9japayforum.com Open in urlscan Pro
162.0.209.101 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://9japayforum.com/
Effective URL:
https://9japayforum.com/
Submission: On January 21 via manual (January 21st 2021, 9:19:14 am UTC) from PH

Summary HTTP 102 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 30 IPs in 8 countries across 21 domains to perform 102 HTTP transactions. The main IP is 162.0.209.101, located in Canada and belongs to NAMECHEAP-NET, US. The main domain is 9japayforum.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 23rd 2020. Valid for: a year.

This is the only time 9japayforum.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 25	162.0.209.101 162.0.209.101	22612 (NAMECHEAP...) (NAMECHEAP-NET)
3	104.21.234.154 104.21.234.154	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE)
1	185.199.110.153 185.199.110.153	54113 (FASTLY) (FASTLY)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:818::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:c70... 2a02:6ea0:c700::3	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
1	2a02:6ea0:c70... 2a02:6ea0:c700::1	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
3	2a00:1450:400... 2a00:1450:4001:824::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:a6ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:a7ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	162.252.214.5 162.252.214.5	53334 (TUT-AS) (TUT-AS)
2	185.200.118.90 185.200.118.90	9009 (M247) (M247)
2	38.132.109.186 38.132.109.186	9009 (M247) (M247)
2	185.200.116.90 185.200.116.90	9009 (M247) (M247)
4	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	216.59.56.9 216.59.56.9	53334 (TUT-AS) (TUT-AS)
1	208.95.112.254 208.95.112.254	53334 (TUT-AS) (TUT-AS)
2	139.45.195.27 139.45.195.27	9002 (RETN-AS) (RETN-AS)
1	139.45.195.94 139.45.195.94	9002 (RETN-AS) (RETN-AS)
8	91.92.196.190 91.92.196.190	49882 (SKRILL) (SKRILL)
2	193.169.206.226 193.169.206.226	36983 (OTR-A) (OTR-A)
12	104.111.230.138 104.111.230.138	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:825::2001	15169 (GOOGLE) (GOOGLE)
102	30

25 162.0.209.101 (Canada) 1 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: premium169-4.web-hosting.com

9japayforum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.21.234.154 (United States)

ASN13335 (CLOUDFLARENET, US)

media.aso1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
srv.aso1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.aso1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.199.110.153 (United States)

ASN54113 (FASTLY, US)

forkaweso.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::3 (Germany)

ASN60068 (CDN77 (^_^)/, GB)

www.displayvertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::1 (Germany)

ASN60068 (CDN77 (^_^)/, GB)

www.blockadsnot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:a6ba (United States)

ASN13335 (CLOUDFLARENET, US)

c.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:a7ba (United States)

ASN13335 (CLOUDFLARENET, US)

6.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 162.252.214.5 (United States)

ASN53334 (TUT-AS, US)

4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.200.118.90 (London, United Kingdom)

ASN9009 (M247, GB)
PTR: adscore.com

niaiqhbt63bl.l.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
csynztnvxxxy.l.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 38.132.109.186 (New York, United States)

ASN9009 (M247, GB)

niaiqhbt63bl.n.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
csynztnvxxxy.n.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.200.116.90 (Singapore, Singapore)

ASN9009 (M247, GB)
PTR: no-mans-land.m247.com

niaiqhbt63bl.s.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
csynztnvxxxy.s.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.59.56.9 (United States)

ASN53334 (TUT-AS, US)
PTR: customer.ipv4.totaluptime.com

displayvertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.95.112.254 (United States)

ASN53334 (TUT-AS, US)

blockadsnot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.27 (Ascension Island)

ASN9002 (RETN-AS, GB)

zuphaims.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.94 (Ascension Island)

ASN9002 (RETN-AS, GB)

onmarshtompor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 91.92.196.190 (United Kingdom)

ASN49882 (SKRILL, GB)

wlbet9ja.adsrv.eacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.169.206.226 (United Kingdom)

ASN36983 (OTR-A, ZA)
PTR: secure.betway.partners

secure.betwaypartnersafrica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.111.230.138 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-138.deploy.static.akamaitechnologies.com

wlbet9ja.eacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	9japayforum.com 1 redirects 9japayforum.com	1 MB
20	eacdn.com wlbet9ja.adsrv.eacdn.com wlbet9ja.eacdn.com	156 KB
19	adsco.re c.adsco.re 6.adsco.re 4.adsco.re adsco.re niaiqhbt63bl.l.adsco.re niaiqhbt63bl.n.adsco.re niaiqhbt63bl.s.adsco.re csynztnvxxxy.l.adsco.re csynztnvxxxy.n.adsco.re csynztnvxxxy.s.adsco.re	19 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	145 KB
4	googleapis.com fonts.googleapis.com	3 KB
3	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	88 B
3	aso1.net media.aso1.net srv.aso1.net track.aso1.net	9 KB
2	betwaypartnersafrica.com secure.betwaypartnersafrica.com	22 KB
2	zuphaims.com zuphaims.com	24 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	google.com adservice.google.com www.google.com	276 B
2	google.de adservice.google.de www.google.de	276 B
2	wp.com stats.wp.com pixel.wp.com	3 KB
2	blockadsnot.com www.blockadsnot.com blockadsnot.com	9 KB
2	displayvertising.com www.displayvertising.com displayvertising.com	9 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com	83 KB
1	onmarshtompor.com onmarshtompor.com
1	googletagservices.com www.googletagservices.com	28 KB
1	googleadservices.com partner.googleadservices.com	263 B
1	googletagmanager.com www.googletagmanager.com	39 KB
1	forkaweso.me forkaweso.me	9 KB
102	21

	Domain	Requested by
25	9japayforum.com	1 redirects 9japayforum.com
12	wlbet9ja.eacdn.com	wlbet9ja.adsrv.eacdn.com 9japayforum.com wlbet9ja.eacdn.com
8	wlbet9ja.adsrv.eacdn.com	media.aso1.net wlbet9ja.eacdn.com
4	fonts.googleapis.com	9japayforum.com
4	adsco.re	c.adsco.re
4	pagead2.googlesyndication.com	9japayforum.com pagead2.googlesyndication.com
3	4.adsco.re	9japayforum.com c.adsco.re
3	6.adsco.re	9japayforum.com c.adsco.re
3	c.adsco.re	www.displayvertising.com c.adsco.re
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	secure.betwaypartnersafrica.com	media.aso1.net 9japayforum.com
2	zuphaims.com	9japayforum.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	stackpath.bootstrapcdn.com	9japayforum.com stackpath.bootstrapcdn.com
1	onmarshtompor.com	zuphaims.com
1	track.aso1.net	media.aso1.net
1	pixel.wp.com	9japayforum.com
1	srv.aso1.net	media.aso1.net
1	blockadsnot.com	www.blockadsnot.com
1	displayvertising.com	www.displayvertising.com
1	www.google.de	9japayforum.com
1	www.google.com	9japayforum.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	csynztnvxxxy.s.adsco.re	c.adsco.re
1	csynztnvxxxy.n.adsco.re	c.adsco.re
1	csynztnvxxxy.l.adsco.re	c.adsco.re
1	niaiqhbt63bl.s.adsco.re	c.adsco.re
1	niaiqhbt63bl.n.adsco.re	c.adsco.re
1	niaiqhbt63bl.l.adsco.re	c.adsco.re
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.wp.com	9japayforum.com
1	www.blockadsnot.com	9japayforum.com
1	www.displayvertising.com	9japayforum.com
1	www.googletagmanager.com	9japayforum.com
1	forkaweso.me	9japayforum.com
1	media.aso1.net	9japayforum.com
102	40

This site contains links to these domains. Also see Links.

Domain
adsco.re
wa.me

Subject Issuer	Validity	Valid
9japayforum.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-23` - `2021-12-23`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-15` - `2021-08-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
forkaweso.me R3	`2020-12-10` - `2021-03-10`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
1503693843.rsc.cdn77.org Let's Encrypt Authority X3	`2020-11-14` - `2021-02-12`	3 months	crt.sh
1158060716.rsc.cdn77.org Let's Encrypt Authority X3	`2020-11-14` - `2021-02-12`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.adsco.re Sectigo RSA Organization Validation Secure Server CA	`2020-09-15` - `2021-09-26`	a year	crt.sh
*.l.adsco.re Sectigo RSA Domain Validation Secure Server CA	`2020-07-14` - `2022-07-14`	2 years	crt.sh
*.n.adsco.re Sectigo RSA Domain Validation Secure Server CA	`2020-07-14` - `2022-07-29`	2 years	crt.sh
*.s.adsco.re Sectigo RSA Domain Validation Secure Server CA	`2020-07-14` - `2022-07-29`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
displayvertising.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-19` - `2022-07-22`	2 years	crt.sh
blockadsnot.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-19` - `2022-07-22`	2 years	crt.sh
zuphaims.com Let's Encrypt Authority X3	`2020-11-23` - `2021-02-21`	3 months	crt.sh
onmarshtompor.com R3	`2021-01-13` - `2021-04-13`	3 months	crt.sh
*.adsrv.eacdn.com DigiCert SHA2 Secure Server CA	`2019-08-12` - `2021-08-12`	2 years	crt.sh
*.betwaypartnersafrica.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-28` - `2022-05-28`	2 years	crt.sh
developer.paysafe.com DigiCert SHA2 Secure Server CA	`2020-04-02` - `2021-04-24`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://9japayforum.com/
Frame ID: EC5497BD3042FC470D798EF69DB751E1
Requests: 74 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210113/r20190131/zrt_lookup.html
Frame ID: 4DC19B437BDD62F9C91C87701B07D4F3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5036388582547699&output=html&adk=1812271804&adf=2578278456&lmt=1611220729&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2F9japayforum.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1611220729913&bpp=11&bdt=110&idt=119&shv=r20210113&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1130662902470&frm=20&pv=2&ga_vid=1719059796.1611220730&ga_sid=1611220730&ga_hid=1425310823&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068785%2C21069710&oid=3&pvsid=1887569462994966&pem=96&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=136
Frame ID: 25F53424FB62AB4E334C2D7D376DA5CD
Requests: 1 HTTP requests in this frame

Frame: https://c.adsco.re/
Frame ID: CC8B65629C61B655D9216F7780775F96
Requests: 1 HTTP requests in this frame

Frame: https://c.adsco.re/
Frame ID: E0E45443675D62B6D252035D838F0A5B
Requests: 1 HTTP requests in this frame

Frame: https://onmarshtompor.com/fac.php
Frame ID: DE637BF1F28A9E6C912A37D7F32B9E66
Requests: 1 HTTP requests in this frame

Frame: https://wlbet9ja.adsrv.eacdn.com/S.ashx?btag=a_151963b_983c_&affid=8724&siteid=151963&adid=983&c=
Frame ID: AF1470648291C5DBF6B26F3BFECEE786
Requests: 4 HTTP requests in this frame

Frame: https://wlbet9ja.adsrv.eacdn.com/S.ashx?btag=a_151963b_983c_&affid=8724&siteid=151963&adid=983&c=
Frame ID: 97E44243DF598AF42E8C6281A3857DD2
Requests: 4 HTTP requests in this frame

Frame: https://wlbet9ja.adsrv.eacdn.com/S.ashx?btag=a_151963b_1002c_&affid=8724&siteid=151963&adid=1002&c=
Frame ID: 867AFEFC64B3B445790A2756A1612533
Requests: 4 HTTP requests in this frame

Frame: https://wlbet9ja.adsrv.eacdn.com/S.ashx?btag=a_151963b_1001c_&affid=8724&siteid=151963&adid=1001&c=
Frame ID: BC26912F81A2C9D6819C2B4DBA7EA708
Requests: 4 HTTP requests in this frame

Frame: https://secure.betwaypartnersafrica.com/mediahandler/btag-P59113-PR23702-CM66445-TS192917/
Frame ID: 27C64C8A635C741F0E878FB19237F4BA
Requests: 2 HTTP requests in this frame

