GMT
expires
Tue, 07 Mar 2023 06:38:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
png_20230305_095743_0000.png
9xadda.com/wp-content/uploads/2023/03/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9xadda.com/wp-content/uploads/2023/03/png_20230305_095743_0000.png
Requested by
Host: 9xadda.com
URL: https://9xadda.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
15.235.3.209 , Canada, ASN16276 (OVH, FR),
Reverse DNS
mail.servercpl.com
Software
/
Resource Hash
781d9d9599616ef17173ebf0b6243fe8a2dd17d0cf70f95f1525fb0c7c8c33e1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9xadda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:38:03 GMT
last-modified
Sun, 05 Mar 2023 04:40:32 GMT
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=10368000,public
accept-ranges
bytes
content-length
1130146
expires
Wed, 05 Jul 2023 06:38:03 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230302&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302220101/show_ads_impl_fy2021.js?bust=31072621
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
267f620dddc627fd07fc65c437fd32acb6bdb500932d37bd54e6d6cfc25e4f4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9xadda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:38:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11259
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302220101/ 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302220101/reactive_library_fy2021.js?bust=31072621
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302220101/show_ads_impl_fy2021.js?bust=31072621
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1aa6f7c7ecb14abc57b475a3a4a87b8f51125005641a8384b6e60a1d34fa31f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9xadda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:38:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52392
x-xss-protection
0
server
cafe
etag
6701799351088853304
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Mar 2023 06:38:04 GMT
ca-pub-6679085186571484
fundingchoicesmessages.google.com/i/ 		126 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-6679085186571484?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302220101/show_ads_impl_fy2021.js?bust=31072621
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
35ae967a558cf0747c12ac4e91c0be183701842e476f13564aca784b70dda615
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-F6k1ypwoWWMqMILixZbG5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9xadda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:38:04 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-F6k1ypwoWWMqMILixZbG5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302220101/show_ads_impl_fy2021.js?bust=31072621
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9xadda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:38:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 07 Mar 2023 06:38:04 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7861 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9xadda.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
50474
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 16:36:50 GMT
expires
Tue, 05 Mar 2024 16:36:50 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0DE4 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d99c7635fed84edbe90772b886f912ae7fd89fbf2b713830c52df8315fb656cd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4iAL9hZLyoL_r0FczZ_bPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://9xadda.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-4iAL9hZLyoL_r0FczZ_bPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 07 Mar 2023 06:38:04 GMT
expires
Tue, 07 Mar 2023 06:38:04 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
integrator.js
adservice.google.ca/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=9xadda.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302220101/show_ads_impl_fy2021.js?bust=31072621
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9xadda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:38:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=9xadda.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302220101/show_ads_impl_fy2021.js?bust=31072621
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9xadda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:38:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9EDE 		91 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-6679085186571484&output=html&h=600&adk=246301125&adf=3441279695&pi=t.aa~a.220693436~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1678168157&rafmt=1&to=qs&pwprc=6028419322&format=300x600&url=https%3A%2F%2F9xadda.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678171084536&bpp=2&bdt=1285&idt=-M&shv=r20230302&mjsv=m202302220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da7dce61b20bfe02e-220f6461b6de00cd%3AT%3D1678171083%3ART%3D1678171083%3AS%3DALNI_MYCIS-pCx76QD-RlPGZVK7ihpiBuA&gpic=UID%3D000009d193ddfff7%3AT%3D1678171083%3ART%3D1678171083%3AS%3DALNI_MYUMzbRK3ltQJfESHcW9-nECSUoew&prev_fmts=0x0&nras=2&correlator=7592414932826&frm=20&pv=1&ga_vid=562576923.1678171084&ga_sid=1678171084&ga_hid=1538156138&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759926%2C44759875%2C31072621&oid=2&pvsid=3313716525767128&tmod=1558557189&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jyCR0BGDm7&p=https%3A//9xadda.com&dtd=159
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302220101/show_ads_impl_fy2021.js?bust=31072621
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
741f28b4240ad526e4f2d96c1cb8b4574cadbf5580987768d37acf1c116960f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9xadda.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
33817
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 07 Mar 2023 06:38:05 GMT
expires
Tue, 07 Mar 2023 06:38:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/ Frame BBEA 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302220101/show_ads_impl_fy2021.js?bust=31072621
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9xadda.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
33597
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 21:18:07 GMT
etag
2378337311435320485
expires
Mon, 20 Mar 2023 21:18:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/ Frame E929 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302220101/show_ads_impl_fy2021.js?bust=31072621
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9xadda.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
33597
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 21:18:07 GMT
etag
2378337311435320485
expires
Mon, 20 Mar 2023 21:18:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/ Frame A25E 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302220101/show_ads_impl_fy2021.js?bust=31072621
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9xadda.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
33597
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 21:18:07 GMT
etag
2378337311435320485
expires
Mon, 20 Mar 2023 21:18:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxV1SpDxWZeY8vwGRlRmKTdipa4wGOh7hGdmgsUvqG-Pt768y158E0lstiBj2xAcZaxFkmGghnMA-2ZKZoqDf68=
fundingchoicesmessages.google.com/f/ 		13 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxV1SpDxWZeY8vwGRlRmKTdipa4wGOh7hGdmgsUvqG-Pt768y158E0lstiBj2xAcZaxFkmGghnMA-2ZKZoqDf68=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc4MTcxMDg0LDc3MzAwMDAwMF0sIkZDODQ4NTVELTgyM0YtNEYxQy04RjIyLTg4NzhCNTcwNkQ2QyIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vOXhhZGRhLmNvbS8iLG51bGwsW1s4LCJaU3BmRHJfcTNPVSJdLFs5LCJlbi1VUyJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ZSpfDr_q3OU.es5.O/d=1/rs=AJlcJMyMFe_85TFyr0FF0ZRnS5YhahvfBw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
acef3bd077d067d9966017296c46217846ebe01dd511860aefdbaae0d1d08a8d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-z24T0of_saaB2EnBCgWRwQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9xadda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:38:04 GMT
content-security-policy
script-src 'report-sample' 'nonce-z24T0of_saaB2EnBCgWRwQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ Frame BBEA 		4 KB
732 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 07 Mar 2023 06:38:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 05:42:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Mar 2023 06:38:04 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BBEA 		205 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 23:27:43 GMT
x-content-type-options
nosniff
age
112221
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 04 Mar 2024 23:27:43 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BBEA 		604 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 00:27:46 GMT
x-content-type-options
nosniff
age
108618
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 05 Mar 2024 00:27:46 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/elements/html/ Frame BBEA 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e37316f20ee8564506ca9dbf035ba412ef6f79d7fd534c98b6f7d2bd49e11dc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:27:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
40246
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8547
x-xss-protection
0
server
cafe
etag
17360858034827311943
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 19:27:18 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame E929 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:08:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
41350
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 19:08:54 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/ Frame E929 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 12:24:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
65613
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9103
x-xss-protection
0
server
cafe
etag
315661852888499207
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 12:24:31 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame E929 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:08:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
41350
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 19:08:54 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame E929 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:08:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
41350
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8558
x-xss-protection
0
server
cafe
etag
3110455901848521628
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 19:08:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E929 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:38:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49547
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678106210411282"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Mar 2023 06:38:04 GMT
887cfa9374a0c130d54aa7fe143e0312.js
www.gstatic.com/mysidia/ Frame E929 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:18:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
310802
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14316
x-xss-protection
0
last-modified
Wed, 01 Mar 2023 18:22:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 01 Jun 2023 16:18:02 GMT
css
fonts.googleapis.com/ Frame A25E 		8 KB
968 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 07 Mar 2023 06:38:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 05:18:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Mar 2023 06:38:04 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame A25E 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:08:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
41350
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 19:08:54 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame A25E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cr_gwy9sGZNDDOPzYxtYPhP6w4Aatsfajb6zE4feiEZiS-IezAhABIMjlmJYBYP3oooHwA6AB_5ek5ijIAQmoAwHIA8sEqgS8AU_Qqdp9rVLO6bhfE7-2hj7L9m0RWZ7_o0AD0O3vQ5ZGv19YR7XsMEwvwbi-rlL-WTU-p1y2-lNds9QvaBntLvv0_Cuuk9IVuLA0YCG9ZK29uPXrPHbsjfPnd48TWrFno5y3TGT35hALrd6SDrXfXKwnsHdvFjhUYpBxkWzppfeEIEgPRFkCMDqo7y7eUdM-yZFEN-zdu_VRvWqPhH2bE8tezXOQd0ZaZdvOewhBm95_WG_Our26tCscDlDvwASFqd2joASSBQQIBBgBkgUECAUYBKAGLoAH_8_0xQOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCcigjSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEwyIFAHQFQGAFwGyFxwKGggAEhRwdWItNjY3OTA4NTE4NjU3MTQ4NBgA&sigh=0u8yZLLV0R0&uach_m=[UACH]&cid=CAQSGwDUE5ymzry9HpKoqxpZGU8XjU2Shpui79inBxgB&template_id=5000
Requested by
Host: 9xadda.com
URL: https://9xadda.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 07 Mar 2023 06:38:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 07 Mar 2023 06:38:04 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/ Frame A25E 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 12:24:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
65613
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9103
x-xss-protection
0
server
cafe
etag
315661852888499207
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 12:24:31 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame A25E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:08:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
41350
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 19:08:54 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame A25E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:08:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
41350
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8558
x-xss-protection
0
server
cafe
etag
3110455901848521628
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 19:08:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A25E 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:38:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49547
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678106210411282"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Mar 2023 06:38:04 GMT
887cfa9374a0c130d54aa7fe143e0312.js
www.gstatic.com/mysidia/ Frame A25E 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:18:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
310802
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14316
x-xss-protection
0
last-modified
Wed, 01 Mar 2023 18:22:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 01 Jun 2023 16:18:02 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/9619604659057020630/ Frame A25E 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9619604659057020630/14763004658117789537?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d5fee0134e11d655997219480ab7564bbc50d494a20ab4abfd608274368c541
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 05:08:10 GMT
x-content-type-options
nosniff
age
437394
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14010
x-xss-protection
0
last-modified
Thu, 09 Feb 2023 21:12:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 01 Mar 2024 05:08:10 GMT
truncated
/ Frame A25E 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame A25E 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
sodar
pagead2.googlesyndication.com/pagead/ Frame 0DE4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230302&jk=3313716525767128&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js
pagead2.googlesyndication.com/bg/ Frame 7861 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
236015c3e13cbebedf89af7b1857a458bd684c225c4efb216ae74046e2b97da0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 18:30:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
475643
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14266
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 29 Feb 2024 18:30:41 GMT
css
fonts.googleapis.com/ Frame 3A89 		8 KB
895 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 07 Mar 2023 06:38:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 05:15:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Mar 2023 06:38:04 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 3A89 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:08:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
41350
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 19:08:54 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/ Frame 3A89 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 12:24:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
65613
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9103
x-xss-protection
0
server
cafe
etag
315661852888499207
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 12:24:31 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 3A89 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:08:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
41350
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 19:08:54 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 3A89 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:08:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
41350
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8558
x-xss-protection
0
server
cafe
etag
3110455901848521628
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 19:08:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3A89 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:38:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49547
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678106210411282"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Mar 2023 06:38:04 GMT
887cfa9374a0c130d54aa7fe143e0312.js
www.gstatic.com/mysidia/ Frame 3A89 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:18:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
310802
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14316
x-xss-protection
0
last-modified
Wed, 01 Mar 2023 18:22:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 01 Jun 2023 16:18:02 GMT
truncated
/ Frame A25E 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0e138d8a0adfa6951384a5d094d6021a8a87fa784d69c52c01518bdc6812b4d3

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 9EDE 		6 KB