Frame: https://wlbet9ja.adsrv.eacdn.com/T.ashx?btag=a_151963b_1001c_&affid=8724&siteid=151963&adid=1001&c=&t=637468175324830000&MediaID=2550&MediaIndex=0&XYZ=120%261%26188%26%26%26%260%260%26%26
Frame ID: 1968748981FEFD28D5FB36D65B526BA5
Requests: 1 HTTP requests in this frame

Frame: https://wlbet9ja.adsrv.eacdn.com/T.ashx?btag=a_151963b_983c_&affid=8724&siteid=151963&adid=983&c=&t=637468175325190000&MediaID=2453&MediaIndex=0&XYZ=120%261%26188%26%26%26%260%260%26%26
Frame ID: 54456CEC407E3F460FAC538C09793E9A
Requests: 1 HTTP requests in this frame

Frame: https://wlbet9ja.adsrv.eacdn.com/T.ashx?btag=a_151963b_983c_&affid=8724&siteid=151963&adid=983&c=&t=637468175325400000&MediaID=2453&MediaIndex=0&XYZ=120%261%26188%26%26%26%260%260%26%26
Frame ID: 1F9EFFD0D5937E65680B8A1F3E46BDDC
Requests: 1 HTTP requests in this frame

Frame: https://wlbet9ja.adsrv.eacdn.com/T.ashx?btag=a_151963b_1002c_&affid=8724&siteid=151963&adid=1002&c=&t=637468175325420000&MediaID=2522&MediaIndex=0&XYZ=120%261%26188%26%26%26%260%260%26%26
Frame ID: 489898DFA6CDAF76C138E0E929657EB8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: D274D4A3BB8F0228818B58876552286C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://9japayforum.com/ HTTP 301
https://9japayforum.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

102
Requests

100 %
HTTPS

47 %
IPv6

21
Domains

40
Subdomains

30
IPs

8
Countries

1674 kB
Transfer

3028 kB
Size

5
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://adsco.re/v
Title:

Search URL Search Domain Scan URL

URL: https://wa.me/2348135853520?text=Hello%Sir
Title: ZAGtech.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://9japayforum.com/ HTTP 301
https://9japayforum.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

102 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
9japayforum.com/
Redirect Chain

http://9japayforum.com/
https://9japayforum.com/

87 KB
29 KB

2024ms
1709ms

Document
text/html

162.0.209.101
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://9japayforum.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.101 , Canada, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium169-4.web-hosting.com
Software: Apache /
Resource Hash: 52416ee5eb58f94aa08f3fcbb9ca1655f8791f6e710be575d2bdd868660c8fb4

Request headers

:method: GET
:authority: 9japayforum.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:18:48 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
link: <https://9japayforum.com/wp-json/>; rel="https://api.w.org/"
content-encoding: gzip
vary: Accept-Encoding
set-cookie: PHPSESSID=64e0d4818c409d9537276ab34432de8c; path=/ pmpro_visit=1; path=/
last-modified: Thu, 21 Jan 2021 09:18:49 GMT
accept-ranges: none
referrer-policy: no-referrer-when-downgrade
content-type: text/html; charset=UTF-8

Redirect headers

Date: Thu, 21 Jan 2021 09:18:47 GMT
Server: Apache
Location: https://9japayforum.com/
Content-Length: 232
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 code.min.js Show response
media.aso1.net/js/ 14 KB
6 KB 78ms
30ms Script
application/javascript 104.21.234.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://media.aso1.net/js/code.min.js
Requested by: Host: 9japayforum.com
URL: https://9japayforum.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.234.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ed767116f129db10ccc72415853371ae40badbc870941b5630081268d42e3d1

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:18:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 263038
cf-ray: 614ff339ae00c863-AMS
cf-request-id: 07c5d658060000c863779fd000000001
last-modified: Mon, 18 Jan 2021 07:59:31 GMT
server: cloudflare
etag: W/"60053fe3-39af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=noH40eKb94jhUYOBCDU2lXS3Qzx7otbu0AiKkPYfx6P%2FVH2PEo%2B71Ho3XDfsYQqUY0Drl%2BQG3gZJqcOuvQCmazqFBm8Cjl4dd6RG2FZ2wQ%3D%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=86400
x-robots-tag: noindex, nofollow, noarchive, noimageindex
expires: Tue, 19 Jan 2021 08:14:51 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
47 KB 58ms
51ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 9japayforum.com
URL: https://9japayforum.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c685db1a28aa02aa1b43f51d4a85e823a140760be641d58559ee796a3739ff2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:18:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 47567
x-xss-protection: 0
server: cafe
etag: 506700201699315331
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 21 Jan 2021 09:18:49 GMT

GET
H2 200 fork-awesome.css
forkaweso.me/Fork-Awesome/assets/fork-awesome/css/ 41 KB
9 KB 57ms
16ms Stylesheet
text/css 185.199.110.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://forkaweso.me/Fork-Awesome/assets/fork-awesome/css/fork-awesome.css
Requested by: Host: 9japayforum.com
URL: https://9japayforum.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 24484da7e3b6e24d7f511fb83ace7849eb54ffaba0050b03bb097272478de5a0

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: e8ddfd8c8d4de2ffc833baf0d4f502824064d91c
date: Thu, 21 Jan 2021 09:18:49 GMT
content-encoding: gzip
age: 197
x-cache: HIT
content-length: 8862
x-served-by: cache-ams21054-AMS
access-control-allow-origin: *
last-modified: Thu, 28 Feb 2019 15:31:28 GMT
server: GitHub.com
x-github-request-id: E3C6:8E85:DE5EE:F22A8:600903FA
x-timer: S1611220730.854169,VS0,VE1
etag: W/"5c77fed0-a3ba"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Thu, 21 Jan 2021 04:42:59 GMT
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: MISS
x-cache-hits: 1

GET
H2 200 formidableforms.css
9japayforum.com/wp-content/plugins/formidable/css/ 58 KB
10 KB 468ms
462ms Stylesheet
text/css 162.0.209.101
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://9japayforum.com/wp-content/plugins/formidable/css/formidableforms.css?ver=12271823
Requested by: Host: 9japayforum.com
URL: https://9japayforum.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.101 , Canada, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium169-4.web-hosting.com
Software: Apache /
Resource Hash: a8a412a4899b6b9dc849c0f13b043c2e9db7351988455f08d879f14487806767

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:18:49 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 27 Dec 2020 18:23:04 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: none
content-length: 10140
expires: Fri, 21 Jan 2022 09:18:49 GMT

GET
H2 200 style.min.css
9japayforum.com/wp-includes/css/dist/block-library/ 50 KB
8 KB 184ms
178ms Stylesheet
text/css 162.0.209.101
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://9japayforum.com/wp-includes/css/dist/block-library/style.min.css?ver=5.6
Requested by: Host: 9japayforum.com
URL: https://9japayforum.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.101 , Canada, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium169-4.web-hosting.com
Software: Apache /
Resource Hash: 5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:18:49 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Dec 2020 22:51:40 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: none
content-length: 7855
expires: Fri, 21 Jan 2022 09:18:49 GMT

GET
H2 200 main_public.min.css
9japayforum.com/wp-content/plugins/indeed-affiliate-pro/assets/css/ 61 KB
11 KB 465ms
460ms Stylesheet
text/css 162.0.209.101
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://9japayforum.com/wp-content/plugins/indeed-affiliate-pro/assets/css/main_public.min.css?ver=5.6
Requested by: Host: 9japayforum.com
URL: https://9japayforum.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.101 , Canada, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium169-4.web-hosting.com
Software: Apache /
Resource Hash: dc5b73ad1844c1c4df30f332691248d8fe7ed2b9b8baf8939ec0712070b1aadb

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:18:49 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 27 Dec 2020 18:17:56 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: none
content-length: 10985
expires: Fri, 21 Jan 2022 09:18:49 GMT

GET
H2 200 templates.min.css
9japayforum.com/wp-content/plugins/indeed-affiliate-pro/assets/css/ 153 KB
15 KB 461ms
455ms Stylesheet
text/css 162.0.209.101
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://9japayforum.com/wp-content/plugins/indeed-affiliate-pro/assets/css/templates.min.css?ver=5.6
Requested by: Host: 9japayforum.com
URL: https://9japayforum.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.101 , Canada, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium169-4.web-hosting.com
Software: Apache /
Resource Hash: 26c81daf5459fc378ff520b4bc202e58e5ecdeef94f9e94a54a7be5a54d807f8

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:18:49 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 27 Dec 2020 18:17:56 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: none
content-length: 15273
expires: Fri, 21 Jan 2022 09:18:49 GMT

GET
H2 200 style.css
9japayforum.com/wp-content/plugins/indeed-membership-pro/assets/css/ 57 KB
11 KB 602ms
597ms Stylesheet
text/css 162.0.209.101
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://9japayforum.com/wp-content/plugins/indeed-membership-pro/assets/css/style.css?ver=5.6
Requested by: Host: 9japayforum.com
URL: https://9japayforum.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.101 , Canada, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium169-4.web-hosting.com
Software: Apache /
Resource Hash: a17dbd7c9448b529e758228ce60788a723429fe3e8878823b881d510f4c09ed6

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:18:49 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 30 Dec 2020 12:25:35 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: none
content-length: 10659
expires: Fri, 21 Jan 2022 09:18:49 GMT

GET
H2 200 templates.min.css
9japayforum.com/wp-content/plugins/indeed-membership-pro/assets/css/ 182 KB
17 KB 605ms
600ms Stylesheet
text/css 162.0.209.101
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://9japayforum.com/wp-content/plugins/indeed-membership-pro/assets/css/templates.min.css?ver=1.1
Requested by: Host: 9japayforum.com
URL: https://9japayforum.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.101 , Canada, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium169-4.web-hosting.com
Software: Apache /
Resource Hash: c57d4000485990fe74ebbfb71bc5d89dc0b41ce839d48476f188c0e8218150e6

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:18:49 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 30 Dec 2020 12:25:35 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: none
content-length: 17109
expires: Fri, 21 Jan 2022 09:18:49 GMT

GET
H2 200 frontend.css
9japayforum.com/wp-content/plugins/paid-memberships-pro/css/ 13 KB
3 KB 466ms
460ms Stylesheet
text/css 162.0.209.101
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://9japayforum.com/wp-content/plugins/paid-memberships-pro/css/frontend.css?ver=2.2.5
Requested by: Host: 9japayforum.com
URL: https://9japayforum.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.101 , Canada, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium169-4.web-hosting.com
Software: Apache /
Resource Hash: 91cb3ee6bfa57aedea2c726431d5db1b9521a4983b752ab253bd1faa50ee96b5

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:18:49 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 09 Jan 2021 16:36:31 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: none
content-length: 2671
expires: Fri, 21 Jan 2022 09:18:49 GMT

GET
H2 200 css1.css
9japayforum.com/wp-content/themes/assets-1/assets/css/ 28 KB
6 KB 324ms
319ms Stylesheet
text/css 162.0.209.101
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://9japayforum.com/wp-content/themes/assets-1/assets/css/css1.css?ver=5.6
Requested by: Host: 9japayforum.com
URL: https://9japayforum.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.101 , Canada, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium169-4.web-hosting.com
Software: Apache /
Resource Hash: 3d34fd07448eaf55a792228adf2e63d411a1ab22d21563717d81fce843cc40b4

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:18:49 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 24 Dec 2020 09:22:12 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: none
content-length: 5971
expires: Fri, 21 Jan 2022 09:18:49 GMT

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 31ms
11ms Stylesheet
text/css 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?ver=5.6

Requested by

Host: 9japayforum.com
URL: https://9japayforum.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:18:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H2 200 flexible.css
9japayforum.com/wp-content/themes/assets-1/assets/css/ 0
200 B 466ms
461ms Stylesheet
text/css 162.0.209.101
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://9japayforum.com/wp-content/themes/assets-1/assets/css/flexible.css?ver=5.6
Requested by: Host: 9japayforum.com
URL: https://9japayforum.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.101 , Canada, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium169-4.web-hosting.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:18:49 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 24 Dec 2020 09:22:12 GMT
server: Apache
content-type: text/css
cache-control: max-age=31536000
accept-ranges: none
content-length: 0
expires: Fri, 21 Jan 2022 09:18:49 GMT

GET
H2 200 mycred-front.css
9japayforum.com/wp-content/plugins/mycred/assets/css/ 485 B
510 B 601ms
596ms Stylesheet
text/css 162.0.209.101
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://9japayforum.com/wp-content/plugins/mycred/assets/css/mycred-front.css?ver=2.0.1
Requested by: Host: 9japayforum.com
URL: https://9japayforum.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.101 , Canada, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium169-4.web-hosting.com
Software: Apache /
Resource Hash: 21cd68319342807431fb3e0261bdc3e070158c7e91d9a24b58b372c03cf237c6

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:18:49 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 27 Dec 2020 18:08:12 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: none
content-length: 254
expires: Fri, 21 Jan 2022 09:18:49 GMT

GET
H2 200 jetpack.css
9japayforum.com/wp-content/plugins/jetpack/css/ 75 KB
14 KB 320ms
316ms Stylesheet
text/css 162.0.209.101
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://9japayforum.com/wp-content/plugins/jetpack/css/jetpack.css?ver=9.2.1
Requested by: Host: 9japayforum.com
URL: https://9japayforum.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.101 , Canada, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium169-4.web-hosting.com
Software: Apache /
Resource Hash: 7772a9cc35fc902c0cccb8871670ec3e45e4695e1bc6941aee1c24db3de8c544

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:18:49 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 25 Dec 2020 21:20:07 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: none
content-length: 13695
expires: Fri, 21 Jan 2022 09:18:49 GMT

GET
H2 200 jquery.min.js Show response
9japayforum.com/wp-includes/js/jquery/ 87 KB
30 KB 730ms
726ms Script
application/x-javascript 162.0.209.101
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://9japayforum.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: 9japayforum.com
URL: https://9japayforum.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.101 , Canada, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium169-4.web-hosting.com
Software: Apache /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:18:49 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Oct 2020 02:03:26 GMT
server: Apache
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
accept-ranges: none
content-length: 30916
expires: Fri, 21 Jan 2022 09:18:49 GMT

GET
H2 200 jquery-migrate.min.js Show response
9japayforum.com/wp-includes/js/jquery/ 11 KB
4 KB 604ms
600ms Script
application/x-javascript 162.0.209.101
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://9japayforum.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: 9japayforum.com
URL: https://9japayforum.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.101 , Canada, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium169-4.web-hosting.com
Software: Apache /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:18:49 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 19 Nov 2020 20:01:14 GMT
server: Apache
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
accept-ranges: none
content-length: 4169
expires: Fri, 21 Jan 2022 09:18:49 GMT

GET
H2 200 public-functions.min.js Show response
9japayforum.com/wp-content/plugins/indeed-affiliate-pro/assets/js/ 11 KB
3 KB 599ms
596ms Script
application/x-javascript 162.0.209.101
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://9japayforum.com/wp-content/plugins/indeed-affiliate-pro/assets/js/public-functions.min.js?ver=1.1
Requested by: Host: 9japayforum.com
URL: https://9japayforum.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.101 , Canada, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium169-4.web-hosting.com
Software: Apache /
Resource Hash: cf0ef74df0047300619cd59bf24a374946c4bb1127f43ea44017d8327aebb4a7

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:18:49 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 27 Dec 2020 18:17:56 GMT
server: Apache
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
accept-ranges: none
content-length: 3037
expires: Fri, 21 Jan 2022 09:18:49 GMT

GET
H2 200 jquery-ui.min.js Show response
9japayforum.com/wp-content/plugins/indeed-membership-pro/assets/js/ 22 KB
7 KB 178ms
175ms Script
application/x-javascript 162.0.209.101
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://9japayforum.com/wp-content/plugins/indeed-membership-pro/assets/js/jquery-ui.min.js
Requested by: Host: 9japayforum.com
URL: https://9japayforum.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.101 , Canada, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium169-4.web-hosting.com
Software: Apache /
Resource Hash: 09048375605c2c8021cba2eeec7245ce4edcd4beb6b63a8d17795cfdcfc8491b

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:18:49 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 30 Dec 2020 12:25:35 GMT
server: Apache
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
accept-ranges: none
content-length: 6775
expires: Fri, 21 Jan 2022 09:18:49 GMT

GET
H2 200 functions.min.js Show response
9japayforum.com/wp-content/plugins/indeed-membership-pro/assets/js/ 14 KB
4 KB 603ms
599ms Script
application/x-javascript 162.0.209.101
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://9japayforum.com/wp-content/plugins/indeed-membership-pro/assets/js/functions.min.js?ver=1.3
Requested by: Host: 9japayforum.com
URL: https://9japayforum.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.101 , Canada, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium169-4.web-hosting.com
Software: Apache /
Resource Hash: aa05940f23849102869e498221fe5c626fabf0799b2128378cda800b5a412036

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:18:49 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 30 Dec 2020 12:25:35 GMT
server: Apache
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
accept-ranges: none
content-length: 3531
expires: Fri, 21 Jan 2022 09:18:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 27ms
24ms Script
application/javascript 2a00:1450:4001:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-168249144-1

Requested by

Host: 9japayforum.com
URL: https://9japayforum.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ca6d918a31b34a988863101c7d29eb2801012363a1eadc959019e86dcb571d5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:18:49 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39560
x-xss-protection: 0
last-modified: Thu, 21 Jan 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Jan 2021 09:18:49 GMT

GET
H2 200 9japayforum.jpg
9japayforum.com/wp-content/uploads/2020/12/ 915 KB
915 KB 270ms
269ms Image
image/jpeg 162.0.209.101
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9japayforum.com/wp-content/uploads/2020/12/9japayforum.jpg
Requested by: Host: 9japayforum.com
URL: https://9japayforum.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.101 , Canada, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium169-4.web-hosting.com
Software: Apache /
Resource Hash: 4b9e91c168b1ee3370c495b1bae8a8d24de4ff8ebc2eb41868986e89350d0428

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:18:50 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 29 Dec 2020 16:50:47 GMT
server: Apache
etag: "e4a85-5b79d3144a51f"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 936581
expires: Fri, 21 Jan 2022 09:18:50 GMT

GET
H2 404 adspc.js
9japayforum.com/ 0
0 1590ms
1589ms Script
text/html 162.0.209.101
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://9japayforum.com/adspc.js
Requested by: Host: 9japayforum.com
URL: https://9japayforum.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.101 , Canada, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium169-4.web-hosting.com
Software: Apache /
Resource Hash

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 09:18:50 GMT
referrer-policy: no-referrer-when-downgrade
server: Apache
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://9japayforum.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 main.js Show response
9japayforum.com/wp-content/themes/assets-1/js/ 1 KB
737 B 699ms
697ms Script
application/x-javascript 162.0.209.101
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://9japayforum.com/wp-content/themes/assets-1/js/main.js
Requested by: Host: 9japayforum.com
URL: https://9japayforum.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.101 , Canada, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium169-4.web-hosting.com
Software: Apache /
Resource Hash: 971583f394afc5b1c43dc8c01722e24bf64cd4b940ec52cb37d58ac826cbdaa2

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:18:50 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 09 Jan 2021 17:37:24 GMT
server: Apache
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
accept-ranges: none
content-length: 465
expires: Fri, 21 Jan 2022 09:18:50 GMT

GET
H2 200 interact.min.js Show response
www.displayvertising.com/ 31 KB
9 KB 107ms
32ms Script
application/x-javascript 2a02:6ea0:c700::3
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://www.displayvertising.com/interact.min.js
Requested by: Host: 9japayforum.com
URL: https://9japayforum.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::3 , Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e249d9018f738d7454578572055023e718d5fb3cd1388db9a985bb8ca938a1ae

Request headers

Origin: https://9japayforum.com
Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-nzt: AcO1rzLwQ/nveIwEAA==
date: Thu, 21 Jan 2021 09:18:49 GMT
content-encoding: br
server: CDN77-Turbo
link: <https://displayvertising.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
x-edge-pop: frankfurtDE
x-77-nzt-ray: utXoCckqpZo=
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
x-edge-ip: 195.181.175.50
x-age: 298104
alt-svc: quic="195.181.175.50:443"; ma=2592000; v="44,43,39"
expires: Sun, 24 Jan 2021 22:30:25 GMT

GET
H2 200 date.min.js Show response
www.blockadsnot.com/ 31 KB
9 KB 123ms
32ms Script
application/x-javascript 2a02:6ea0:c700::1
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blockadsnot.com/date.min.js
Requested by: Host: 9japayforum.com
URL: https://9japayforum.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::1 , Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2f13932bc8ded5f03ef9230a04bd4d5579b79e3ed3fee39d29d42c214c346add

Request headers

Origin: https://9japayforum.com
Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 21 Jan 2021 09:18:49 GMT
content-encoding: br
x-edge-pop: frankfurtDE
x-77-cache: HIT
x-cache: HIT
x-age: 93147
alt-svc: quic="195.181.175.44:443"; ma=2592000; v="44,43,39"
x-77-nzt: AcO1ryxrdGXv22sBAA==
server: CDN77-Turbo
x-77-nzt-ray: Mn6m3M3MCaU=
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
x-edge-ip: 195.181.175.44
link: <https://blockadsnot.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
expires: Wed, 27 Jan 2021 07:26:22 GMT

GET
H2 200 wp-embed.min.js Show response
9japayforum.com/wp-includes/js/ 1 KB
1 KB 161ms
159ms Script
application/x-javascript 162.0.209.101
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://9japayforum.com/wp-includes/js/wp-embed.min.js?ver=5.6
Requested by: Host: 9japayforum.com
URL: https://9japayforum.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.101 , Canada, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium169-4.web-hosting.com
Software: Apache /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:18:50 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 26 Oct 2019 09:47:08 GMT
server: Apache
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
accept-ranges: none
content-length: 769
expires: Fri, 21 Jan 2022 09:18:50 GMT

GET
H2 200 e-202103.js Show response
stats.wp.com/ 9 KB
3 KB 44ms
14ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202103.js
Requested by: Host: 9japayforum.com
URL: https://9japayforum.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams
date: Thu, 21 Jan 2021 09:18:49 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Mon, 10 Jan 2022 00:11:33 GMT

GET
H2 200 wp-emoji-release.min.js Show response
9japayforum.com/wp-includes/js/ 14 KB
5 KB 573ms
573ms Script
application/x-javascript 162.0.209.101
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://9japayforum.com/wp-includes/js/wp-emoji-release.min.js?ver=5.6
Requested by: Host: 9japayforum.com
URL: https://9japayforum.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.101 , Canada, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium169-4.web-hosting.com
Software: Apache /
Resource Hash: 3685c3818240f5f390073c7d04f944a5cb5d848093224f3a7888034e8c050eb4

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:18:50 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 21 Oct 2020 02:25:24 GMT
server: Apache
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
accept-ranges: none
content-length: 4671
expires: Fri, 21 Jan 2022 09:18:50 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210113/r20190131/ 228 KB
85 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210113/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61bef528f51b67951802ce74eedb99dda7b476671a1cacef80c4a8fe0a5633ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:18:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 87099
x-xss-protection: 0
server: cafe
etag: 6583541633825610200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Jan 2021 09:18:49 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210113/r20190131/ Frame 4DC1 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210113/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210113/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://9japayforum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://9japayforum.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 21 Jan 2021 02:52:04 GMT
expires: Thu, 04 Feb 2021 02:52:04 GMT
content-type: text/html; charset=UTF-8
etag: 12197657918578843409
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4751
x-xss-protection: 0
age: 23205
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 205 B
263 B 55ms
54ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=9japayforum.com&callback=_gfp_s_&client=ca-pub-5036388582547699