672 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-6679085186571484&output=html&h=600&adk=246301125&adf=3441279695&pi=t.aa~a.220693436~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1678168157&rafmt=1&to=qs&pwprc=6028419322&format=300x600&url=https%3A%2F%2F9xadda.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678171084536&bpp=2&bdt=1285&idt=-M&shv=r20230302&mjsv=m202302220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da7dce61b20bfe02e-220f6461b6de00cd%3AT%3D1678171083%3ART%3D1678171083%3AS%3DALNI_MYCIS-pCx76QD-RlPGZVK7ihpiBuA&gpic=UID%3D000009d193ddfff7%3AT%3D1678171083%3ART%3D1678171083%3AS%3DALNI_MYUMzbRK3ltQJfESHcW9-nECSUoew&prev_fmts=0x0&nras=2&correlator=7592414932826&frm=20&pv=1&ga_vid=562576923.1678171084&ga_sid=1678171084&ga_hid=1538156138&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759926%2C44759875%2C31072621&oid=2&pvsid=3313716525767128&tmod=1558557189&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jyCR0BGDm7&p=https%3A//9xadda.com&dtd=159
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 07 Mar 2023 06:38:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 06:09:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Mar 2023 06:38:05 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 9EDE 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-6679085186571484&output=html&h=600&adk=246301125&adf=3441279695&pi=t.aa~a.220693436~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1678168157&rafmt=1&to=qs&pwprc=6028419322&format=300x600&url=https%3A%2F%2F9xadda.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678171084536&bpp=2&bdt=1285&idt=-M&shv=r20230302&mjsv=m202302220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da7dce61b20bfe02e-220f6461b6de00cd%3AT%3D1678171083%3ART%3D1678171083%3AS%3DALNI_MYCIS-pCx76QD-RlPGZVK7ihpiBuA&gpic=UID%3D000009d193ddfff7%3AT%3D1678171083%3ART%3D1678171083%3AS%3DALNI_MYUMzbRK3ltQJfESHcW9-nECSUoew&prev_fmts=0x0&nras=2&correlator=7592414932826&frm=20&pv=1&ga_vid=562576923.1678171084&ga_sid=1678171084&ga_hid=1538156138&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759926%2C44759875%2C31072621&oid=2&pvsid=3313716525767128&tmod=1558557189&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jyCR0BGDm7&p=https%3A//9xadda.com&dtd=159
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:08:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
41351
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 19:08:54 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/ Frame 9EDE 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-6679085186571484&output=html&h=600&adk=246301125&adf=3441279695&pi=t.aa~a.220693436~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1678168157&rafmt=1&to=qs&pwprc=6028419322&format=300x600&url=https%3A%2F%2F9xadda.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678171084536&bpp=2&bdt=1285&idt=-M&shv=r20230302&mjsv=m202302220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da7dce61b20bfe02e-220f6461b6de00cd%3AT%3D1678171083%3ART%3D1678171083%3AS%3DALNI_MYCIS-pCx76QD-RlPGZVK7ihpiBuA&gpic=UID%3D000009d193ddfff7%3AT%3D1678171083%3ART%3D1678171083%3AS%3DALNI_MYUMzbRK3ltQJfESHcW9-nECSUoew&prev_fmts=0x0&nras=2&correlator=7592414932826&frm=20&pv=1&ga_vid=562576923.1678171084&ga_sid=1678171084&ga_hid=1538156138&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759926%2C44759875%2C31072621&oid=2&pvsid=3313716525767128&tmod=1558557189&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jyCR0BGDm7&p=https%3A//9xadda.com&dtd=159
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 12:24:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
65614
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9103
x-xss-protection
0
server
cafe
etag
315661852888499207
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 12:24:31 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 9EDE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-6679085186571484&output=html&h=600&adk=246301125&adf=3441279695&pi=t.aa~a.220693436~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1678168157&rafmt=1&to=qs&pwprc=6028419322&format=300x600&url=https%3A%2F%2F9xadda.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678171084536&bpp=2&bdt=1285&idt=-M&shv=r20230302&mjsv=m202302220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da7dce61b20bfe02e-220f6461b6de00cd%3AT%3D1678171083%3ART%3D1678171083%3AS%3DALNI_MYCIS-pCx76QD-RlPGZVK7ihpiBuA&gpic=UID%3D000009d193ddfff7%3AT%3D1678171083%3ART%3D1678171083%3AS%3DALNI_MYUMzbRK3ltQJfESHcW9-nECSUoew&prev_fmts=0x0&nras=2&correlator=7592414932826&frm=20&pv=1&ga_vid=562576923.1678171084&ga_sid=1678171084&ga_hid=1538156138&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759926%2C44759875%2C31072621&oid=2&pvsid=3313716525767128&tmod=1558557189&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jyCR0BGDm7&p=https%3A//9xadda.com&dtd=159
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:08:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
41351
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 19:08:54 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 9EDE 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-6679085186571484&output=html&h=600&adk=246301125&adf=3441279695&pi=t.aa~a.220693436~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1678168157&rafmt=1&to=qs&pwprc=6028419322&format=300x600&url=https%3A%2F%2F9xadda.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678171084536&bpp=2&bdt=1285&idt=-M&shv=r20230302&mjsv=m202302220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da7dce61b20bfe02e-220f6461b6de00cd%3AT%3D1678171083%3ART%3D1678171083%3AS%3DALNI_MYCIS-pCx76QD-RlPGZVK7ihpiBuA&gpic=UID%3D000009d193ddfff7%3AT%3D1678171083%3ART%3D1678171083%3AS%3DALNI_MYUMzbRK3ltQJfESHcW9-nECSUoew&prev_fmts=0x0&nras=2&correlator=7592414932826&frm=20&pv=1&ga_vid=562576923.1678171084&ga_sid=1678171084&ga_hid=1538156138&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759926%2C44759875%2C31072621&oid=2&pvsid=3313716525767128&tmod=1558557189&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jyCR0BGDm7&p=https%3A//9xadda.com&dtd=159
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:08:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
41351
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8558
x-xss-protection
0
server
cafe
etag
3110455901848521628
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 19:08:54 GMT
l
www.google.com/ads/measurement/ Frame 9EDE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS89XAO3saFIYe-F0ps-BzECZKcouPpCmhHsF0d07EZD1UOxsRb7wN6IwSzyNgT440QSMhGwU8XwOgccH5PvasakDHc8g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-6679085186571484&output=html&h=600&adk=246301125&adf=3441279695&pi=t.aa~a.220693436~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1678168157&rafmt=1&to=qs&pwprc=6028419322&format=300x600&url=https%3A%2F%2F9xadda.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678171084536&bpp=2&bdt=1285&idt=-M&shv=r20230302&mjsv=m202302220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da7dce61b20bfe02e-220f6461b6de00cd%3AT%3D1678171083%3ART%3D1678171083%3AS%3DALNI_MYCIS-pCx76QD-RlPGZVK7ihpiBuA&gpic=UID%3D000009d193ddfff7%3AT%3D1678171083%3ART%3D1678171083%3AS%3DALNI_MYUMzbRK3ltQJfESHcW9-nECSUoew&prev_fmts=0x0&nras=2&correlator=7592414932826&frm=20&pv=1&ga_vid=562576923.1678171084&ga_sid=1678171084&ga_hid=1538156138&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759926%2C44759875%2C31072621&oid=2&pvsid=3313716525767128&tmod=1558557189&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jyCR0BGDm7&p=https%3A//9xadda.com&dtd=159
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9EDE 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-6679085186571484&output=html&h=600&adk=246301125&adf=3441279695&pi=t.aa~a.220693436~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1678168157&rafmt=1&to=qs&pwprc=6028419322&format=300x600&url=https%3A%2F%2F9xadda.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678171084536&bpp=2&bdt=1285&idt=-M&shv=r20230302&mjsv=m202302220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da7dce61b20bfe02e-220f6461b6de00cd%3AT%3D1678171083%3ART%3D1678171083%3AS%3DALNI_MYCIS-pCx76QD-RlPGZVK7ihpiBuA&gpic=UID%3D000009d193ddfff7%3AT%3D1678171083%3ART%3D1678171083%3AS%3DALNI_MYUMzbRK3ltQJfESHcW9-nECSUoew&prev_fmts=0x0&nras=2&correlator=7592414932826&frm=20&pv=1&ga_vid=562576923.1678171084&ga_sid=1678171084&ga_hid=1538156138&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759926%2C44759875%2C31072621&oid=2&pvsid=3313716525767128&tmod=1558557189&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jyCR0BGDm7&p=https%3A//9xadda.com&dtd=159
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:38:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49547
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678106210411282"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Mar 2023 06:38:05 GMT
887cfa9374a0c130d54aa7fe143e0312.js