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

57595e352f7fb9741b010ff3632b4911c1232c8cd908f35a122cf1be213d43f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:18:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
169 B 42ms
41ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=9japayforum.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jan 2021 09:18:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
169 B 41ms
40ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=9japayforum.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jan 2021 09:18:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 25F5 0
0 53ms
52ms Document
text/html 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5036388582547699&output=html&adk=1812271804&adf=2578278456&lmt=1611220729&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2F9japayforum.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1611220729913&bpp=11&bdt=110&idt=119&shv=r20210113&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1130662902470&frm=20&pv=2&ga_vid=1719059796.1611220730&ga_sid=1611220730&ga_hid=1425310823&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068785%2C21069710&oid=3&pvsid=1887569462994966&pem=96&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=136

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5036388582547699&output=html&adk=1812271804&adf=2578278456&lmt=1611220729&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2F9japayforum.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1611220729913&bpp=11&bdt=110&idt=119&shv=r20210113&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1130662902470&frm=20&pv=2&ga_vid=1719059796.1611220730&ga_sid=1611220730&ga_hid=1425310823&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068785%2C21069710&oid=3&pvsid=1887569462994966&pem=96&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=136
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://9japayforum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://9japayforum.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 21 Jan 2021 09:18:50 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 21-Jan-2021 09:33:50 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 21 Jan 2021 09:18:50 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

080da30aa445e67edb9fa3673bf91badd76a12ec0457d3d4d098bf48f62dc7cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:18:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1610714114181599"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28294
x-xss-protection: 0
expires: Thu, 21 Jan 2021 09:18:50 GMT

GET
H2 200 / Show response
c.adsco.re/ 37 KB
12 KB 45ms
15ms Script
text/html 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: www.displayvertising.com
URL: https://www.displayvertising.com/interact.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efa168aea8792f95139e4ad98344b89fd16f6a0f2444aac33a33121db774281e

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:18:50 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 117449
etag: W/"dOXpo7olgm4LQxe6HLwxaw=="
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
cache-control: public, max-age=2678400
cf-ray: 614ff33b08344a80-FRA
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
cf-request-id: 07c5d658e700004a80488a1000000001
expires: Sun, 21 Feb 2021 09:18:50 GMT

GET
H2 200 /
6.adsco.re/ 0
129 B 40ms
22ms Other
text/plain 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Requested by: Host: 9japayforum.com
URL: https://9japayforum.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin: https://9japayforum.com
Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:18:50 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://9japayforum.com
access-control-max-age: 2592000
cache-control: private, max-age=10
cf-ray: 614ff33b4eeb4a68-FRA
access-control-allow-headers: Content-Type
cf-request-id: 07c5d6590a00004a683c1f3000000001

GET
H/1.1 200
OK /
4.adsco.re/ 0
463 B 300ms
245ms Other
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4.adsco.re/
Requested by: Host: 9japayforum.com
URL: https://9japayforum.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin: https://9japayforum.com
Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 09:18:50 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://9japayforum.com
Cache-Control: private, max-age=10
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

POST
H/1.1 200
OK p Show response
adsco.re/ 0
417 B 296ms
243ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 21 Jan 2021 09:18:50 GMT
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
AS-P-4: OK
Transfer-Encoding: chunked
AS-P-1: OK
Access-Control-Allow-Origin: https://9japayforum.com
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
AS-E: ND
AS-P-2: OK
AS-P-3: OK

GET
H/1.1 200
OK / Show response
4.adsco.re/ 47 B
463 B 290ms
242ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 7444d2aaa73be33c9f16f41b46592d3e1d4b60b87ec35981782582f9e1b94862

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 09:18:50 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://9japayforum.com
Cache-Control: private, max-age=10
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H2 200 / Show response
6.adsco.re/ 53 B
408 B 32ms
20ms XHR
text/plain 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 131a638276d530de6eeac45664891bd4eb4721381b348168011eb86e38f8eff3

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:18:50 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://9japayforum.com
access-control-max-age: 2592000
cache-control: private, max-age=10
cf-ray: 614ff33b4ee84a68-FRA
access-control-allow-headers: Content-Type
cf-request-id: 07c5d6590a00004a68fcb9f000000001

POST
H/1.1 200
OK /
niaiqhbt63bl.l.adsco.re/ 0
464 B 105ms
44ms Other
text/html 185.200.118.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://niaiqhbt63bl.l.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.118.90 London, United Kingdom, ASN9009 (M247, GB),
Reverse DNS: adscore.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 21 Jan 2021 09:18:50 GMT
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
ETag: "5b60dfaf-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

POST
H/1.1 200
OK /
niaiqhbt63bl.n.adsco.re/ 0
464 B 352ms
89ms Other
text/html 38.132.109.186
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://niaiqhbt63bl.n.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.132.109.186 New York, United States, ASN9009 (M247, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 21 Jan 2021 09:18:50 GMT
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
ETag: "5b5f2f9a-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

POST
H/1.1 200
OK /
niaiqhbt63bl.s.adsco.re/ 0
464 B 774ms
182ms Other
text/html 185.200.116.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://niaiqhbt63bl.s.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.116.90 Singapore, Singapore, ASN9009 (M247, GB),
Reverse DNS: no-mans-land.m247.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 21 Jan 2021 09:18:50 GMT
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
ETag: "5b5f30d9-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

GET
H2 200 /
c.adsco.re/ Frame CC8B 0
0 20ms
18ms Document
text/html 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: c.adsco.re
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://9japayforum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://9japayforum.com/

Response headers

date: Thu, 21 Jan 2021 09:18:50 GMT
content-type: text/html
cache-control: public, max-age=2678400
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
expires: Sun, 21 Feb 2021 09:18:50 GMT
etag: W/"dOXpo7olgm4LQxe6HLwxaw=="
cf-cache-status: HIT
age: 117449
cf-request-id: 07c5d6590600004a80ebb20000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 614ff33b38ea4a80-FRA
content-encoding: br

POST
H/1.1 200
OK p Show response
adsco.re/ 0
417 B 63ms
25ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 21 Jan 2021 09:18:50 GMT
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
AS-P-4: OK
Transfer-Encoding: chunked
AS-P-1: OK
Access-Control-Allow-Origin: https://9japayforum.com
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
AS-E: ND
AS-P-2: OK
AS-P-3: OK

GET
H/1.1 200
OK / Show response
4.adsco.re/ 47 B
463 B 58ms
26ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 7444d2aaa73be33c9f16f41b46592d3e1d4b60b87ec35981782582f9e1b94862

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 09:18:50 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://9japayforum.com
Cache-Control: private, max-age=10
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H2 200 / Show response
6.adsco.re/ 53 B
129 B 12ms
11ms XHR
text/plain 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 131a638276d530de6eeac45664891bd4eb4721381b348168011eb86e38f8eff3

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:18:50 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://9japayforum.com
access-control-max-age: 2592000
cache-control: private, max-age=10
cf-ray: 614ff33c09d04a68-FRA
access-control-allow-headers: Content-Type
cf-request-id: 07c5d6598900004a6845b2a000000001

POST
H/1.1 200
OK /
csynztnvxxxy.l.adsco.re/ 0
464 B 117ms
21ms Other
text/html 185.200.118.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://csynztnvxxxy.l.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.118.90 London, United Kingdom, ASN9009 (M247, GB),
Reverse DNS: adscore.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 21 Jan 2021 09:18:50 GMT
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
ETag: "5b60dfaf-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

POST
H/1.1 200
OK /
csynztnvxxxy.n.adsco.re/ 0
464 B 352ms
89ms Other
text/html 38.132.109.186
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://csynztnvxxxy.n.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.132.109.186 New York, United States, ASN9009 (M247, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 21 Jan 2021 09:18:50 GMT
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
ETag: "5b5f2f9a-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

POST
H/1.1 200
OK /
csynztnvxxxy.s.adsco.re/ 0
464 B 779ms
181ms Other
text/html 185.200.116.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://csynztnvxxxy.s.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.116.90 Singapore, Singapore, ASN9009 (M247, GB),
Reverse DNS: no-mans-land.m247.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 21 Jan 2021 09:18:50 GMT
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
ETag: "5b5f30d9-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

GET
H2 200 /
c.adsco.re/ Frame E0E4 0
0 20ms
20ms Document
text/html 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: c.adsco.re
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://9japayforum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://9japayforum.com/

Response headers

date: Thu, 21 Jan 2021 09:18:50 GMT
content-type: text/html
cache-control: public, max-age=2678400
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
expires: Sun, 21 Feb 2021 09:18:50 GMT
etag: W/"dOXpo7olgm4LQxe6HLwxaw=="
cf-cache-status: HIT
age: 117449
cf-request-id: 07c5d6598c00004a80fcb8d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 614ff33c1b6d4a80-FRA
content-encoding: br

GET
H2 200 css
fonts.googleapis.com/ 8 KB
837 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:100,400,300,500,600,700

Requested by

Host: 9japayforum.com
URL: https://9japayforum.com/wp-content/plugins/indeed-affiliate-pro/assets/css/main_public.min.css?ver=5.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c79f45aa72da8267dd5abcffe78bfd8fbc9add544bbccf6db01d5b6f54e1c7d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://9japayforum.com/wp-content/plugins/indeed-affiliate-pro/assets/css/main_public.min.css?ver=5.6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 21 Jan 2021 09:17:25 GMT
server: ESF
date: Thu, 21 Jan 2021 09:18:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Jan 2021 09:18:50 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
673 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:100,400,300,600,700

Requested by

Host: 9japayforum.com
URL: https://9japayforum.com/wp-content/plugins/indeed-affiliate-pro/assets/css/main_public.min.css?ver=5.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d2d9f7b4cdfab62137c57352c9687733f5fa9de2c3ab438fda2cd5b51d3d82f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://9japayforum.com/wp-content/plugins/indeed-affiliate-pro/assets/css/main_public.min.css?ver=5.6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 21 Jan 2021 09:18:50 GMT
server: ESF
date: Thu, 21 Jan 2021 09:18:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Jan 2021 09:18:50 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
876 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,600,700

Requested by

Host: 9japayforum.com
URL: https://9japayforum.com/wp-content/plugins/indeed-affiliate-pro/assets/css/main_public.min.css?ver=5.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b4a4bc9bcb9b4687ab0d2439605e8c84fb9bdb3c08813c308a4bc99b8cf3fbec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://9japayforum.com/wp-content/plugins/indeed-affiliate-pro/assets/css/main_public.min.css?ver=5.6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 21 Jan 2021 09:09:18 GMT
server: ESF
date: Thu, 21 Jan 2021 09:18:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Jan 2021 09:18:50 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 5 KB
641 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:300,400,700

Requested by

Host: 9japayforum.com
URL: https://9japayforum.com/wp-content/plugins/indeed-membership-pro/assets/css/templates.min.css?ver=1.1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7f484d50f9789c64144eafa192077fdde1968b8010fa826ce74c4c50d17656e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://9japayforum.com/wp-content/plugins/indeed-membership-pro/assets/css/templates.min.css?ver=1.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 21 Jan 2021 08:04:14 GMT
server: ESF
date: Thu, 21 Jan 2021 09:18:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Jan 2021 09:18:50 GMT

POST
H/1.1 200
OK p Show response
adsco.re/ 362 B
856 B 45ms
45ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: f0acf3c46e97d555ae8528d099af2d8a1b4e80ff7b9a89498c9996fc6c84d1f4

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

AS-P-G: OK
Date: Thu, 21 Jan 2021 09:18:50 GMT
AS-P-7: OK
AS-P-9: OK
AS-P-C: OK
Transfer-Encoding: chunked
AS-P-5: OK
AS-P-F: OK
Connection: keep-alive
Content-Encoding: gzip
AS-P-2: OK
AS-P-D: OK
AS-P-6: OK
AS-P-B: OK
AS-P-H: OK
AS-P-4: OK
AS-P-A: OK
Access-Control-Max-Age: 2592000
AS-P-1: OK
Access-Control-Allow-Origin: https://9japayforum.com
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
AS-P-8: OK
Content-Type: text/html; charset=UTF-8
AS-P-E: OK
AS-P-3: OK

GET
H2 200 print.css
9japayforum.com/wp-content/plugins/paid-memberships-pro/css/ 86 B
352 B 554ms
553ms Stylesheet
text/css 162.0.209.101
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://9japayforum.com/wp-content/plugins/paid-memberships-pro/css/print.css?ver=2.2.5
Requested by: Host: 9japayforum.com
URL: https://9japayforum.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.101 , Canada, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium169-4.web-hosting.com
Software: Apache /
Resource Hash: 914cb6fe13efdf97379c1a2910d677144821201ff3f41b67a5a6ddb367e1a27b

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:18:50 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 09 Jan 2021 16:36:31 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: none
content-length: 97
expires: Fri, 21 Jan 2022 09:18:50 GMT

GET
H2 200 background.png
9japayforum.com/wp-content/themes/assets-1/img/ 215 B
448 B 538ms
538ms Image
image/png 162.0.209.101
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9japayforum.com/wp-content/themes/assets-1/img/background.png
Requested by: Host: 9japayforum.com
URL: https://9japayforum.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.209.101 , Canada, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium169-4.web-hosting.com
Software: Apache /
Resource Hash: 2d480c2a4d2e60877173c55dbb75e2230e0f9fc369b5aad3a3cd4b29801ea734

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:18:50 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 24 Dec 2020 09:22:12 GMT
server: Apache
etag: "d7-5b73257c34c13"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 215
expires: Fri, 21 Jan 2022 09:18:50 GMT

GET
H2 200 fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 23ms
9ms Font
font/woff2 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: stackpath.bootstrapcdn.com
URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?ver=5.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://9japayforum.com
Referer: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?ver=5.6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:18:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 77171

POST
H/1.1 200
OK p Show response
adsco.re/ 364 B
858 B 40ms
39ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 66d26b076d1f85c36e90b135645a87caf852bbc3bd9051d9f71427b8cf96472b

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

AS-P-G: OK
Date: Thu, 21 Jan 2021 09:18:50 GMT
AS-P-7: OK
AS-P-9: OK
AS-P-C: OK
Transfer-Encoding: chunked
AS-P-5: OK
AS-P-F: OK
Connection: keep-alive
Content-Encoding: gzip
AS-P-2: OK
AS-P-D: OK
AS-P-6: OK
AS-P-B: OK
AS-P-H: OK
AS-P-4: OK
AS-P-A: OK
Access-Control-Max-Age: 2592000
AS-P-1: OK
Access-Control-Allow-Origin: https://9japayforum.com
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
AS-P-8: OK
Content-Type: text/html; charset=UTF-8
AS-P-E: OK
AS-P-3: OK

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-168249144-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 7158
date: Thu, 21 Jan 2021 07:19:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Thu, 21 Jan 2021 09:19:32 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
388 B 47ms
13ms XHR
text/plain 2a00:1450:4001:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&aip=1&a=1425310823&t=pageview&_s=1&dl=https%3A%2F%2F9japayforum.com%2F&ul=en-us&de=UTF-8&dt=9japayforum&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAUABAAAAAC~&jid=1394958351&gjid=708700470&cid=1719059796.1611220730&tid=UA-168249144-1&_gid=1658314864.1611220731&_r=1&did=dZTNiMT&gtm=2ou1d0&z=1757225050

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 09:18:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://9japayforum.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
88 B 17ms
16ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-168249144-1&cid=1719059796.1611220730&jid=1394958351&gjid=708700470&_gid=1658314864.1611220731&_u=IAhAAUAAAAAAAC~&z=2045433857

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 21 Jan 2021 09:18:50 GMT
content-type: text/plain
access-control-allow-origin: https://9japayforum.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-168249144-1&cid=1719059796.1611220730&jid=1394958351&_u=IAhAAUAAAAAAAC~&z=198664112

Requested by

Host: 9japayforum.com
URL: https://9japayforum.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 09:18:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-168249144-1&cid=1719059796.1611220730&jid=1394958351&_u=IAhAAUAAAAAAAC~&z=198664112

Requested by

Host: 9japayforum.com
URL: https://9japayforum.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 09:18:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 xJBip.html Show response
displayvertising.com/ 0
123 B 267ms
225ms Script
application/javascript 216.59.56.9
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://displayvertising.com/xJBip.html?_=BAoAYAlG-gFgCUb6gAGBAsAAIJI_eyJQ6uxdzRQ0tTl5Q8PHyBzyew7YXTWFsTrdkQ97wQBGMEQCIAU2CdoARfnjJU5u6plJ4vMuB3XZ0z8VDB37ZXPtFDh8AiBz8tHiRJZ577_IIIds04PaUNJlD5yQLPXEaKoM7IbEM8IAIBOwzd4fH9bWNwjCTvgQBBmCh7phDCLURdAcsGMCYFjrxAAQKgEE-AEhExoAAAAAAAAAAsUAEIqI0wxeipGt3HjYbSpBzYnDAEcwRQIgLdRYHYl5j_rzpKLo1ljgBR8qAlVrnA0WWYeVA0E15n4CIQC6SdV53gXpWFJ2QTKrTW7byhHcnghIkxZK7PDXBmIaIQ&v=4&yvuRWhMI=4032005&minBid=&RdcrQJjH=0,0&typrnhOi=&KmqLfUhP=&s=1600,1200,1,1600,1200,0
Requested by: Host: www.displayvertising.com
URL: https://www.displayvertising.com/interact.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.9 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:18:50 GMT
asf: 9
access-control-allow-origin: *
content-type: application/javascript
popads-ec: ASB
cache-control: public, max-age=604800
content-length: 0
expires: Thu, 28 Jan 2021 09:18:50 GMT

GET
H2 200 GXsw.htm Show response
blockadsnot.com/ 0
123 B 271ms
228ms Script
application/javascript 208.95.112.254
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blockadsnot.com/GXsw.htm?_=BAoAYAlG-gFgCUb6gAGBAsAAIJI_eyJQ6uxdzRQ0tTl5Q8PHyBzyew7YXTWFsTrdkQ97wQBIMEYCIQDc5eWH5VTiZJG2vA_avV5fj1K45XZsFvlXDsO9nxcUxgIhANQMNw_NNeIgfuJZKJS5O7uKzJZlkt83WcfBNmAK8HmxwgAgE7DN3h8f1tY3CMJO-BAEGYKHumEMItRF0BywYwJgWOvEABAqAQT4ASETGgAAAAAAAAACxQAQiojTDF6Kka3ceNhtKkHNicMARzBFAiEAolqUSyXqbGYQbSvdBUkDQ4lZ0lb3gQZS6JLplRaqF7sCIFN4t2b9Qop7tDQBEMa7HfXE3k5HiR_pToEjZFb_J90i&v=4&AHsTgiyB=4032005&minBid=&xQtrEYjz=0,0&efvqpTkj=&PUehCBrk=&s=1600,1200,1,1600,1200,0
Requested by: Host: www.blockadsnot.com
URL: https://www.blockadsnot.com/date.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 208.95.112.254 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:18:50 GMT
asf: 9
access-control-allow-origin: *
content-type: application/javascript
popads-ec: ASB
cache-control: public, max-age=604800
content-length: 0
expires: Thu, 28 Jan 2021 09:18:50 GMT

GET
H/1.1 200
OK / Show response
zuphaims.com/5/3865197/ 3 KB
2 KB 66ms
19ms XHR
application/json 139.45.195.27
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zuphaims.com/5/3865197/?oo=1
Requested by: Host: 9japayforum.com
URL: https://9japayforum.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.195.27 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: f568460550838cc1cf8b3f5a4c880ac153048ec4555db6e01d10f15b87a79005

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 1504b0062b19a63db53da9b911bac810
Pragma: no-cache, no-cache
Date: Thu, 21 Jan 2021 09:18:52 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://9japayforum.com
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
zuphaims.com/ 81 KB
22 KB 91ms
44ms Script
application/javascript 139.45.195.27
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://zuphaims.com/tag.min.js

Requested by

Host: 9japayforum.com
URL: https://9japayforum.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.195.27 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

cf44440b5a5d9f372b338ca5859fa02f7a8997b19bfe709fff0bd40a6d6f7f79

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 09:18:52 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 21958
X-Trace-Id: 2fc6e7bc0dac87dc5f0c3e56cce2e454
Pragma: no-cache
Last-Modified: Wed, 20 Jan 2021 13:22:37 GMT
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 rotor Show response
srv.aso1.net/ 11 KB
2 KB 55ms
43ms Script
application/javascript 104.21.234.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.aso1.net/rotor?data=NnF2ZHV%2FZDtoYXhkfHAgDxEmc1FNP0Ujd3cUE3ofFQcHdS0zNS47NToiPzliNT1fEmEIH1B2BXYkKWgHbjUNUC9hEgFjO39iY2F7Zn5mZQEFdTpLWChebRMIEmQNFnJmFBwNBgkZEGFiAwRtdR1nYmUXGw9xEgVl_ALGREOBSUPJTLVR27SN99K5PRDU6HY05&ver=4.0.4&async=1&zones=%5B%7B%22id%22%3A%2262097%22%2C%22el%22%3A%22_fg7n0%22%7D%2C%7B%22id%22%3A%2262097%22%2C%22el%22%3A%22_fg7n1%22%7D%2C%7B%22id%22%3A%2262093%22%2C%22el%22%3A%22_fg7n2%22%7D%2C%7B%22id%22%3A%2262097%22%2C%22el%22%3A%22_fg7n6%22%7D%2C%7B%22id%22%3A%2262094%22%2C%22el%22%3A%22_fg7n7%22%7D%2C%7B%22id%22%3A%2262095%22%2C%22el%22%3A%22_fg7n8%22%7D%5D&__cb=0.9790897240540493
Requested by: Host: media.aso1.net
URL: https://media.aso1.net/js/code.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.234.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41cfd6651174bcf108f11c2c7eab5bdab5709461f5a73191366994168b83835f

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 09:18:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-control: no-store, no-cache, must-revalidate, private, no-cache=Set-Cookie, proxy-revalidate, max-age=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=q37gIOP%2B6erlEvPhV4LFMke6MBzViF%2B1MnnGVBo2gckMAHSiAbsICXU4QlRQ%2BmUXjrxZ5p%2Ffw8NDmgCusP01OKwP00%2F66XXKYAmr8Y4%3D"}],"group":"cf-nel"}
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: application/javascript
x-robots-tag: noindex, nofollow, noarchive, noimageindex
cf-ray: 614ff3475921c863-AMS
cf-request-id: 07c5d660960000c8637e108000000001
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
115 B 15ms
14ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A9.2.1&blog=178192445&post=0&tz=0&srv=9japayforum.com&host=9japayforum.com&ref=&fcp=3155&rand=0.2222986059103349
Requested by: Host: 9japayforum.com
URL: https://9japayforum.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:18:52 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 204 wtf.js Show response
track.aso1.net/ 0
334 B 53ms
45ms Script
text/plain 104.21.234.154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.aso1.net/wtf.js?counters=%5B%7B%22aid%22%3A140043%2C%22zid%22%3A62097%7D%2C%7B%22aid%22%3A140043%2C%22zid%22%3A62097%7D%2C%7B%22aid%22%3A140022%2C%22zid%22%3A62093%7D%2C%7B%22aid%22%3A140023%2C%22zid%22%3A62097%7D%2C%7B%22aid%22%3A140601%2C%22zid%22%3A62094%7D%5D&page=%2F%2F9japayforum.com&lang=en-US&_t=1611221032&_h=c5977a67a1c9eb953ab25285b0cc2965251bcd8d&r=6360981506
Requested by: Host: media.aso1.net
URL: https://media.aso1.net/js/code.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.234.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 09:18:52 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=M103m0GtqFplmCSG5nZZzCnYpcBTZLFsJ9nHHSC2bg%2BR0HIoOpUAN%2FzAmROD8vgZbqOBpNwFwFqJM6hMvcIsQLoPfb%2B6%2Bf71DVtLFC%2F0UA%3D%3D"}],"group":"cf-nel"}
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, private, no-cache=Set-Cookie, proxy-revalidate, max-age=0
cf-ray: 614ff347a9b8c863-AMS
cf-request-id: 07c5d660cc0000c8637300f000000001
x-robots-tag: noindex, nofollow, noarchive, noimageindex
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content fac.php
onmarshtompor.com/ Frame DE63 0
0 64ms
15ms Document
text/html 139.45.195.94
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onmarshtompor.com/fac.php