www.gstatic.com/mysidia/ Frame 9EDE 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-6679085186571484&output=html&h=600&adk=246301125&adf=3441279695&pi=t.aa~a.220693436~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1678168157&rafmt=1&to=qs&pwprc=6028419322&format=300x600&url=https%3A%2F%2F9xadda.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678171084536&bpp=2&bdt=1285&idt=-M&shv=r20230302&mjsv=m202302220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da7dce61b20bfe02e-220f6461b6de00cd%3AT%3D1678171083%3ART%3D1678171083%3AS%3DALNI_MYCIS-pCx76QD-RlPGZVK7ihpiBuA&gpic=UID%3D000009d193ddfff7%3AT%3D1678171083%3ART%3D1678171083%3AS%3DALNI_MYUMzbRK3ltQJfESHcW9-nECSUoew&prev_fmts=0x0&nras=2&correlator=7592414932826&frm=20&pv=1&ga_vid=562576923.1678171084&ga_sid=1678171084&ga_hid=1538156138&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759926%2C44759875%2C31072621&oid=2&pvsid=3313716525767128&tmod=1558557189&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jyCR0BGDm7&p=https%3A//9xadda.com&dtd=159
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:18:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
310803
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14316
x-xss-protection
0
last-modified
Wed, 01 Mar 2023 18:22:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 01 Jun 2023 16:18:02 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 9EDE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CEOtzzNsGZJi-LImOvPIPtdSU-Aj_po6kb72GgtGAEZiS-IezAhABIMjlmJYBYP3oooHwA6AB_5ek5ijIAQmoAwHIA8sEqgTEAU_QE-xREaZOQpqUHFBp5_i2HqMhCJ7w1OjHiRc3_ufSNZGXuJ599woxtpoGhcUQKDupJeXHDBTCW3_y-323FGJRgINMxvMdTW2WmsaFPnfx05TG9GM_AVL_08N-gCx8wRIq0fFA3eupMfmNEmF5lx-mwSEnuLwwSklgnPJF_jNeQDM_-I1ZfmdhzaYYCC4nRdpL9X9Tmq5Qp1mK66-5jZAHclLG07uuj9bI2qQ3o0gJLxTRiSw35FdVQ9LwZFfFHSVoUfzABNbv7YylBJIFBAgEGAGSBQQIBRgEoAYugAf_z_TFA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEOrxENIIDwiAYRABGB8yAooCOgKAQIAKAcgLAbgT5APYEwyIFAHQFQGAFwGyFxwKGggAEhRwdWItNjY3OTA4NTE4NjU3MTQ4NBgA&sigh=6gsCFXKw--s&uach_m=[UACH]&cid=CAQSPADUE5ymHsMqDghmfO_EF5buy-15g9KE19aV0IMQhI0zFs7NrLq5NK1bDxJzgl-eQiyVRZzgKunRD9zbxBgB&template_id=484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-6679085186571484&output=html&h=600&adk=246301125&adf=3441279695&pi=t.aa~a.220693436~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1678168157&rafmt=1&to=qs&pwprc=6028419322&format=300x600&url=https%3A%2F%2F9xadda.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678171084536&bpp=2&bdt=1285&idt=-M&shv=r20230302&mjsv=m202302220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da7dce61b20bfe02e-220f6461b6de00cd%3AT%3D1678171083%3ART%3D1678171083%3AS%3DALNI_MYCIS-pCx76QD-RlPGZVK7ihpiBuA&gpic=UID%3D000009d193ddfff7%3AT%3D1678171083%3ART%3D1678171083%3AS%3DALNI_MYUMzbRK3ltQJfESHcW9-nECSUoew&prev_fmts=0x0&nras=2&correlator=7592414932826&frm=20&pv=1&ga_vid=562576923.1678171084&ga_sid=1678171084&ga_hid=1538156138&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759926%2C44759875%2C31072621&oid=2&pvsid=3313716525767128&tmod=1558557189&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jyCR0BGDm7&p=https%3A//9xadda.com&dtd=159
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-6679085186571484&output=html&h=600&adk=246301125&adf=3441279695&pi=t.aa~a.220693436~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1678168157&rafmt=1&to=qs&pwprc=6028419322&format=300x600&url=https%3A%2F%2F9xadda.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678171084536&bpp=2&bdt=1285&idt=-M&shv=r20230302&mjsv=m202302220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da7dce61b20bfe02e-220f6461b6de00cd%3AT%3D1678171083%3ART%3D1678171083%3AS%3DALNI_MYCIS-pCx76QD-RlPGZVK7ihpiBuA&gpic=UID%3D000009d193ddfff7%3AT%3D1678171083%3ART%3D1678171083%3AS%3DALNI_MYUMzbRK3ltQJfESHcW9-nECSUoew&prev_fmts=0x0&nras=2&correlator=7592414932826&frm=20&pv=1&ga_vid=562576923.1678171084&ga_sid=1678171084&ga_hid=1538156138&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759926%2C44759875%2C31072621&oid=2&pvsid=3313716525767128&tmod=1558557189&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jyCR0BGDm7&p=https%3A//9xadda.com&dtd=159
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 07 Mar 2023 06:38:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
12819767823078303922
tpc.googlesyndication.com/daca_images/simgad/ Frame E929 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/12819767823078303922?w=180&h=360
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b0a2d68f5f75a78833c66b2f18f1d095baba899e657ac9168c503b42682c20b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:13:20 GMT
x-content-type-options
nosniff
age
102285
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12485
x-xss-protection
0
last-modified
Sat, 04 Mar 2023 20:53:57 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 13 Mar 2023 02:13:20 GMT
truncated
/ Frame E929 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9cca193cf1b95f9f9ec4fcc046fbf481922b2025f3a8ced57be7fc1012daf428

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
2076313506083323656
tpc.googlesyndication.com/simgad/9003232464024332512/ Frame 9EDE 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9003232464024332512/2076313506083323656
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-6679085186571484&output=html&h=600&adk=246301125&adf=3441279695&pi=t.aa~a.220693436~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1678168157&rafmt=1&to=qs&pwprc=6028419322&format=300x600&url=https%3A%2F%2F9xadda.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678171084536&bpp=2&bdt=1285&idt=-M&shv=r20230302&mjsv=m202302220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da7dce61b20bfe02e-220f6461b6de00cd%3AT%3D1678171083%3ART%3D1678171083%3AS%3DALNI_MYCIS-pCx76QD-RlPGZVK7ihpiBuA&gpic=UID%3D000009d193ddfff7%3AT%3D1678171083%3ART%3D1678171083%3AS%3DALNI_MYUMzbRK3ltQJfESHcW9-nECSUoew&prev_fmts=0x0&nras=2&correlator=7592414932826&frm=20&pv=1&ga_vid=562576923.1678171084&ga_sid=1678171084&ga_hid=1538156138&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759926%2C44759875%2C31072621&oid=2&pvsid=3313716525767128&tmod=1558557189&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jyCR0BGDm7&p=https%3A//9xadda.com&dtd=159
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
329f4c9fcfc23334dcce8342b5f864b78ab7fdf3bd6a2f7af0095ba93794574a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 21:12:51 GMT
x-content-type-options
nosniff
age
379514
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14067
x-xss-protection
0
last-modified
Mon, 17 Oct 2022 19:02:19 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 01 Mar 2024 21:12:51 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/17525036245414918006/ Frame 9EDE 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17525036245414918006/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-6679085186571484&output=html&h=600&adk=246301125&adf=3441279695&pi=t.aa~a.220693436~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1678168157&rafmt=1&to=qs&pwprc=6028419322&format=300x600&url=https%3A%2F%2F9xadda.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678171084536&bpp=2&bdt=1285&idt=-M&shv=r20230302&mjsv=m202302220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da7dce61b20bfe02e-220f6461b6de00cd%3AT%3D1678171083%3ART%3D1678171083%3AS%3DALNI_MYCIS-pCx76QD-RlPGZVK7ihpiBuA&gpic=UID%3D000009d193ddfff7%3AT%3D1678171083%3ART%3D1678171083%3AS%3DALNI_MYUMzbRK3ltQJfESHcW9-nECSUoew&prev_fmts=0x0&nras=2&correlator=7592414932826&frm=20&pv=1&ga_vid=562576923.1678171084&ga_sid=1678171084&ga_hid=1538156138&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759926%2C44759875%2C31072621&oid=2&pvsid=3313716525767128&tmod=1558557189&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jyCR0BGDm7&p=https%3A//9xadda.com&dtd=159
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c99d202a78f5f941f543d5b2b18eee22105deed6ec862a9613cd99cfc45cc6f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 04:45:04 GMT
x-content-type-options
nosniff
age
438781
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1434
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 16:38:49 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 01 Mar 2024 04:45:04 GMT
truncated
/ Frame 9EDE 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js
pagead2.googlesyndication.com/bg/ Frame 53B9 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js
Requested by
Host: 9xadda.com
URL: https://9xadda.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
236015c3e13cbebedf89af7b1857a458bd684c225c4efb216ae74046e2b97da0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 18:30:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
475644
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14266
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 29 Feb 2024 18:30:41 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame E929 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CZZeVy9sGZM_DOPzYxtYPhP6w4Aaq94mxb6SH6PnjEMCNtwEQASDI5ZiWAWD96KKB8AOgAYu2k_MCyAEBqQJnjeJra8t5PqgDAcgDywSqBLsBT9C9HlkaVs3kdtuxGRHnyibpiV_9kCDUsbhVhaRPosmrppJFm-ll7ojSxRwXa81uDIE1WbnrNmpqyCv8yJBrr3GftlW_IopJimCnRp7jsunPPOKz0HLB5v7uAOyY2sfLUaURr9u643c0EdHd3fgxdbMJxRLrUpOPrBPYBP_7xey4kt-R0pgxKYxWdHdOQGsoy7cOFf6IO-_tXtpT7kBBNjZbOoPw-3mTJCXfJGAWsRC6i9bQqSX3lESDFsAE9MLto7IEkgUECAQYAZIFBAgFGASgBgKAB5iBtLQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQzJsG0ggPCIBhEAEYHzICigI6AoBAgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTY2NzkwODUxODY1NzE0ODQYAA&sigh=scEVK2tGjUw&uach_m=[UACH]&cid=CAQSGwDUE5ymzry9HpKoqxpZGU8XjU2Shpui79inBxgB&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 07 Mar 2023 06:38:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js
pagead2.googlesyndication.com/bg/ Frame 5BB5 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js
Requested by
Host: 9xadda.com
URL: https://9xadda.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
236015c3e13cbebedf89af7b1857a458bd684c225c4efb216ae74046e2b97da0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 18:30:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
475644
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14266
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 29 Feb 2024 18:30:41 GMT
I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js
pagead2.googlesyndication.com/bg/ Frame 34E1 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js
Requested by
Host: 9xadda.com
URL: https://9xadda.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
236015c3e13cbebedf89af7b1857a458bd684c225c4efb216ae74046e2b97da0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 18:30:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
475644
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14266
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 29 Feb 2024 18:30:41 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3DAF 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-6679085186571484&output=html&h=600&adk=246301125&adf=3441279695&pi=t.aa~a.220693436~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1678168157&rafmt=1&to=qs&pwprc=6028419322&format=300x600&url=https%3A%2F%2F9xadda.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678171084536&bpp=2&bdt=1285&idt=-M&shv=r20230302&mjsv=m202302220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da7dce61b20bfe02e-220f6461b6de00cd%3AT%3D1678171083%3ART%3D1678171083%3AS%3DALNI_MYCIS-pCx76QD-RlPGZVK7ihpiBuA&gpic=UID%3D000009d193ddfff7%3AT%3D1678171083%3ART%3D1678171083%3AS%3DALNI_MYUMzbRK3ltQJfESHcW9-nECSUoew&prev_fmts=0x0&nras=2&correlator=7592414932826&frm=20&pv=1&ga_vid=562576923.1678171084&ga_sid=1678171084&ga_hid=1538156138&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759926%2C44759875%2C31072621&oid=2&pvsid=3313716525767128&tmod=1558557189&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jyCR0BGDm7&p=https%3A//9xadda.com&dtd=159
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
58729
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 14:19:16 GMT
etag
48472445140208031
expires
Tue, 07 Mar 2023 14:19:16 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 9EDE 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f4510fbd71862a9528754f856442bc13d7fcd39b74ba88e707a20cdc8be60ab

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
generate_204
tpc.googlesyndication.com/ Frame 7861 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?biEcXQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:38:05 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9EDE 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 23:04:08 GMT
x-content-type-options
nosniff
age
459237
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Feb 2024 23:04:08 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9EDE 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 22:34:08 GMT
x-content-type-options
nosniff
age
461037
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Feb 2024 22:34:08 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9EDE 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 06:00:39 GMT
x-content-type-options
nosniff
age
347846
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Mar 2024 06:00:39 GMT
pixel
cm.g.doubleclick.net/ Frame 3DAF
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEMy7cWpIreyr6-_mdLCvvWs&google_cver=1&google_push=Aa02lx9HUPgVofXBE6CRpH3sroxQYNeOg4fXoujPE_BFkcPhDfLW5ts...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=40172225017515f2&is_secure=true&networkId=14000&version=1&google_gid=CAESEMy7cWpIreyr6-_mdLCvvWs&google_cver=1&google_push=Aa02lx9HUPgV...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAACIm6aHF-ERgNnAjb8AAAAAAA&expiration=1678257486&google_cver=1&is_secure=true&google_gid=CAESEMy7cWpIreyr6-_mdLCvv...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAACIm6aHF-ERgNnAjb8AAAAAAA&expiration=1678257486&google_cver=1&is_secure=true&google_gid=CAESEMy7cWpIreyr6-_mdLCvvWs&google_push=Aa02lx9HUPgVofXBE6CRpH3sroxQYNeOg4fXoujPE_BFkcPhDfLW5tsqAZu4H6FFdLtlVzKZcvH7nuqfnRvtI1NxnUoT03m9VPNb0jE
Protocol
H3
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 06:38:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 06:38:06 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAACIm6aHF-ERgNnAjb8AAAAAAA&expiration=1678257486&google_cver=1&is_secure=true&google_gid=CAESEMy7cWpIreyr6-_mdLCvvWs&google_push=Aa02lx9HUPgVofXBE6CRpH3sroxQYNeOg4fXoujPE_BFkcPhDfLW5tsqAZu4H6FFdLtlVzKZcvH7nuqfnRvtI1NxnUoT03m9VPNb0jE
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 3DAF
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKHkuzDcrbxwvFz5VWzD0Nk&google_cver=1&google_push=Aa02lx_GYfinyw5Sds9AEVebzI5oR8fyS_2GiYdsiptxdqzIXVmmiL3YCAXi6VSJvw4aa0AMUPcFi7KDvj-rCqmp...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_GYfinyw5Sds9AEVebzI5oR8fyS_2GiYdsiptxdqzIXVmmiL3YCAXi6VSJvw4aa0AMUPcFi7KDvj-rCqmpz0iDf1pfyN6oIg
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_GYfinyw5Sds9AEVebzI5oR8fyS_2GiYdsiptxdqzIXVmmiL3YCAXi6VSJvw4aa0AMUPcFi7KDvj-rCqmpz0iDf1pfyN6oIg
Protocol
H2
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 06:38:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 07 Mar 2023 06:38:05 GMT
Server
MT3 569 46451a0 master ord-pixel-x13 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_GYfinyw5Sds9AEVebzI5oR8fyS_2GiYdsiptxdqzIXVmmiL3YCAXi6VSJvw4aa0AMUPcFi7KDvj-rCqmpz0iDf1pfyN6oIg
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 07 Mar 2023 06:38:04 GMT
CookieSyncAdX
rtb.adentifi.com/ Frame 3DAF 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncAdX?google_gid=CAESEHLdrBoy3Yp_OoM9ybXRixs&google_cver=1&google_push=Aa02lx8zsoAXIv1M6nvYDn0BSSsspQvesaTQvlPRXSWqmZFgh_Ctr7OEKLN6j-2Zxqq-SfzLPKBeJveamPF2Lgl9pvxgtsErPaiFLsA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-6679085186571484&output=html&h=600&adk=246301125&adf=3441279695&pi=t.aa~a.220693436~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1678168157&rafmt=1&to=qs&pwprc=6028419322&format=300x600&url=https%3A%2F%2F9xadda.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678171084536&bpp=2&bdt=1285&idt=-M&shv=r20230302&mjsv=m202302220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da7dce61b20bfe02e-220f6461b6de00cd%3AT%3D1678171083%3ART%3D1678171083%3AS%3DALNI_MYCIS-pCx76QD-RlPGZVK7ihpiBuA&gpic=UID%3D000009d193ddfff7%3AT%3D1678171083%3ART%3D1678171083%3AS%3DALNI_MYUMzbRK3ltQJfESHcW9-nECSUoew&prev_fmts=0x0&nras=2&correlator=7592414932826&frm=20&pv=1&ga_vid=562576923.1678171084&ga_sid=1678171084&ga_hid=1538156138&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759926%2C44759875%2C31072621&oid=2&pvsid=3313716525767128&tmod=1558557189&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jyCR0BGDm7&p=https%3A//9xadda.com&dtd=159
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.201.238.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-238-83.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:38:05 GMT
pixel
cm.g.doubleclick.net/ Frame 3DAF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECSFrqs_SXR_g0IO-3kKSoo&google_cver=1&google_push=Aa02lx-O7X5yp-EgQH5YLwcP-wkbwd_VqQYIPmpo0VigZl_aFGefzux-rYbBcxo0e6tbX5JPbVXzR380v9lBFywzySh7...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESECSFrqs_SXR_g0IO-3kKSoo&google_cver=1&google_push=Aa02lx-O7X5yp-EgQH5YLwcP-wkbwd_VqQYIPmpo0VigZl_aFGefzux-rYbBcxo0e6tbX5JPbVXzR380v9lBFy...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx-O7X5yp-EgQH5YLwcP-wkbwd_VqQYIPmpo0VigZl_aFGefzux-rYbBcxo0e6tbX5JPbVXzR380v9lBFywzySh7jXntbO4Czo0&google_hm=mMBQ7wo2QCi2rLpUBNdr...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx-O7X5yp-EgQH5YLwcP-wkbwd_VqQYIPmpo0VigZl_aFGefzux-rYbBcxo0e6tbX5JPbVXzR380v9lBFywzySh7jXntbO4Czo0&google_hm=mMBQ7wo2QCi2rLpUBNdrLw==
Protocol
H3
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 06:38:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx-O7X5yp-EgQH5YLwcP-wkbwd_VqQYIPmpo0VigZl_aFGefzux-rYbBcxo0e6tbX5JPbVXzR380v9lBFywzySh7jXntbO4Czo0&google_hm=mMBQ7wo2QCi2rLpUBNdrLw==
Date
Tue, 07 Mar 2023 06:38:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 3DAF
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEPSTPxRoJF6doWLN7qO7650&google_cver=1&google_push=Aa02lx8iq8o9AHenldKUqawJcNgw2xFLiXKqLW8RVvrTFCbWLb2f98JJJL3OfsNZ_LT-Kl-8lP1fTiuR5ln1RgSt1rsY06RKUei3KAs
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=Aa02lx8iq8o9AHenldKUqawJcNgw2xFLiXKqLW8RVvrTFCbWLb2f98JJJL3OfsNZ_LT-Kl-8lP1fTiuR5ln1RgSt1rsY06RKUei3KAs&google_hm=41ba6a094d235d74...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=Aa02lx8iq8o9AHenldKUqawJcNgw2xFLiXKqLW8RVvrTFCbWLb2f98JJJL3OfsNZ_LT-Kl-8lP1fTiuR5ln1RgSt1rsY06RKUei3KAs&google_hm=41ba6a094d235d7466171e0832f03656
Protocol
H2