Requested by

Host: zuphaims.com
URL: https://zuphaims.com/tag.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.195.94 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Host: onmarshtompor.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://9japayforum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://9japayforum.com/

Response headers

Server: nginx
Date: Thu, 21 Jan 2021 09:18:52 GMT
Content-Type: text/html; charset=utf8
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin: * *
X-Trace-Id: 5f5696776eaa817b2f229ba456a96c62
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK S.ashx Show response
wlbet9ja.adsrv.eacdn.com/ Frame AF14 1 KB
975 B 188ms
104ms Script
text/html 91.92.196.190
SKRILL

General

Check archive.org

Show headers Download Go to

Full URL: https://wlbet9ja.adsrv.eacdn.com/S.ashx?btag=a_151963b_983c_&affid=8724&siteid=151963&adid=983&c=
Requested by: Host: media.aso1.net
URL: https://media.aso1.net/js/code.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.92.196.190 , United Kingdom, ASN49882 (SKRILL, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 355825e10957fbfb2dbfdd6da37bf99a808007d665f19ea544040ac5050b85fa

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 09:18:51 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: private
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 491

GET
H/1.1 200
OK S.ashx Show response
wlbet9ja.adsrv.eacdn.com/ Frame 97E4 1 KB
975 B 188ms
97ms Script
text/html 91.92.196.190
SKRILL

General

Check archive.org

Show headers Download Go to

Full URL: https://wlbet9ja.adsrv.eacdn.com/S.ashx?btag=a_151963b_983c_&affid=8724&siteid=151963&adid=983&c=
Requested by: Host: media.aso1.net
URL: https://media.aso1.net/js/code.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.92.196.190 , United Kingdom, ASN49882 (SKRILL, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 355825e10957fbfb2dbfdd6da37bf99a808007d665f19ea544040ac5050b85fa

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 09:18:51 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: private
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 491

GET
H/1.1 200
OK S.ashx Show response
wlbet9ja.adsrv.eacdn.com/ Frame 867A 1 KB
975 B 187ms
71ms Script
text/html 91.92.196.190
SKRILL

General

Check archive.org

Show headers Download Go to

Full URL: https://wlbet9ja.adsrv.eacdn.com/S.ashx?btag=a_151963b_1002c_&affid=8724&siteid=151963&adid=1002&c=
Requested by: Host: media.aso1.net
URL: https://media.aso1.net/js/code.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.92.196.190 , United Kingdom, ASN49882 (SKRILL, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dd0af4bb05041e2e3a18f5a5ea6c65de5b28dc8c0b20af78137263c5f5e38f2a

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 09:18:51 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: private
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 491

GET
H/1.1 200
OK S.ashx Show response
wlbet9ja.adsrv.eacdn.com/ Frame BC26 1 KB
975 B 187ms
72ms Script
text/html 91.92.196.190
SKRILL

General

Check archive.org

Show headers Download Go to

Full URL: https://wlbet9ja.adsrv.eacdn.com/S.ashx?btag=a_151963b_1001c_&affid=8724&siteid=151963&adid=1001&c=
Requested by: Host: media.aso1.net
URL: https://media.aso1.net/js/code.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.92.196.190 , United Kingdom, ASN49882 (SKRILL, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1876f22ddac03b125dd65512fa652f5098300b4976e6a89b7d64428fa8853426

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 09:18:51 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: private
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 491

GET
H/1.1 200
OK / Show response
secure.betwaypartnersafrica.com/mediahandler/btag-P59113-PR23702-CM66445-TS192917/ Frame 27C6 253 B
905 B 890ms
793ms Script
text/html 193.169.206.226
OTR-A

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.betwaypartnersafrica.com/mediahandler/btag-P59113-PR23702-CM66445-TS192917/
Requested by: Host: media.aso1.net
URL: https://media.aso1.net/js/code.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.169.206.226 , United Kingdom, ASN36983 (OTR-A, ZA),
Reverse DNS: secure.betway.partners
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9eca7f1de5ce81ede32974df10bfc400e32ea011154482384112f94f7664e5a7

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 09:18:52 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html
Expires: Thu, 21 Jan 2021 10:18:51 GMT
Cache-Control: private
Transfer-Encoding: chunked
X-UA-Compatible: IE=edge

GET
H2 200 s.5.6.min.js Show response
wlbet9ja.eacdn.com/TrafficOpt/ Frame AF14 7 KB
3 KB 104ms
42ms Script
application/javascript 104.111.230.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wlbet9ja.eacdn.com/TrafficOpt/s.5.6.min.js?t=1
Requested by: Host: wlbet9ja.adsrv.eacdn.com
URL: https://wlbet9ja.adsrv.eacdn.com/S.ashx?btag=a_151963b_983c_&affid=8724&siteid=151963&adid=983&c=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.138 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f86bef16c190006cbf5b68c68ceab38d5360d9fd6b2c47010265bd023fd4e939

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 09:18:52 GMT
content-encoding: gzip
last-modified: Wed, 30 Mar 2016 16:08:31 GMT
server: nginx
etag: "56fbf9ff-1a7b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache
accept-ranges: bytes
content-length: 2874
expires: Thu, 21 Jan 2021 09:18:52 GMT

GET
H2 200 Ad_983.js Show response
wlbet9ja.eacdn.com/wlbet9ja/img/js/ Frame AF14 692 B
903 B 169ms
107ms Script
application/javascript 104.111.230.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wlbet9ja.eacdn.com/wlbet9ja/img/js/Ad_983.js?t=2021012110
Requested by: Host: wlbet9ja.adsrv.eacdn.com
URL: https://wlbet9ja.adsrv.eacdn.com/S.ashx?btag=a_151963b_983c_&affid=8724&siteid=151963&adid=983&c=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.138 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9d3e2c1baf48ca29f834e2527023f81958498faeabbc8a0ae2d0e2474f31cf1f

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 09:18:52 GMT
last-modified: Thu, 26 Nov 2020 21:00:08 GMT
server: nginx
etag: "5fc01758-2b4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 692
expires: Thu, 21 Jan 2021 09:18:52 GMT

GET
H2 200 s.5.6.min.js Show response
wlbet9ja.eacdn.com/TrafficOpt/ Frame 97E4 7 KB
3 KB 105ms
46ms Script
application/javascript 104.111.230.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wlbet9ja.eacdn.com/TrafficOpt/s.5.6.min.js?t=1
Requested by: Host: wlbet9ja.adsrv.eacdn.com
URL: https://wlbet9ja.adsrv.eacdn.com/S.ashx?btag=a_151963b_983c_&affid=8724&siteid=151963&adid=983&c=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.138 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f86bef16c190006cbf5b68c68ceab38d5360d9fd6b2c47010265bd023fd4e939

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 09:18:52 GMT
content-encoding: gzip
last-modified: Wed, 30 Mar 2016 16:08:31 GMT
server: nginx
etag: "56fbf9ff-1a7b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache
accept-ranges: bytes
content-length: 2874
expires: Thu, 21 Jan 2021 09:18:52 GMT

GET
H2 200 Ad_983.js Show response
wlbet9ja.eacdn.com/wlbet9ja/img/js/ Frame 97E4 692 B
903 B 186ms
127ms Script
application/javascript 104.111.230.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wlbet9ja.eacdn.com/wlbet9ja/img/js/Ad_983.js?t=2021012110
Requested by: Host: wlbet9ja.adsrv.eacdn.com
URL: https://wlbet9ja.adsrv.eacdn.com/S.ashx?btag=a_151963b_983c_&affid=8724&siteid=151963&adid=983&c=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.138 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9d3e2c1baf48ca29f834e2527023f81958498faeabbc8a0ae2d0e2474f31cf1f

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 09:18:52 GMT
last-modified: Thu, 26 Nov 2020 21:00:08 GMT
server: nginx
etag: "5fc01758-2b4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 692
expires: Thu, 21 Jan 2021 09:18:52 GMT

GET
H2 200 s.5.6.min.js Show response
wlbet9ja.eacdn.com/TrafficOpt/ Frame 867A 7 KB
3 KB 106ms
47ms Script
application/javascript 104.111.230.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wlbet9ja.eacdn.com/TrafficOpt/s.5.6.min.js?t=1
Requested by: Host: wlbet9ja.adsrv.eacdn.com
URL: https://wlbet9ja.adsrv.eacdn.com/S.ashx?btag=a_151963b_1002c_&affid=8724&siteid=151963&adid=1002&c=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.138 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f86bef16c190006cbf5b68c68ceab38d5360d9fd6b2c47010265bd023fd4e939

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 09:18:52 GMT
content-encoding: gzip
last-modified: Wed, 30 Mar 2016 16:08:31 GMT
server: nginx
etag: "56fbf9ff-1a7b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache
accept-ranges: bytes
content-length: 2874
expires: Thu, 21 Jan 2021 09:18:52 GMT

GET
H2 200 Ad_1002.js Show response
wlbet9ja.eacdn.com/wlbet9ja/img/js/ Frame 867A 722 B
932 B 186ms
128ms Script
application/javascript 104.111.230.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wlbet9ja.eacdn.com/wlbet9ja/img/js/Ad_1002.js?t=2021012110
Requested by: Host: wlbet9ja.adsrv.eacdn.com
URL: https://wlbet9ja.adsrv.eacdn.com/S.ashx?btag=a_151963b_1002c_&affid=8724&siteid=151963&adid=1002&c=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.138 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1d51fb29ce57e732bef4c2a92bc0fc74e4081c648c814f214985eae6314c49db

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 09:18:52 GMT
last-modified: Wed, 20 Jan 2021 12:08:50 GMT
server: nginx
etag: "60081d52-2d2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 722
expires: Thu, 21 Jan 2021 09:18:52 GMT

GET
H2 200 s.5.6.min.js Show response
wlbet9ja.eacdn.com/TrafficOpt/ Frame BC26 7 KB
3 KB 111ms
53ms Script
application/javascript 104.111.230.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wlbet9ja.eacdn.com/TrafficOpt/s.5.6.min.js?t=1
Requested by: Host: wlbet9ja.adsrv.eacdn.com
URL: https://wlbet9ja.adsrv.eacdn.com/S.ashx?btag=a_151963b_1001c_&affid=8724&siteid=151963&adid=1001&c=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.138 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f86bef16c190006cbf5b68c68ceab38d5360d9fd6b2c47010265bd023fd4e939

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 09:18:52 GMT
content-encoding: gzip
last-modified: Wed, 30 Mar 2016 16:08:31 GMT
server: nginx
etag: "56fbf9ff-1a7b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache
accept-ranges: bytes
content-length: 2874
expires: Thu, 21 Jan 2021 09:18:52 GMT

GET
H2 200 Ad_1001.js Show response
wlbet9ja.eacdn.com/wlbet9ja/img/js/ Frame BC26 723 B
934 B 127ms
70ms Script
application/javascript 104.111.230.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wlbet9ja.eacdn.com/wlbet9ja/img/js/Ad_1001.js?t=2021012110
Requested by: Host: wlbet9ja.adsrv.eacdn.com
URL: https://wlbet9ja.adsrv.eacdn.com/S.ashx?btag=a_151963b_1001c_&affid=8724&siteid=151963&adid=1001&c=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.138 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cca19f8f1f44567d478601dc7b90d1a3b56f9fcede31f49b9707acfedea7989c