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 06:38:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=Aa02lx8iq8o9AHenldKUqawJcNgw2xFLiXKqLW8RVvrTFCbWLb2f98JJJL3OfsNZ_LT-Kl-8lP1fTiuR5ln1RgSt1rsY06RKUei3KAs&google_hm=41ba6a094d235d7466171e0832f03656
date
Tue, 07 Mar 2023 06:38:05 GMT
content-type
text/html; charset=UTF-8
server
nginx
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
pixel
cm.g.doubleclick.net/ Frame 3DAF
Redirect Chain
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEEVdcHLtbhHnMDvtVNTON-A&google_cver=1&google_push=Aa02lx8CYeCYe3I73ErmyXIgxdxcwSmVtBOguMVe6cBLuW3JohpgkJ7y8...
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aa02lx8CYeCYe3I73ErmyXIgxdxcwSmVtBOguMVe6cBLuW3JohpgkJ7y8ZNj-WTVKxAoYA9rf9dMIDNYCyAhjSLp64lvl4TFiq1lGi4v&google_hm=QlMuMzI4Ni1jNm...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aa02lx8CYeCYe3I73ErmyXIgxdxcwSmVtBOguMVe6cBLuW3JohpgkJ7y8ZNj-WTVKxAoYA9rf9dMIDNYCyAhjSLp64lvl4TFiq1lGi4v&google_hm=QlMuMzI4Ni1jNmZhLTQ3MGYtYWRlOQ==
Protocol
H2
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 06:38:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aa02lx8CYeCYe3I73ErmyXIgxdxcwSmVtBOguMVe6cBLuW3JohpgkJ7y8ZNj-WTVKxAoYA9rf9dMIDNYCyAhjSLp64lvl4TFiq1lGi4v&google_hm=QlMuMzI4Ni1jNmZhLTQ3MGYtYWRlOQ==
Date
Tue, 07 Mar 2023 06:38:05 GMT
Server
openresty
Connection
close
Content-Length
142
Content-Type
text/html
pixel
cm.g.doubleclick.net/ Frame 3DAF
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEB3k7JaQZBkDd6nZs8gt0Os&google_cver=1&google_push=Aa02lx9ALIpsBBuU_vGfCG4A66Z48LLlz4t_C1eORWZsGB0jhrm_8rYAQ_fVIR7euwIi-n_L8LRk...
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEB3k7JaQZBkDd6nZs8gt0Os&google_cver=1&google_push=Aa02lx9ALIpsBBuU_vGfCG4A66Z48LLlz4t_C1eORWZsGB0jhrm_8rYAQ_fVIR7euwIi-n...
  • https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=uboObMG5SBSy0jts6K6XrQ==&no_redirect=1&google_push=Aa02lx9ALIpsBBuU_vGfCG4A66Z48LLlz4t_C1eORWZsGB0jhrm_8r...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=uboObMG5SBSy0jts6K6XrQ==&no_redirect=1&google_push=Aa02lx9ALIpsBBuU_vGfCG4A66Z48LLlz4t_C1eORWZsGB0jhrm_8rYAQ_fVIR7euwIi-n_L8LRkE_RHlx6Aig-Bshz9T82pudqLqGlX
Protocol
H3
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 06:38:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=uboObMG5SBSy0jts6K6XrQ==&no_redirect=1&google_push=Aa02lx9ALIpsBBuU_vGfCG4A66Z48LLlz4t_C1eORWZsGB0jhrm_8rYAQ_fVIR7euwIi-n_L8LRkE_RHlx6Aig-Bshz9T82pudqLqGlX
date
Tue, 07 Mar 2023 06:38:05 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 3DAF 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IgetVzd_ATX0z9d7jO7h42uDUvWJWR6semhi0QIZvI7rwJCCxEZ_dmaqDpRyoj6AOtpsZrips
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-6679085186571484&output=html&h=600&adk=246301125&adf=3441279695&pi=t.aa~a.220693436~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1678168157&rafmt=1&to=qs&pwprc=6028419322&format=300x600&url=https%3A%2F%2F9xadda.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678171084536&bpp=2&bdt=1285&idt=-M&shv=r20230302&mjsv=m202302220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da7dce61b20bfe02e-220f6461b6de00cd%3AT%3D1678171083%3ART%3D1678171083%3AS%3DALNI_MYCIS-pCx76QD-RlPGZVK7ihpiBuA&gpic=UID%3D000009d193ddfff7%3AT%3D1678171083%3ART%3D1678171083%3AS%3DALNI_MYUMzbRK3ltQJfESHcW9-nECSUoew&prev_fmts=0x0&nras=2&correlator=7592414932826&frm=20&pv=1&ga_vid=562576923.1678171084&ga_sid=1678171084&ga_hid=1538156138&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759926%2C44759875%2C31072621&oid=2&pvsid=3313716525767128&tmod=1558557189&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jyCR0BGDm7&p=https%3A//9xadda.com&dtd=159
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:38:05 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js
pagead2.googlesyndication.com/bg/ Frame F8C0 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-6679085186571484&output=html&h=600&adk=246301125&adf=3441279695&pi=t.aa~a.220693436~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1678168157&rafmt=1&to=qs&pwprc=6028419322&format=300x600&url=https%3A%2F%2F9xadda.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678171084536&bpp=2&bdt=1285&idt=-M&shv=r20230302&mjsv=m202302220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da7dce61b20bfe02e-220f6461b6de00cd%3AT%3D1678171083%3ART%3D1678171083%3AS%3DALNI_MYCIS-pCx76QD-RlPGZVK7ihpiBuA&gpic=UID%3D000009d193ddfff7%3AT%3D1678171083%3ART%3D1678171083%3AS%3DALNI_MYUMzbRK3ltQJfESHcW9-nECSUoew&prev_fmts=0x0&nras=2&correlator=7592414932826&frm=20&pv=1&ga_vid=562576923.1678171084&ga_sid=1678171084&ga_hid=1538156138&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759842%2C44759926%2C44759875%2C31072621&oid=2&pvsid=3313716525767128&tmod=1558557189&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jyCR0BGDm7&p=https%3A//9xadda.com&dtd=159
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
236015c3e13cbebedf89af7b1857a458bd684c225c4efb216ae74046e2b97da0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 18:30:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
475644
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14266
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 29 Feb 2024 18:30:41 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=8.396355843062931
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-078jaoAIYAwAxPOd4nQTyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9xadda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:38:05 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-078jaoAIYAwAxPOd4nQTyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=2.829153224689238
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eLtwnfV73AtJApJd8J2DZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9xadda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:38:06 GMT
content-security-policy
script-src 'report-sample' 'nonce-eLtwnfV73AtJApJd8J2DZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWqSilJmeuSRBVQXpsP1D-dWr54PdfPmJPZ0cufxk5rMu4OvvdqJH73UC-PUyIJCCxYkWg_TumyrKmFal3CyBx_sBxvX18nG1WdTvzxXD6Cm7OWxsl1N68L17ZgDbkXm_O-x9MMJg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWqSilJmeuSRBVQXpsP1D-dWr54PdfPmJPZ0cufxk5rMu4OvvdqJH73UC-PUyIJCCxYkWg_TumyrKmFal3CyBx_sBxvX18nG1WdTvzxXD6Cm7OWxsl1N68L17ZgDbkXm_O-x9MMJg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ZSpfDr_q3OU.es5.O/d=1/rs=AJlcJMyMFe_85TFyr0FF0ZRnS5YhahvfBw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8_8fc6DjkZsEpWtNeu3G9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://9xadda.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Mar 2023 06:38:06 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8_8fc6DjkZsEpWtNeu3G9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://9xadda.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230302&jk=3313716525767128&bg=!ZmWlZTHNAAbv3-2Ez987ADkAdvg8WrAdK3rTdVUuz18WEoOMTCoYKRyR-6cyhRzoDWgWq1I8I8FpjmLHMsFExdYN-OCEoPRgEK0CAAACdVIAAAADaAEHmQKRy94sGezPljymJlHO47LU6dQGXzWp3nustdYgsLjLhsSmBRvc2gw6DOyYqBC7tTxp0QEhCVjbPHwcAYtBtv6BFhHBbom7BPi_u3CnPLozDMPDouJLT2TrlWezwZ-hCjdHH7ww9kiPgMOVz30zhzbb00dvs0DOa4I81qN8viT6hNDhgr1NTriRKsRDIWxzabWAbuuBj4pix_ey9d5Nkf3BN4jqPRP0cbYJFow1Qp0CiM-NorlhM_3r6MLAbEE9wDY9Mywqle2Tpp7OSvc4-iLvzWzleJ7zMVEWEVf76slwL0nyGm8o-cgJ4LCMHxvcI_puMlNl-eL-jDxJxnW9VOYHYZ-Gbq0MFWlG5qtCB3onbnN9Uh_U9WtctWmY9J-XptyE_2jK8PlFdhkTuUJZMUCXx6SHiIHDlz33_5SAWrZVZMAd83e6WF5-w7HQLkveqVgVueYg-2kt9VIOppgqAcArxiMOdX-kRpahjflCWl3gihWNnXvHwvnc1BzNwtRJRJ1dh8hdDIdhCtA202VagbU-QbY6wQeKUpwdonpvhbtOwwqGsg_qgp56OMLUIXkhEcbvXaa8gcCoc9cNVIre5YLBvZEd450xa7tjChtLStnmJgD3K2v6biXyRMw5_b6LJFphNa3BZZx6WU7-hAWEoU0ZU02lf5cy7qNYGFbaxMHoeQrdD9MqSWPSMq-8pikte3qf_-F04NkMBPfDShbh1Ii8SP-VGlU8Izb-kSEg8rbYTWFfHm61D12g4szMmZmcXL0JrXMu9kzN4KvHyj6vkrLtjvtOnwcE3t1eXNDdLzwGTuH73fLd0u9x-f0Pq_aZXN5bRpZrOrjnJj0OV9BxjIqSk_pk9Br-3NXzxm4e3sBOGqb4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9xadda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame E929 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst813YbhRKDXFmB6AJMgYlJLMG8z80KZl80oNECBfWtAqOyhUtw6bYcJRBIMiWoYNXtd6eudd7wJTSoN6BVQ7GTZRpqXb8wdeDn3zcVwnM4bMVB4WW9VBDhmM67ZRLZgw9u-vM&sai=AMfl-YTESzWXJ0m1AXr_Seb85I199LM_JQZb8SGD-JD57A_yM7fabLqt1d8S0NV0bNM-t47JJ5ikBzQwsQez&sig=Cg0ArKJSzPl-vikcyEAqEAE&cid=CAQSGwDUE5ymzry9HpKoqxpZGU8XjU2Shpui79inBxgB&id=lidar2&mcvt=1000&p=-70,0,430,180&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20230306&bin=7&avms=nio&bs=0,0&mc=0.72&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678171084749&rpt=383&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 06:38:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A25E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxaghXjM74JlWDq-ppUUZ5WGcAd1I8UaY9W4A19PVNr1scs9QZxaQ1_ezGeg7cwxcs5ub4pAmhN9Bi3H3Z_lY2U2G0uArweAmBdnnzB0FAP6ZESlPC3i6SR0FEy940Tm2HbcU&sai=AMfl-YTbzR-lmUEpyl-wpZzI1VOPHjPjgE3zRvNveEvbWpNpEjWrzijZ6uqzAl8_LzwkOzaCY_nauXn7bMqY&sig=Cg0ArKJSzHMsP9DCoriyEAE&cid=CAQSGwDUE5ymzry9HpKoqxpZGU8XjU2Shpui79inBxgB&id=lidar2&mcvt=1003&p=0,0,124,1005&mtos=243,806,1003,1003,1003&tos=243,563,197,0,0&v=20230306&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678171084753&rpt=459&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 06:38:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adv4.