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 09:18:52 GMT
last-modified: Wed, 20 Jan 2021 12:08:13 GMT
server: nginx
etag: "60081d2d-2d3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 723
expires: Thu, 21 Jan 2021 09:18:52 GMT

GET
H/1.1 200
OK Cookie set T.ashx
wlbet9ja.adsrv.eacdn.com/ Frame 1968 0
0 105ms
37ms Document
text/plain 91.92.196.190
SKRILL

General

Check archive.org

Show headers Download Go to

Full URL: https://wlbet9ja.adsrv.eacdn.com/T.ashx?btag=a_151963b_1001c_&affid=8724&siteid=151963&adid=1001&c=&t=637468175324830000&MediaID=2550&MediaIndex=0&XYZ=120%261%26188%26%26%26%260%260%26%26
Requested by: Host: wlbet9ja.eacdn.com
URL: https://wlbet9ja.eacdn.com/TrafficOpt/s.5.6.min.js?t=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.92.196.190 , United Kingdom, ASN49882 (SKRILL, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Host: wlbet9ja.adsrv.eacdn.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://9japayforum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CEK=a
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://9japayforum.com/

Response headers

Cache-Control: private
Server: Microsoft-IIS/10.0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
X-AspNet-Version: 4.0.30319
Set-Cookie: XYZ=120&1&188&&&&0&1&&50c2b8e6-1af6-4914-9ec7-3bbde1e34503&a_151963b_1001&&; expires=Wed, 21-Apr-2021 08:18:52 GMT; path=/; SameSite=None; Secure A_1001=a=1001&r=0&fv=20210121&lv=20210121091852&vc=1&fc=0&lc=0&cc=0; expires=Wed, 21-Apr-2021 08:18:52 GMT; path=/; SameSite=None; Secure CEK=a; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; SameSite=None; Secure
X-Powered-By: ASP.NET
Date: Thu, 21 Jan 2021 09:18:52 GMT
Connection: close
Content-Length: 0

GET
H2 200 ce9a0dd6-af99-4031-84f1-af4e514ddf30.jpg
wlbet9ja.eacdn.com/wlbet9ja/img/ Frame BC26 49 KB
50 KB 37ms
36ms Image
image/jpeg 104.111.230.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wlbet9ja.eacdn.com/wlbet9ja/img/ce9a0dd6-af99-4031-84f1-af4e514ddf30.jpg
Requested by: Host: 9japayforum.com
URL: https://9japayforum.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.138 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1d9e1e996cf0a776086b017411117923b4f328e5a59a9e7e8ae422734be8f64a

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 09:18:52 GMT
last-modified: Wed, 20 Jan 2021 12:06:12 GMT
server: nginx
etag: "60081cb4-c5d9"
content-type: image/jpeg
cache-control: max-age=0, no-cache
accept-ranges: bytes
content-length: 50649
expires: Thu, 21 Jan 2021 09:18:52 GMT

GET
H/1.1 200
OK Cookie set T.ashx
wlbet9ja.adsrv.eacdn.com/ Frame 5445 0
0 95ms
28ms Document
text/plain 91.92.196.190
SKRILL

General

Check archive.org

Show headers Download Go to

Full URL: https://wlbet9ja.adsrv.eacdn.com/T.ashx?btag=a_151963b_983c_&affid=8724&siteid=151963&adid=983&c=&t=637468175325190000&MediaID=2453&MediaIndex=0&XYZ=120%261%26188%26%26%26%260%260%26%26
Requested by: Host: wlbet9ja.eacdn.com
URL: https://wlbet9ja.eacdn.com/TrafficOpt/s.5.6.min.js?t=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.92.196.190 , United Kingdom, ASN49882 (SKRILL, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Host: wlbet9ja.adsrv.eacdn.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://9japayforum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CEK=a
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://9japayforum.com/

Response headers

Cache-Control: private
Server: Microsoft-IIS/10.0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
X-AspNet-Version: 4.0.30319
Set-Cookie: XYZ=120&1&188&&&&0&1&&3ce8cfe8-8823-4472-84f5-0cad1e237258&a_151963b_983&&; expires=Wed, 21-Apr-2021 08:18:52 GMT; path=/; SameSite=None; Secure A_983=a=983&r=0&fv=20210121&lv=20210121091852&vc=1&fc=0&lc=0&cc=0; expires=Wed, 21-Apr-2021 08:18:52 GMT; path=/; SameSite=None; Secure CEK=a; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; SameSite=None; Secure
X-Powered-By: ASP.NET
Date: Thu, 21 Jan 2021 09:18:52 GMT
Connection: close
Content-Length: 0

GET
H2 200 397ac7e3-ecfb-4381-a1e3-ee75a85ce706.gif
wlbet9ja.eacdn.com/wlbet9ja/img/ Frame AF14 39 KB
39 KB 35ms
35ms Image
image/gif 104.111.230.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wlbet9ja.eacdn.com/wlbet9ja/img/397ac7e3-ecfb-4381-a1e3-ee75a85ce706.gif
Requested by: Host: 9japayforum.com
URL: https://9japayforum.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.138 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: bd54862dd51cbaaf186e04f40f07b10caa5db43dfbb5a0be73a22830e6b9152b

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 09:18:52 GMT
last-modified: Wed, 04 Nov 2020 13:08:14 GMT
server: nginx
etag: "5fa2a7be-9cd3"
content-type: image/gif
cache-control: max-age=0, no-cache
accept-ranges: bytes
content-length: 40147
expires: Thu, 21 Jan 2021 09:18:52 GMT

GET
H2 200 397ac7e3-ecfb-4381-a1e3-ee75a85ce706.gif
wlbet9ja.eacdn.com/wlbet9ja/img/ Frame 97E4 39 KB
39 KB 22ms
22ms Image
image/gif 104.111.230.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wlbet9ja.eacdn.com/wlbet9ja/img/397ac7e3-ecfb-4381-a1e3-ee75a85ce706.gif
Requested by: Host: wlbet9ja.eacdn.com
URL: https://wlbet9ja.eacdn.com/TrafficOpt/s.5.6.min.js?t=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.138 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: bd54862dd51cbaaf186e04f40f07b10caa5db43dfbb5a0be73a22830e6b9152b

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 09:18:52 GMT
last-modified: Wed, 04 Nov 2020 13:08:14 GMT
server: nginx
etag: "5fa2a7be-9cd3"
content-type: image/gif
cache-control: max-age=0, no-cache
accept-ranges: bytes
content-length: 40147
expires: Thu, 21 Jan 2021 09:18:52 GMT

GET
H/1.1 200
OK Cookie set T.ashx
wlbet9ja.adsrv.eacdn.com/ Frame 1F9E 0
0 84ms
35ms Document
text/plain 91.92.196.190
SKRILL

General

Check archive.org

Show headers Download Go to

Full URL: https://wlbet9ja.adsrv.eacdn.com/T.ashx?btag=a_151963b_983c_&affid=8724&siteid=151963&adid=983&c=&t=637468175325400000&MediaID=2453&MediaIndex=0&XYZ=120%261%26188%26%26%26%260%260%26%26
Requested by: Host: wlbet9ja.eacdn.com
URL: https://wlbet9ja.eacdn.com/TrafficOpt/s.5.6.min.js?t=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.92.196.190 , United Kingdom, ASN49882 (SKRILL, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Host: wlbet9ja.adsrv.eacdn.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://9japayforum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CEK=a
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://9japayforum.com/

Response headers

Cache-Control: private
Server: Microsoft-IIS/10.0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
X-AspNet-Version: 4.0.30319
Set-Cookie: XYZ=120&1&188&&&&0&1&&e0e8b36d-6873-4140-978d-61ae36d8356e&a_151963b_983&&; expires=Wed, 21-Apr-2021 08:18:52 GMT; path=/; SameSite=None; Secure A_983=a=983&r=0&fv=20210121&lv=20210121091852&vc=1&fc=0&lc=0&cc=0; expires=Wed, 21-Apr-2021 08:18:52 GMT; path=/; SameSite=None; Secure CEK=a; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; SameSite=None; Secure
X-Powered-By: ASP.NET
Date: Thu, 21 Jan 2021 09:18:52 GMT
Connection: close
Content-Length: 0

GET
H/1.1 200
OK Cookie set T.ashx
wlbet9ja.adsrv.eacdn.com/ Frame 4898 0
0 104ms
35ms Document
text/plain 91.92.196.190
SKRILL

General

Check archive.org

Show headers Download Go to

Full URL: https://wlbet9ja.adsrv.eacdn.com/T.ashx?btag=a_151963b_1002c_&affid=8724&siteid=151963&adid=1002&c=&t=637468175325420000&MediaID=2522&MediaIndex=0&XYZ=120%261%26188%26%26%26%260%260%26%26
Requested by: Host: wlbet9ja.eacdn.com
URL: https://wlbet9ja.eacdn.com/TrafficOpt/s.5.6.min.js?t=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.92.196.190 , United Kingdom, ASN49882 (SKRILL, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Host: wlbet9ja.adsrv.eacdn.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://9japayforum.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CEK=a
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://9japayforum.com/

Response headers

Cache-Control: private
Server: Microsoft-IIS/10.0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
X-AspNet-Version: 4.0.30319
Set-Cookie: XYZ=120&1&188&&&&0&1&&45ba9da9-1000-4a47-92a2-bcb0b0aacf18&a_151963b_1002&&; expires=Wed, 21-Apr-2021 08:18:52 GMT; path=/; SameSite=None; Secure A_1002=a=1002&r=0&fv=20210121&lv=20210121091852&vc=1&fc=0&lc=0&cc=0; expires=Wed, 21-Apr-2021 08:18:52 GMT; path=/; SameSite=None; Secure CEK=a; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; SameSite=None; Secure
X-Powered-By: ASP.NET
Date: Thu, 21 Jan 2021 09:18:52 GMT
Connection: close
Content-Length: 0

GET
H2 200 61c9733f-7b43-45dd-9007-140ff6dffe7e.gif
wlbet9ja.eacdn.com/wlbet9ja/img/ Frame 867A 8 KB
8 KB 27ms
27ms Image
image/gif 104.111.230.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wlbet9ja.eacdn.com/wlbet9ja/img/61c9733f-7b43-45dd-9007-140ff6dffe7e.gif
Requested by: Host: 9japayforum.com
URL: https://9japayforum.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.138 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2fb2d6418d71d517395a84725df68d98e350b8cd8eb7395a1d72e1d37a497696

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 09:18:52 GMT
last-modified: Mon, 07 Dec 2020 16:21:39 GMT
server: nginx
etag: "5fce5693-208b"
content-type: image/gif
cache-control: max-age=0, no-cache
accept-ranges: bytes
content-length: 8331
expires: Thu, 21 Jan 2021 09:18:52 GMT

GET
H/1.1 200
OK /
secure.betwaypartnersafrica.com/imagehandler/33aec472-2d7c-4b40-ae3e-b40928753f12/ Frame 27C6 21 KB
21 KB 415ms
415ms Image
image/gif 193.169.206.226
OTR-A

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.betwaypartnersafrica.com/imagehandler/33aec472-2d7c-4b40-ae3e-b40928753f12/
Requested by: Host: 9japayforum.com
URL: https://9japayforum.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.169.206.226 , United Kingdom, ASN36983 (OTR-A, ZA),
Reverse DNS: secure.betway.partners
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 17980814861d6c724ef09f47d4c4c53ec134f40940061fb4307a32accefb8fd0

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 09:18:52 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Content-Length: 21043
X-UA-Compatible: IE=edge