fundingchoicesmessages.google.com/f/AGSKWxXpCS5AUXFwq0wLCn1LUOTInBnjJinz8H1vODZO5WUb_RIrrSNmXObw1darDEQzf4xfRmfrRVtuL_3TIiqe8yRvtK-lkzTi2saldEfaviPsR3XTmxeBzVZMDUgx9BS1xIdZ_C5g7VSh5QH1dyYZX4H4WvG-R... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXpCS5AUXFwq0wLCn1LUOTInBnjJinz8H1vODZO5WUb_RIrrSNmXObw1darDEQzf4xfRmfrRVtuL_3TIiqe8yRvtK-lkzTi2saldEfaviPsR3XTmxeBzVZMDUgx9BS1xIdZ_C5g7VSh5QH1dyYZX4H4WvG-ROKwBiuDRA1PbbHUtEci2IaTaQt0pTyL/_/adicon_/siteimages/ads-/adverts./ad-ina./adv4.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ZSpfDr_q3OU.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyMFe_85TFyr0FF0ZRnS5YhahvfBw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7d1ea41ffe1d6ee4a9277f5cf5755c458cc8cfea34d9db838c57ef6fff43c004
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce--KctnXM82GC5xvg4JCXDHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9xadda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:38:06 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce--KctnXM82GC5xvg4JCXDHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
osd.js
pagead2.googlesyndication.com/pagead/ 		61 B
76 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ZSpfDr_q3OU.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyMFe_85TFyr0FF0ZRnS5YhahvfBw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9xadda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 05:40:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
3475
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51
x-xss-protection
0
server
cafe
etag
16023549773543154165
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Tue, 07 Mar 2023 06:40:11 GMT
AGSKWxWqSilJmeuSRBVQXpsP1D-dWr54PdfPmJPZ0cufxk5rMu4OvvdqJH73UC-PUyIJCCxYkWg_TumyrKmFal3CyBx_sBxvX18nG1WdTvzxXD6Cm7OWxsl1N68L17ZgDbkXm_O-x9MMJg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWqSilJmeuSRBVQXpsP1D-dWr54PdfPmJPZ0cufxk5rMu4OvvdqJH73UC-PUyIJCCxYkWg_TumyrKmFal3CyBx_sBxvX18nG1WdTvzxXD6Cm7OWxsl1N68L17ZgDbkXm_O-x9MMJg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ZSpfDr_q3OU.es5.O/d=1/rs=AJlcJMyMFe_85TFyr0FF0ZRnS5YhahvfBw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sAu5n6T0o7cu0fa3MCdwLw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://9xadda.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Mar 2023 06:38:06 GMT
content-security-policy
script-src 'report-sample' 'nonce-sAu5n6T0o7cu0fa3MCdwLw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://9xadda.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWqSilJmeuSRBVQXpsP1D-dWr54PdfPmJPZ0cufxk5rMu4OvvdqJH73UC-PUyIJCCxYkWg_TumyrKmFal3CyBx_sBxvX18nG1WdTvzxXD6Cm7OWxsl1N68L17ZgDbkXm_O-x9MMJg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWqSilJmeuSRBVQXpsP1D-dWr54PdfPmJPZ0cufxk5rMu4OvvdqJH73UC-PUyIJCCxYkWg_TumyrKmFal3CyBx_sBxvX18nG1WdTvzxXD6Cm7OWxsl1N68L17ZgDbkXm_O-x9MMJg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ZSpfDr_q3OU.es5.O/d=1/rs=AJlcJMyMFe_85TFyr0FF0ZRnS5YhahvfBw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-q3xbjfT3e6Qhal4tYJAV7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://9xadda.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Mar 2023 06:38:06 GMT
content-security-policy
script-src 'report-sample' 'nonce-q3xbjfT3e6Qhal4tYJAV7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://9xadda.com
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWqSilJmeuSRBVQXpsP1D-dWr54PdfPmJPZ0cufxk5rMu4OvvdqJH73UC-PUyIJCCxYkWg_TumyrKmFal3CyBx_sBxvX18nG1WdTvzxXD6Cm7OWxsl1N68L17ZgDbkXm_O-x9MMJg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWqSilJmeuSRBVQXpsP1D-dWr54PdfPmJPZ0cufxk5rMu4OvvdqJH73UC-PUyIJCCxYkWg_TumyrKmFal3CyBx_sBxvX18nG1WdTvzxXD6Cm7OWxsl1N68L17ZgDbkXm_O-x9MMJg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ZSpfDr_q3OU.es5.O/d=1/rs=AJlcJMyMFe_85TFyr0FF0ZRnS5YhahvfBw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-n4F4wC3SFRUL5PIsKS1ZEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://9xadda.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Mar 2023 06:38:06 GMT
content-security-policy
script-src 'report-sample' 'nonce-n4F4wC3SFRUL5PIsKS1ZEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://9xadda.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWqSilJmeuSRBVQXpsP1D-dWr54PdfPmJPZ0cufxk5rMu4OvvdqJH73UC-PUyIJCCxYkWg_TumyrKmFal3CyBx_sBxvX18nG1WdTvzxXD6Cm7OWxsl1N68L17ZgDbkXm_O-x9MMJg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWqSilJmeuSRBVQXpsP1D-dWr54PdfPmJPZ0cufxk5rMu4OvvdqJH73UC-PUyIJCCxYkWg_TumyrKmFal3CyBx_sBxvX18nG1WdTvzxXD6Cm7OWxsl1N68L17ZgDbkXm_O-x9MMJg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ZSpfDr_q3OU.es5.O/d=1/rs=AJlcJMyMFe_85TFyr0FF0ZRnS5YhahvfBw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-48js-X-asfLAqRW2shBfKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://9xadda.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Mar 2023 06:38:06 GMT
content-security-policy
script-src 'report-sample' 'nonce-48js-X-asfLAqRW2shBfKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://9xadda.com
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWYVJD_SI_Tg8th0wXK5nN4HqjXaskaDJv1DzbI3c4EdTPBWsuix7x1L6lTS3Hyu3EiUfWYc59N5w-x21NSzGRUhEPpzTLlQpc0021oZ7oFpLTIUxBq_PUBwKiCMS68WkxLhFrpSA==
fundingchoicesmessages.google.com/f/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWYVJD_SI_Tg8th0wXK5nN4HqjXaskaDJv1DzbI3c4EdTPBWsuix7x1L6lTS3Hyu3EiUfWYc59N5w-x21NSzGRUhEPpzTLlQpc0021oZ7oFpLTIUxBq_PUBwKiCMS68WkxLhFrpSA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc4MTcxMDg2LDcyMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vOXhhZGRhLmNvbS8iLG51bGwsW1s4LCJaU3BmRHJfcTNPVSJdLFs5LCJlbi1VUyJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ZSpfDr_q3OU.es5.O/d=1/rs=AJlcJMyMFe_85TFyr0FF0ZRnS5YhahvfBw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1b3ac77e849093f5cb522504deaace6a4f36d34f1fb0cee815130cb062f7afac
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-PYcZElEKQxrNwqF4_ZOiQg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9xadda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:38:06 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-PYcZElEKQxrNwqF4_ZOiQg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVIMGQV0gyAzOhsLfpchldUOSYieATw_YkJpdM50V8Agz1KryLapfT3Hb2cCtEIuH8F7DQw-3oiluBmQOHhQhg=
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVIMGQV0gyAzOhsLfpchldUOSYieATw_YkJpdM50V8Agz1KryLapfT3Hb2cCtEIuH8F7DQw-3oiluBmQOHhQhg=
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ZSpfDr_q3OU.es5.O/d=1/rs=AJlcJMyMFe_85TFyr0FF0ZRnS5YhahvfBw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Nbejs4Qpr-tK6RReB4Jdxw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://9xadda.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Mar 2023 06:38:06 GMT
content-security-policy
script-src 'report-sample' 'nonce-Nbejs4Qpr-tK6RReB4Jdxw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://9xadda.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxW6E3N8SO53z20mzDkkozEMLNJmovcvkuJVIwhde4s8VtbbG44dWK1Kfg7MmD-avAxz3OvD897LV_gfGojqBru2baVPOJffNnQOmwASceGIEB7GI9NK_bDTaIYWksrk-IuvLwKcEA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxW6E3N8SO53z20mzDkkozEMLNJmovcvkuJVIwhde4s8VtbbG44dWK1Kfg7MmD-avAxz3OvD897LV_gfGojqBru2baVPOJffNnQOmwASceGIEB7GI9NK_bDTaIYWksrk-IuvLwKcEA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc4MTcxMDg2LDg3MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vOXhhZGRhLmNvbS8iLG51bGwsW1s4LCJaU3BmRHJfcTNPVSJdLFs5LCJlbi1VUyJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ZSpfDr_q3OU.es5.O/d=1/rs=AJlcJMyMFe_85TFyr0FF0ZRnS5YhahvfBw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
af7ac1209c4ce59918c04c1d3600af28749a6e0bc37017c416be1a4f35136566
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GUVcqB_efW7C2cG247O9Og' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9xadda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:38:06 GMT
content-security-policy