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 48ms
47ms XHR
application/json 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210113&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

afb8f6d1bb6711148c3beb390ccf133006d2fccec42193f51d7c869e84317b45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jan 2021 09:18:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6791
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:18:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607463675096825"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6146
x-xss-protection: 0
expires: Thu, 21 Jan 2021 09:18:53 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame D274 0
0 33ms
20ms Document
text/html 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/220/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://9japayforum.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://9japayforum.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4868
date: Thu, 21 Jan 2021 08:54:32 GMT
expires: Fri, 21 Jan 2022 08:54:32 GMT
last-modified: Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1461
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
580 B 152ms
151ms Image
image/gif 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gda_r20210113&jk=1887569462994966&bg=!X1ylXB_NAAWtJAQVrTsAKQB2-DxalTF74zwJrc1Qx0eQWI1x33PNZWZOXojgX4kiMUuUxpTiPLSMAgAAADhSAAAADGgBBwoA82Zk9F6vwxcqenDPOICvLdBFQrs8Xgl7fpcmcsew1PGhlkd6tv0DBZnen5fT6y3bq1e_v1o3Px0hVPLm6Nx5qDuh5sg7hN0AHujw7ebwYwB7T8xGG9Lg4GIb1u6boCDb1ZOxQwSv7p8HyaOUbcnsia_HVDsXD3NjpnG9Q2-wpp-bxyL0b60dhHSO9yWidexUnT_1CXcuJqqCeHfEbn42MRdUpGrmTQUJxDoZD_Hi9Yc0E4rwkXUwpR4OSeam2OOoZpxKBdVaxMBFXmxVRbkw3ygrEcor9uaNYyzlEX5Wyv284zuOCZFZ0ZPwTPTD5qTZtwERR5kB4o8uLdgOUY-EQ1fM1mnXAXt0iHTuRzrpuM6trp6rr0nk0Tm-PLybkCTh43gkNfUT34w8E9JXtSpYIYPu7oGI8nhINXrSgRpCJ-PjtfGGd0K58ZP92h0Df4UjtdqQV8wuJP5hQD7HsVeKVJ3jkwCZdYwAG3VIU8Ju5Rm1_IZGugOOE1HLPIq7sRbI_8kz8aQp8q5Cxd93QvOia2mMU_EMYk0-Ldv6qD-QtwernYzIjzXbomQJf3cxPf3GxKQDdDAMl7xeN66PPdiK5iWDK62g4LDNEmPw5Nff3leMF5wY1jRr2Y-RWdABJJx7l-QRs0xa6_VGx-s_tYp8e6UeKVVgn18sPfy-ybC8S2F5RH3bKxZ0sky2PHp6fok-H9Y6HPfZ3_bfEHVL6i-X2aqOFtNYyLK40fTB4zDCzG8he9e1ECw28KiVCSyxIaDat61dRYjN3xNdMtUObp1NjdjretmUIAKez9NwaJ1gaofvWpSfQwCZd2Ual0VXr4qNKygYop_4f2k4KBs7vSR0XFceX-ifgQAM5bPVQJbqFXCVhs0XqywHsiMa9zdXKFJ43pUpA_SfJA9n-ZE6Lqz4OUeOJq3Z-9MTplAhrRw5r24JkcRaH1HJmCEb-P7UdlkEPqDu7fYlaU57

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9japayforum.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 09:18:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

164 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
wlbet9ja.adsrv.eacdn.com/	1970-01-19 17:43:13	Name: A_1002 Value: a=1002&r=0&fv=20210121&lv=20210121091852&vc=1&fc=0&lc=0&cc=0
wlbet9ja.adsrv.eacdn.com/	1970-01-19 17:43:13	Name: XYZ Value: 120&1&188&&&&0&1&&45ba9da9-1000-4a47-92a2-bcb0b0aacf18&a_151963b_1002&&
wlbet9ja.adsrv.eacdn.com/	1970-01-19 17:43:13	Name: A_983 Value: a=983&r=0&fv=20210121&lv=20210121091852&vc=1&fc=0&lc=0&cc=0
wlbet9ja.adsrv.eacdn.com/	1978-01-11 21:31:40	Name: CEK Value: a
wlbet9ja.adsrv.eacdn.com/	1970-01-19 17:43:13	Name: A_1001 Value: a=1001&r=0&fv=20210121&lv=20210121091852&vc=1&fc=0&lc=0&cc=0

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://c.adsco.re/(Line 14) Message:
console-api	log	URL: https://c.adsco.re/(Line 14) Message:
console-api	log	URL: https://9japayforum.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	error	URL: https://9japayforum.com/wp-content/themes/assets-1/js/main.js(Line 38) Message: TypeError: Cannot read property 'remove' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.adsco.re
6.adsco.re
9japayforum.com
adsco.re
adservice.google.com
adservice.google.de
blockadsnot.com
c.adsco.re
csynztnvxxxy.l.adsco.re
csynztnvxxxy.n.adsco.re
csynztnvxxxy.s.adsco.re
displayvertising.com
fonts.googleapis.com
forkaweso.me
googleads.g.doubleclick.net
media.aso1.net
niaiqhbt63bl.l.adsco.re
niaiqhbt63bl.n.adsco.re
niaiqhbt63bl.s.adsco.re
onmarshtompor.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.wp.com
secure.betwaypartnersafrica.com
srv.aso1.net
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
stats.wp.com
tpc.googlesyndication.com
track.aso1.net
wlbet9ja.adsrv.eacdn.com
wlbet9ja.eacdn.com
www.blockadsnot.com
www.displayvertising.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
zuphaims.com
104.111.230.138
104.21.234.154
139.45.195.27
139.45.195.94
142.250.74.194
162.0.209.101
162.252.214.5
185.199.110.153
185.200.116.90
185.200.118.90
192.0.76.3
193.169.206.226
2001:4de0:ac19::1:b:1a
208.95.112.254
216.59.56.9
2606:4700::6811:a6ba
2606:4700::6811:a7ba
2a00:1450:4001:802::2003
2a00:1450:4001:802::2004
2a00:1450:4001:802::200a
2a00:1450:4001:815::200e
2a00:1450:4001:818::2008
2a00:1450:4001:81b::2002
2a00:1450:4001:824::2002
2a00:1450:4001:825::2001
2a00:1450:400c:c08::9b
2a02:6ea0:c700::1
2a02:6ea0:c700::3
38.132.109.186
91.92.196.190
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
080da30aa445e67edb9fa3673bf91badd76a12ec0457d3d4d098bf48f62dc7cf
09048375605c2c8021cba2eeec7245ce4edcd4beb6b63a8d17795cfdcfc8491b
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
131a638276d530de6eeac45664891bd4eb4721381b348168011eb86e38f8eff3
17980814861d6c724ef09f47d4c4c53ec134f40940061fb4307a32accefb8fd0
1876f22ddac03b125dd65512fa652f5098300b4976e6a89b7d64428fa8853426
1d51fb29ce57e732bef4c2a92bc0fc74e4081c648c814f214985eae6314c49db
1d9e1e996cf0a776086b017411117923b4f328e5a59a9e7e8ae422734be8f64a
21cd68319342807431fb3e0261bdc3e070158c7e91d9a24b58b372c03cf237c6
24484da7e3b6e24d7f511fb83ace7849eb54ffaba0050b03bb097272478de5a0
26c81daf5459fc378ff520b4bc202e58e5ecdeef94f9e94a54a7be5a54d807f8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d480c2a4d2e60877173c55dbb75e2230e0f9fc369b5aad3a3cd4b29801ea734
2f13932bc8ded5f03ef9230a04bd4d5579b79e3ed3fee39d29d42c214c346add
2fb2d6418d71d517395a84725df68d98e350b8cd8eb7395a1d72e1d37a497696
355825e10957fbfb2dbfdd6da37bf99a808007d665f19ea544040ac5050b85fa
3685c3818240f5f390073c7d04f944a5cb5d848093224f3a7888034e8c050eb4
3d34fd07448eaf55a792228adf2e63d411a1ab22d21563717d81fce843cc40b4
41cfd6651174bcf108f11c2c7eab5bdab5709461f5a73191366994168b83835f
4b9e91c168b1ee3370c495b1bae8a8d24de4ff8ebc2eb41868986e89350d0428
52416ee5eb58f94aa08f3fcbb9ca1655f8791f6e710be575d2bdd868660c8fb4
57595e352f7fb9741b010ff3632b4911c1232c8cd908f35a122cf1be213d43f6
5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981
5ed767116f129db10ccc72415853371ae40badbc870941b5630081268d42e3d1
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
61bef528f51b67951802ce74eedb99dda7b476671a1cacef80c4a8fe0a5633ec
66d26b076d1f85c36e90b135645a87caf852bbc3bd9051d9f71427b8cf96472b
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
7444d2aaa73be33c9f16f41b46592d3e1d4b60b87ec35981782582f9e1b94862
7772a9cc35fc902c0cccb8871670ec3e45e4695e1bc6941aee1c24db3de8c544
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7f484d50f9789c64144eafa192077fdde1968b8010fa826ce74c4c50d17656e7
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
914cb6fe13efdf97379c1a2910d677144821201ff3f41b67a5a6ddb367e1a27b
91cb3ee6bfa57aedea2c726431d5db1b9521a4983b752ab253bd1faa50ee96b5
971583f394afc5b1c43dc8c01722e24bf64cd4b940ec52cb37d58ac826cbdaa2
9d3e2c1baf48ca29f834e2527023f81958498faeabbc8a0ae2d0e2474f31cf1f
9eca7f1de5ce81ede32974df10bfc400e32ea011154482384112f94f7664e5a7
a17dbd7c9448b529e758228ce60788a723429fe3e8878823b881d510f4c09ed6
a8a412a4899b6b9dc849c0f13b043c2e9db7351988455f08d879f14487806767
aa05940f23849102869e498221fe5c626fabf0799b2128378cda800b5a412036
afb8f6d1bb6711148c3beb390ccf133006d2fccec42193f51d7c869e84317b45
b4a4bc9bcb9b4687ab0d2439605e8c84fb9bdb3c08813c308a4bc99b8cf3fbec
baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5
bd54862dd51cbaaf186e04f40f07b10caa5db43dfbb5a0be73a22830e6b9152b
c57d4000485990fe74ebbfb71bc5d89dc0b41ce839d48476f188c0e8218150e6
c685db1a28aa02aa1b43f51d4a85e823a140760be641d58559ee796a3739ff2b
c79f45aa72da8267dd5abcffe78bfd8fbc9add544bbccf6db01d5b6f54e1c7d8
ca6d918a31b34a988863101c7d29eb2801012363a1eadc959019e86dcb571d5f
cca19f8f1f44567d478601dc7b90d1a3b56f9fcede31f49b9707acfedea7989c
cf0ef74df0047300619cd59bf24a374946c4bb1127f43ea44017d8327aebb4a7
cf44440b5a5d9f372b338ca5859fa02f7a8997b19bfe709fff0bd40a6d6f7f79
d2d9f7b4cdfab62137c57352c9687733f5fa9de2c3ab438fda2cd5b51d3d82f5
dc5b73ad1844c1c4df30f332691248d8fe7ed2b9b8baf8939ec0712070b1aadb
dd0af4bb05041e2e3a18f5a5ea6c65de5b28dc8c0b20af78137263c5f5e38f2a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e249d9018f738d7454578572055023e718d5fb3cd1388db9a985bb8ca938a1ae
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa168aea8792f95139e4ad98344b89fd16f6a0f2444aac33a33121db774281e
f0acf3c46e97d555ae8528d099af2d8a1b4e80ff7b9a89498c9996fc6c84d1f4
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f568460550838cc1cf8b3f5a4c880ac153048ec4555db6e01d10f15b87a79005
f86bef16c190006cbf5b68c68ceab38d5360d9fd6b2c47010265bd023fd4e939

9japayforum.com Open in urlscan Pro 162.0.209.101 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

102 Requests

100 %HTTPS

47 %IPv6

21 Domains

40 Subdomains

30 IPs

8 Countries

1674 kBTransfer

3028 kBSize

5 Cookies

2 Outgoing links

Page URL History

Redirected requests

102 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

9japayforum.com Open in urlscan Pro
162.0.209.101 Public Scan

Screenshot
Live screenshot

Full Image

102
Requests

100 %
HTTPS

47 %
IPv6

21
Domains

40
Subdomains

30
IPs

8
Countries

1674 kB
Transfer

3028 kB
Size

5
Cookies

102 HTTP transactions
0 data transactions