script-src 'report-sample' 'nonce-GUVcqB_efW7C2cG247O9Og' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVuCbIAqfgyiz0mYCtih891PjFKBIDgbMIxaubzG2pViVBdTSRjtD326E6vpPUfn1pOTN_19wbOlabAfmf0EZaJgAwci0KbCFzaz9qzCVTO42E6GMdD-kz1UeCbPk9HU_-FNyUPXw==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVuCbIAqfgyiz0mYCtih891PjFKBIDgbMIxaubzG2pViVBdTSRjtD326E6vpPUfn1pOTN_19wbOlabAfmf0EZaJgAwci0KbCFzaz9qzCVTO42E6GMdD-kz1UeCbPk9HU_-FNyUPXw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc4MTcxMDg2LDk1NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly85eGFkZGEuY29tLyIsbnVsbCxbWzgsIlpTcGZEcl9xM09VIl0sWzksImVuLVVTIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ZSpfDr_q3OU.es5.O/d=1/rs=AJlcJMyMFe_85TFyr0FF0ZRnS5YhahvfBw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f71336b14b34edc2cbc79c2406725cb2db6e12a40e7b2960361d962408b64c8a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-wvr6XOBIjVSYyLH2FNlV1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9xadda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:38:07 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-wvr6XOBIjVSYyLH2FNlV1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWdgd6k1frmHuDsrqvV5TZJvlL0WpJJ0a3bwe5nmXcs7TPJey94jWOmpqOKm5YhIQ9lBjtgwLp0gtp6wObkvS9CCzncEU8kbclrwa0IUzPPvy-ep9EZZY1SyTZgenVtsh0KPzvqGA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWdgd6k1frmHuDsrqvV5TZJvlL0WpJJ0a3bwe5nmXcs7TPJey94jWOmpqOKm5YhIQ9lBjtgwLp0gtp6wObkvS9CCzncEU8kbclrwa0IUzPPvy-ep9EZZY1SyTZgenVtsh0KPzvqGA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ZSpfDr_q3OU.es5.O/d=1/rs=AJlcJMyMFe_85TFyr0FF0ZRnS5YhahvfBw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-e0uIfoL5VnBc5aTpu71i3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://9xadda.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Mar 2023 06:38:07 GMT
content-security-policy
script-src 'report-sample' 'nonce-e0uIfoL5VnBc5aTpu71i3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://9xadda.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVIMGQV0gyAzOhsLfpchldUOSYieATw_YkJpdM50V8Agz1KryLapfT3Hb2cCtEIuH8F7DQw-3oiluBmQOHhQhg=
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVIMGQV0gyAzOhsLfpchldUOSYieATw_YkJpdM50V8Agz1KryLapfT3Hb2cCtEIuH8F7DQw-3oiluBmQOHhQhg=
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ZSpfDr_q3OU.es5.O/d=1/rs=AJlcJMyMFe_85TFyr0FF0ZRnS5YhahvfBw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-pVATPmtY5IX4fIgJEslQnA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://9xadda.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Mar 2023 06:38:07 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-pVATPmtY5IX4fIgJEslQnA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://9xadda.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 boolean| credentialless function| gtag object| dataLayer undefined| $ function| jQuery object| wpcf7 function| _extends function| _createClass function| _classCallCheck function| Canvi object| polite_ajax object| _wpemojiSettings object| swv function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry object| lazySizes object| twemoji object| wp object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run number| google_lpabyc object| GoogleGcLKhOms object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| OTA3MTBhOGYyYWQ4MGNhN2xvYWRlcl9qcw== string| OTA3MTBhOGYyYWQ4MGNhN2NhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| googletag object| google_image_requests boolean| 1441bfce-cd50-4af9-b423-4ac15f48bd2f

20 Cookies

Domain/Path Name / Value
.9xadda.com/ Name: _gid
Value: GA1.2.1333344463.1678171084
.9xadda.com/ Name: _gat_gtag_UA_253337458_1
Value: 1
.9xadda.com/ Name: _ga_1HF1FGPVY4
Value: GS1.1.1678171083.1.0.1678171083.0.0.0
.9xadda.com/ Name: _ga
Value: GA1.1.562576923.1678171084
.9xadda.com/ Name: __gads
Value: ID=a7dce61b20bfe02e-220f6461b6de00cd:T=1678171083:RT=1678171083:S=ALNI_MYCIS-pCx76QD-RlPGZVK7ihpiBuA
.9xadda.com/ Name: __gpi
Value: UID=000009d193ddfff7:T=1678171083:RT=1678171083:S=ALNI_MYUMzbRK3ltQJfESHcW9-nECSUoew
.doubleclick.net/ Name: IDE
Value: AHWqTUl37O00CH9xLAZvP2D4N2Zj9L5uhRdVn9ZCirKjsYvz1IGrsRe2ts8-jLf_CGo
.adingo.jp/ Name: ID
Value: 41ba6a094d235d7466171e0832f03656
.mathtag.com/ Name: uuid
Value: 090c6406-dbcd-4c00-b52a-49a13eedb07f
.mathtag.com/ Name: mt_mop
Value: 4:1678171085
.bidswitch.net/ Name: tuuid
Value: 98c050ef-0a36-4028-b6ac-ba5404d76b2f
.bidswitch.net/ Name: c
Value: 1678171085
.bidswitch.net/ Name: tuuid_lu
Value: 1678171085
.mfadsrvr.com/ Name: tuuid
Value: b9ba0e6c-c1b9-4814-b2d2-3b6ce8ae97ad
.mfadsrvr.com/ Name: c
Value: 1678171085
.mfadsrvr.com/ Name: tuuid_lu
Value: 1678171085
.bidswitch.net/ Name: google_push
Value: Aa02lx-O7X5yp-EgQH5YLwcP-wkbwd_VqQYIPmpo0VigZl_aFGefzux-rYbBcxo0e6tbX5JPbVXzR380v9lBFywzySh7jXntbO4Czo0
.mfadsrvr.com/ Name: ssh
Value: !google,1678171085
.dotomi.com/ Name: DotomiTest
Value: 40172225017515f2
.9xadda.com/ Name: FCNEC
Value: %5B%5B%22AKsRol_l31SglAkuqT_GXs59OhGqEXv3Z23FsBlX-5WkmYRy8v5NJIYyMNyNX4prdR4yAiFEQ7YKM5KTJWfGHvit2JWg000veJr7xYzNE-w2Yv10wNl95WcTKGKIkzO9IJoLn4pErZsnl0XfU_3DpNQqN1ep2zwNoQ%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

1 Console Messages

Source Level URL
Text
javascript warning URL: https://googleads.g.doubleclick.net/pagead/html/r20230302/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=1812271801&client=ca-pub-6679085186571484&fa=1&ifi=5&uci=a!5&btvi=3&xpc=YAVj5iSkyl&p=https%3A//9xadda.com
Message:
The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9xadda.com
adservice.google.ca
adservice.google.com
cc.adingo.jp
cm.g.doubleclick.net
dclk-match.dotomi.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
im.bluevoox.com
pagead2.googlesyndication.com
partner.googleadservices.com
rtb.adentifi.com
rtb.mfadsrvr.com
sync.mathtag.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
15.235.3.209
172.217.165.130
216.200.232.249
23.22.253.69
2606:ae80:1471:18::1370
2607:f8b0:4006:808::2002
2607:f8b0:4006:809::2001
2607:f8b0:4006:80b::200e
2607:f8b0:4006:80d::2002
2607:f8b0:4006:816::2004
2607:f8b0:4006:817::2002
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81f::2002
2607:f8b0:4006:820::2002
2607:f8b0:4006:821::200e
2607:f8b0:4006:822::2003
2607:f8b0:4006:822::2008
34.201.238.83
35.207.24.140
35.211.178.172
52.45.175.185
020c68b7031e6bd60ef17f9c70fad61959b6a4901b85aa82e5b3111220aee000
0866bd607b379c73d342df964cfd5f909063fb493ddc2015f60bd696ef1cf996
0a64ba4d18d2e54d4a27390236e7834eff2d42aa53f371e1db06b47cbd46fe3f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e138d8a0adfa6951384a5d094d6021a8a87fa784d69c52c01518bdc6812b4d3
0e181c266dd2b15173ce2f921c0ddda96e2ec6ef45a3b90bff6611f947143037
17c27844971f9013c06cd17d63f04479251b35ef59e87a0e012e4dc9ebe70507
1b3ac77e849093f5cb522504deaace6a4f36d34f1fb0cee815130cb062f7afac
236015c3e13cbebedf89af7b1857a458bd684c225c4efb216ae74046e2b97da0
26413769d06721317e217bdb51ba74ca6952f3c811cc22849f39d7abdcbb32a0
267f620dddc627fd07fc65c437fd32acb6bdb500932d37bd54e6d6cfc25e4f4c
2b0a2d68f5f75a78833c66b2f18f1d095baba899e657ac9168c503b42682c20b
2dbcda8196ef066e5b4bb83d956fda797bf3db2b7884abeb94d7af04abc2b273
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3145e78c5eb6f5a67d8a67463f8fcf4f78fd9e4194c5f872282da20b519a342c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
329f4c9fcfc23334dcce8342b5f864b78ab7fdf3bd6a2f7af0095ba93794574a
35ae967a558cf0747c12ac4e91c0be183701842e476f13564aca784b70dda615
437aaffb3530c34d75613bc2ed427464f642e6747e3d6876f05e9b1a38bfd87a
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d5fee0134e11d655997219480ab7564bbc50d494a20ab4abfd608274368c541
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f4510fbd71862a9528754f856442bc13d7fcd39b74ba88e707a20cdc8be60ab
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6506d689b4b6c430844f6c54349e6b2d5b4fd8eb896b7468bb4c14736bb85878
680e5bed2ba67feabd5c3e5a2ece4281891b66d21da3614c0aab68ac267f0e3c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
741f28b4240ad526e4f2d96c1cb8b4574cadbf5580987768d37acf1c116960f5
74d4e8ac69e9076f6419dac7a8bf378b337441314782c4fa8aa59cd792cadf6f
781d9d9599616ef17173ebf0b6243fe8a2dd17d0cf70f95f1525fb0c7c8c33e1
7a2354caea7b0425f0de9d7427fb62c9e28157d1bf1c027f438fbcbcf1404154
7d1ea41ffe1d6ee4a9277f5cf5755c458cc8cfea34d9db838c57ef6fff43c004
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
93c6a9663de0553cfe480ec754a5b6ebf4e311186206b97f973a9a4aa7c51386
96c4e58e8a03bbdefeb244e74873ce152349cdb30b308628dd7c3e2d7c7e118a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cca193cf1b95f9f9ec4fcc046fbf481922b2025f3a8ced57be7fc1012daf428
a1c9b6a41703c73a0302bb40ede8583fe4c6fd361f53703c60159ed232523eab
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
ac7ead356730a3af51e9ff2a39a977e9a8925b322e165a7a6b291a6c2456c315
acef3bd077d067d9966017296c46217846ebe01dd511860aefdbaae0d1d08a8d
af7ac1209c4ce59918c04c1d3600af28749a6e0bc37017c416be1a4f35136566
b1aa6f7c7ecb14abc57b475a3a4a87b8f51125005641a8384b6e60a1d34fa31f
b375fe66c260836a3827af7972ab6a88953c43522e202584363f80594e7ae433
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c99d202a78f5f941f543d5b2b18eee22105deed6ec862a9613cd99cfc45cc6f5
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cb8bdeabc838774d9808eb7c4cfcea963b57855e34f84b54797076940c8e5986
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d99c7635fed84edbe90772b886f912ae7fd89fbf2b713830c52df8315fb656cd
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e37316f20ee8564506ca9dbf035ba412ef6f79d7fd534c98b6f7d2bd49e11dc9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f71336b14b34edc2cbc79c2406725cb2db6e12a40e7b2960361d962408b64c8a
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef