urlscan.io logo urlscan.io
SecurityTrails logo

www.myjoyonline.com Open in urlscan Pro
104.196.130.246  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Submission: On January 23 via api from IE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 74 IPs in 9 countries across 59 domains to perform 457 HTTP transactions. The main IP is 104.196.130.246, located in North Charleston, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.myjoyonline.com. The Cisco Umbrella rank of the primary domain is 242495.
TLS certificate: Issued by R3 on December 14th 2022. Valid for: 3 months.
This is the only time www.myjoyonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 104.196.130.246 396982 (GOOGLE-CL...)
4 2606:4700:e2:... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
29 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:21c... 16509 (AMAZON-02)
2 18.66.122.52 16509 (AMAZON-02)
6 23.203.125.62 16625 (AKAMAI-AS)
3 54.192.85.4 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
1 52.222.139.127 16509 (AMAZON-02)
7 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a04:4e42:400... 54113 (FASTLY)
4 35.190.38.143 15169 (GOOGLE)
1 34.232.231.107 14618 (AMAZON-AES)
1 23.203.125.156 16625 (AKAMAI-AS)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:21c... 16509 (AMAZON-02)
6 13.32.99.41 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
1 2600:9000:214... 16509 (AMAZON-02)
2 2600:1f18:e8a... 14618 (AMAZON-AES)
1 162.19.138.118 16276 (OVH)
1 2001:41d0:701... 16276 (OVH)
4 70.42.32.159 13789 (INTERNAP-...)
2 146.75.118.132 54113 (FASTLY)
1 99.86.3.236 16509 (AMAZON-02)
12 2a00:1450:400... 15169 (GOOGLE)
5 18.66.14.48 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 162.19.138.82 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
4 65.9.66.8 16509 (AMAZON-02)
1 108.138.17.10 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 52.222.139.7 16509 (AMAZON-02)
1 2600:9000:230... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
12 2a02:2638::3 44788 (ASN-CRITE...)
1 34.102.146.192 396982 (GOOGLE-CL...)
3 52.222.139.93 16509 (AMAZON-02)
1 2a02:2638::2 44788 (ASN-CRITE...)
1 2a02:2638:1::4 44788 (ASN-CRITE...)
100 2a00:1450:400... 15169 (GOOGLE)
20 2a00:1450:400... 15169 (GOOGLE)
2 35.190.39.111 15169 (GOOGLE)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
1 176.34.217.189 16509 (AMAZON-02)
1 2a02:2638:1::1a 44788 (ASN-CRITE...)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
1 178.250.2.146 44788 (ASN-CRITE...)
1 178.250.2.148 44788 (ASN-CRITE...)
1 85.14.248.72 24961 (MYLOC-AS ...)
3 2a02:2638:1::8 44788 (ASN-CRITE...)
1 2a02:2638::21 44788 (ASN-CRITE...)
1 34.98.64.218 396982 (GOOGLE-CL...)
5 10 142.250.180.198 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
6 22 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
29 2a00:1450:400... 15169 (GOOGLE)
49 2a00:1450:400... 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 151.101.130.49 54113 (FASTLY)
19 142.250.185.130 15169 (GOOGLE)
1 1 35.186.193.173 15169 (GOOGLE)
2 2 185.64.190.78 62713 (AS-PUBMATIC)
1 1 69.173.144.138 26667 (RUBICONPR...)
1 1 51.89.9.254 16276 (OVH)
3 3 213.19.147.44 3356 (LEVEL3)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
6 6 3.67.59.246 16509 (AMAZON-02)
1 35.186.253.211 15169 (GOOGLE)
1 1 52.30.8.210 16509 (AMAZON-02)
2 2 63.33.255.124 16509 (AMAZON-02)
1 1 104.111.216.21 16625 (AKAMAI-AS)
1 2620:116:800d... 16509 (AMAZON-02)
2 2 3.126.58.16 16509 (AMAZON-02)
1 1 34.91.62.186 396982 (GOOGLE-CL...)
1 35.71.131.137 16509 (AMAZON-02)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 2 3.74.180.196 16509 (AMAZON-02)
2 2 213.155.156.167 1299 (TWELVE99 ...)
457 74
12    104.196.130.246 (North Charleston, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 246.130.196.104.bc.googleusercontent.com
www.myjoyonline.com
4    2606:4700:e2::ac40:850f (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
5    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:400d:808::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
29    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2600:9000:21c7:2800:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
2    18.66.122.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-52.fra60.r.cloudfront.net
tags.remixd.com
6    23.203.125.62 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-62.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
3    54.192.85.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-85-4.ams50.r.cloudfront.net
c.amazon-adsystem.com
9    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    52.222.139.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-127.ams50.r.cloudfront.net
w.soundcloud.com
7    2606:4700:10::6816:3ca8 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.vuukle.com
api.vuukle.com
1    2a04:4e42:400::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
4    35.190.38.143 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 143.38.190.35.bc.googleusercontent.com
pubcast-files.remixd.com
player-files.remixd.com
1    34.232.231.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-231-107.compute-1.amazonaws.com
ping.chartbeat.net
1    23.203.125.156 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-156.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
2    2606:4700:10::ac43:1695 (United States)

ASN13335 (CLOUDFLARENET, US)
vuukle.com
publish.vuukle.com
2    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2600:9000:21c7:1000:1a:ba5c:3900:93a1 (United States)

ASN16509 (AMAZON-02, US)
rock.defybrick.com
6    13.32.99.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-41.fra60.r.cloudfront.net
widget.sndcdn.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:214f:6e00:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.jwplayer.com
2    2600:1f18:e8a:cd04:9b88:a313:d24d:af44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
flint.defybrick.com
1    162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    2001:41d0:701:1000::96f (France)

ASN16276 (OVH, FR)
lbs.eu-1-id5-sync.com
4    70.42.32.159 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
log.outbrainimg.com
mcdp-nydc1.outbrain.com
2    146.75.118.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
odb.outbrain.com
mv.outbrain.com
1    99.86.3.236 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-236.fra6.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
12    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
5    18.66.14.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-14-48.vie50.r.cloudfront.net
api-widget.soundcloud.com
2    2606:4700::6812:106b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
id.a-mx.com
2    162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
id5-sync.com
2    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
6    2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.com
9    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
4    65.9.66.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-8.fra56.r.cloudfront.net
i1.sndcdn.com
1    108.138.17.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-10.fra56.r.cloudfront.net
wave.sndcdn.com
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    52.222.139.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-7.ams50.r.cloudfront.net
tags.crwdcntrl.net
1    2600:9000:2304:e000:a:e047:752:5701 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
12    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
3    52.222.139.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-93.ams50.r.cloudfront.net
cf-hls-media.sndcdn.com
1    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
1    2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
100    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
20    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
partner.googleadservices.com
2    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
1    176.34.217.189 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-217-189.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    2a02:2638:1::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
1    85.14.248.72 (Kamp-Lintfort, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
3    2a02:2638:1::8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
pix.eu.criteo.net
1    2a02:2638::21 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
10    142.250.180.198 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f6.1e100.net
ad.doubleclick.net
10    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
22    2a00:1450:400d:807::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
6    2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
29    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
49    2a00:1450:400d:804::2002 (Ireland)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
19    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
3    213.19.147.44 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
6    3.67.59.246 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-59-246.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    52.30.8.210 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-8-210.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
2    63.33.255.124 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-255-124.eu-west-1.compute.amazonaws.com
match.360yield.com
1    104.111.216.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-216-21.deploy.static.akamaitechnologies.com
cs.media.net
1    2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    3.126.58.16 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-58-16.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
1    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    3.74.180.196 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-74-180-196.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
2    213.155.156.167 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-167.teliacarrier-cust.com
d5p.de17a.com
Apex Domain
Subdomains		 Transfer
158 googlesyndication.com
bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 156
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 Failed
2 MB
83 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
ad.doubleclick.net — Cisco Umbrella Rank: 192
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 216
520 KB
40 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1939
adservice.google.com — Cisco Umbrella Rank: 70
www.google.com — Cisco Umbrella Rank: 2
55 KB
17 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
807 KB
16 criteo.net
static.criteo.net — Cisco Umbrella Rank: 637
pix.eu.criteo.net — Cisco Umbrella Rank: 7928
csm.eu.criteo.net — Cisco Umbrella Rank: 7994
108 KB
14 sndcdn.com
widget.sndcdn.com — Cisco Umbrella Rank: 35476
i1.sndcdn.com — Cisco Umbrella Rank: 10198
wave.sndcdn.com — Cisco Umbrella Rank: 17960
cf-hls-media.sndcdn.com — Cisco Umbrella Rank: 20242
578 KB
12 myjoyonline.com
www.myjoyonline.com — Cisco Umbrella Rank: 242495
269 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 387
218 KB
10 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1273
widget-pixels.outbrain.com — Cisco Umbrella Rank: 3118
odb.outbrain.com — Cisco Umbrella Rank: 1473
mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 5618
mv.outbrain.com — Cisco Umbrella Rank: 2746
124 KB
9 vuukle.com
cdn.vuukle.com — Cisco Umbrella Rank: 16282
vuukle.com — Cisco Umbrella Rank: 5652
api.vuukle.com — Cisco Umbrella Rank: 29823
publish.vuukle.com — Cisco Umbrella Rank: 19325
281 KB
9 gstatic.com
fonts.gstatic.com
164 KB
7 criteo.com
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14074
ads.eu.criteo.com — Cisco Umbrella Rank: 7924
bidder.criteo.com — Cisco Umbrella Rank: 698
gum.criteo.com — Cisco Umbrella Rank: 385
mug.criteo.com — Cisco Umbrella Rank: 2848
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9895
56 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 276
3 KB
6 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 280
259 KB
6 google.de
adservice.google.de — Cisco Umbrella Rank: 8470
1 KB
6 soundcloud.com
w.soundcloud.com — Cisco Umbrella Rank: 16551
api-widget.soundcloud.com — Cisco Umbrella Rank: 32019
8 KB
6 remixd.com
tags.remixd.com — Cisco Umbrella Rank: 19049
pubcast-files.remixd.com — Cisco Umbrella Rank: 19847
player-files.remixd.com — Cisco Umbrella Rank: 20789
49 KB
5 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2439
www.google-analytics.com — Cisco Umbrella Rank: 22
21 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
4 KB
4 openx.net
oajs.openx.net — Cisco Umbrella Rank: 2596
google-bidout-d.openx.net — Cisco Umbrella Rank: 2546
rtb.openx.net — Cisco Umbrella Rank: 1592
1 KB
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 938
id5-sync.com — Cisco Umbrella Rank: 393
35 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 293
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 492
49 KB
4 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 846
178 KB
3 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 813
922 B
3 defybrick.com
rock.defybrick.com — Cisco Umbrella Rank: 10023
flint.defybrick.com — Cisco Umbrella Rank: 9627
20 KB
3 outbrainimg.com
tcheck.outbrainimg.com — Cisco Umbrella Rank: 8964
log.outbrainimg.com — Cisco Umbrella Rank: 2382
1 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1447
mab.chartbeat.com — Cisco Umbrella Rank: 2199
25 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4845
653 B
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 3807
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 689
2 KB
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2206
796 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 521
2 KB
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 702
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 728
s.tribalfusion.com — Cisco Umbrella Rank: 1773
1 KB
2 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 6206
379 B
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1039
bcp.crwdcntrl.net — Cisco Umbrella Rank: 904
10 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1365
93 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1057
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1305
640 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 41
119 KB
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1442
587 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 301
265 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 788
714 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 636
464 B
1 media.net
cs.media.net — Cisco Umbrella Rank: 1323
1 KB
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 625
470 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2725
104 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 954
577 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 691
338 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 306
464 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 31333
610 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 554
546 B
1 exactag.com
m.exactag.com — Cisco Umbrella Rank: 10884
1 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2762
8 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 357
1 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2788
2 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 5447
2 KB
1 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 3255
634 B
1 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 2561
42 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1202
201 B
457 59
Domain Requested by
100 tpc.googlesyndication.com bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
www.myjoyonline.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
49 pagead2.googlesyndication.com www.googletagservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
www.myjoyonline.com
googleads.g.doubleclick.net
29 securepubads.g.doubleclick.net www.myjoyonline.com
cdn.vuukle.com
securepubads.g.doubleclick.net
www.googletagservices.com
bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
25 googleads.g.doubleclick.net bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
22 www.google.com 6 redirects www.myjoyonline.com
bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
tpc.googlesyndication.com
19 cm.g.doubleclick.net www.myjoyonline.com
googleads.g.doubleclick.net
17 www.googletagservices.com bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
12 static.criteo.net securepubads.g.doubleclick.net
ads.eu.criteo.com
static.criteo.net
12 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
www.myjoyonline.com
12 www.myjoyonline.com www.myjoyonline.com
10 cdn.ampproject.org securepubads.g.doubleclick.net
10 ad.doubleclick.net 5 redirects bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
9 bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
9 fonts.gstatic.com fonts.googleapis.com
6 x.bidswitch.net 6 redirects
6 s0.2mdn.net tpc.googlesyndication.com
6 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
6 adservice.google.de securepubads.g.doubleclick.net
pagead2.googlesyndication.com
6 widget.sndcdn.com w.soundcloud.com
widget.sndcdn.com
www.myjoyonline.com
6 cdn.vuukle.com www.myjoyonline.com
cdn.vuukle.com
5 api-widget.soundcloud.com widget.sndcdn.com
5 widgets.outbrain.com www.myjoyonline.com
widgets.outbrain.com
5 fonts.googleapis.com www.myjoyonline.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 i1.sndcdn.com www.myjoyonline.com
widget.sndcdn.com
4 use.fontawesome.com www.myjoyonline.com
use.fontawesome.com
3 partner.googleadservices.com pagead2.googlesyndication.com
3 pix.eu.criteo.net ads.eu.criteo.com
3 cf-hls-media.sndcdn.com widget.sndcdn.com
3 player-files.remixd.com www.myjoyonline.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.myjoyonline.com
3 c.amazon-adsystem.com www.myjoyonline.com
c.amazon-adsystem.com
2 d5p.de17a.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 pm.w55c.net 2 redirects
2 match.360yield.com 2 redirects
2 sync.1rx.io 2 redirects
2 image6.pubmatic.com 2 redirects
2 gum.criteo.com 1 redirects static.criteo.net
2 oajs.openx.net 1 redirects www.myjoyonline.com
2 esp.rtbhouse.com invstatic101.creativecdn.com
2 mcdp-nydc1.outbrain.com widgets.outbrain.com
2 id5-sync.com cdn.id5-sync.com
2 cdn.confiant-integrations.net cdn.vuukle.com
cdn.confiant-integrations.net
2 log.outbrainimg.com widgets.outbrain.com
2 flint.defybrick.com rock.defybrick.com
www.myjoyonline.com
2 region1.google-analytics.com www.googletagmanager.com
2 cdn.id5-sync.com www.myjoyonline.com
securepubads.g.doubleclick.net
2 tags.remixd.com www.myjoyonline.com
tags.remixd.com
2 static.chartbeat.com www.myjoyonline.com
2 www.googletagmanager.com www.myjoyonline.com
1 dsp.adfarm1.adition.com 1 redirects
1 match.adsrvr.org googleads.g.doubleclick.net
1 um.simpli.fi 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 cs.media.net 1 redirects
1 ads.yieldmo.com 1 redirects
1 rtb.openx.net googleads.g.doubleclick.net
1 dclk-match.dotomi.com googleads.g.doubleclick.net
1 sync.targeting.unrulymedia.com 1 redirects
1 onetag-sys.com 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 s.tribalfusion.com www.myjoyonline.com
1 a.tribalfusion.com 1 redirects
1 google-bidout-d.openx.net oa.openxcdn.net
1 csm.eu.criteo.net ads.eu.criteo.com
1 m.exactag.com ads.eu.criteo.com
1 cat.nl.eu.criteo.com ads.eu.criteo.com
1 mug.criteo.com www.myjoyonline.com
1 bidder.criteo.com static.criteo.net
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 ads.eu.criteo.com bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
1 rtb.fr.eu.criteo.com www.myjoyonline.com
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 wave.sndcdn.com widget.sndcdn.com
1 mv.outbrain.com widgets.outbrain.com
1 id.a-mx.com cdn.vuukle.com
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 odb.outbrain.com widgets.outbrain.com
1 lbs.eu-1-id5-sync.com cdn.id5-sync.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 cdn.jwplayer.com tags.remixd.com
1 publish.vuukle.com cdn.vuukle.com
1 rock.defybrick.com widgets.outbrain.com
1 api.vuukle.com cdn.vuukle.com
1 vuukle.com cdn.vuukle.com
1 widget-pixels.outbrain.com www.myjoyonline.com
1 tcheck.outbrainimg.com widgets.outbrain.com
1 ping.chartbeat.net www.myjoyonline.com
1 pubcast-files.remixd.com tags.remixd.com
1 mab.chartbeat.com static.chartbeat.com
1 w.soundcloud.com www.myjoyonline.com
457 97
Subject Issuer Validity Valid
myjoyonline.com
R3		 2022-12-14 -
2023-03-14		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
*.remixd.com
Amazon		 2022-03-11 -
2023-04-09		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.soundcloud.com
GlobalSign GCC R3 DV TLS CA 2020		 2022-01-18 -
2023-02-19		 a year crt.sh
pubcast-files.remixd.com
GTS CA 1D4		 2022-12-01 -
2023-03-01		 3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
*.outbrainimg.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
rock.defybrick.com
Amazon		 2022-05-09 -
2023-06-07		 a year crt.sh
*.sndcdn.com
GlobalSign GCC R3 DV TLS CA 2020		 2022-01-17 -
2023-02-18		 a year crt.sh
jwplayer.com
Amazon		 2022-11-27 -
2023-12-25		 a year crt.sh
*.defybrick.com
ZeroSSL ECC Domain Secure Site CA		 2023-01-16 -
2023-04-16		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
player-files.remixd.com
GTS CA 1D4		 2022-12-10 -
2023-03-10		 3 months crt.sh
*.confiant-integrations.net
E1		 2022-11-24 -
2023-02-22		 3 months crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2022-12-30 -
2023-03-30		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
cdn.prod.uidapi.com
R3		 2022-11-29 -
2023-02-27		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-13 -
2023-04-15		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2022-12-02 -
2023-03-02		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-07 -
2023-03-12		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-22 -
2023-03-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-01-21 -
2023-04-21		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-04 -
2023-03-31		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-19 -
2023-03-24		 3 months crt.sh
*.exactag.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-19 -
2023-09-15		 a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-13 -
2023-04-17		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh

This page contains 61 frames:

Primary Page: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Frame ID: 40FA7B82B4D73F1259E230951F3037CC
Requests: 112 HTTP requests in this frame

Frame: https://w.soundcloud.com/player/?url=https%3A//api.soundcloud.com/tracks/1428807427&color=%23ff5500&auto_play=false&hide_related=false&show_comments=true&show_user=true&show_reposts=false&show_teaser=true&visual=true
Frame ID: BC9F45EAA5EBCCE57BB35310C50B5437
Requests: 21 HTTP requests in this frame

Frame: https://cdn.vuukle.com/widgets/sharebar.html?version=2.17.9
Frame ID: 7A46801DA0060818DFBF2CBC68DEBDF4
Requests: 1 HTTP requests in this frame

Frame: https://cdn.jwplayer.com/libraries/FUtg69tL.js
Frame ID: 341A79A13488CE8FB583FB0523AB8D2A
Requests: 7 HTTP requests in this frame

Frame: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8D7B924D326F8DA72F232853AADEED66
Requests: 1 HTTP requests in this frame

Frame: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 626A3277A7F6EE632D0B836F7A19386F
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y85xLwAF6B8K1cDVAAWESV38RGSqtJvz0hTmhw&u=%7C%2B1r8AbcyCU%2Fyrrp2EGfX3EzB7NiWIiQynRgh0K6LNt4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wc5uWn_xvlGGaP1kpXQJHZYp1FrZqLzuHSzWkkvyaZkcwSbSVGTHLF90HikB_XExokQwtpVRF14-sJBO_BPv_WI4svRyDV8WZgRTPmVPNwsNEa8osjErTwFkNdHUO4jUiXb25aKJIm46C3a0hPYQ2L2-pAbGoJr2vZXdaW1iVAkNtpWE7MgQmRC5BREJIyCZycQEC81TJWeV3D7-XgcnTC4t-7CkQZ_kPuZ1Tfxj21s0-xJvNMU1ddpgS1IADpwfbmKo8Kc4ALltgzaphYmZd6Ywvuew3M69R-yx4wFj7gf-GfzvPbJzUV6bi4nNai-tnccMBvR0YCFjli2gcluJwgy0HZu7xkMVztslI31HcCrNDOjJdY8Fhvpuu9fDmLZjrdaeruN86Hq7mKz1NBaPQFwIlfNP9ISwrFwxnBIBAVChITEbyApbh5wZjbA51mAu0sPKxIs5tlZQ33cKs4fQ5YuSJRn03Jtsrqs35zy2nIgVa0_CdlmXA4_AeLw1nTmh0sdxPmdscivsTkc5X9WJ6yC0EXx8Cn4ZffraWml5FX9XZJN-O3f7_C2_Q7MErbX7I0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCc2ZL3HOY5_QF9WB1wbJiJaQBcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzQ5NDUyMDQ2ODc4ODU4OcgBCakCh0FETJ02sj7gAgCoAwGqBKECT9CDQEA2F6CiS03fcuNjWv-M13n9MeKbgihU4tsjy1NesE6rVgPV69LhybeRgDWTVBdLQ32oYKmvAgBK7un---YpnHJB2ElDKsf6MkewZwVQTe83XaBbg3_Wnc3kK6Skd7eOrmAn0dxftWu16g7j8fnfdGyJYpDHiLr5gwr91CIXg0_dogv9zpYSYZ5MR8XbUJ8UwMXYTRcTdJ6UbjMyyGEkEWbW3R8aoG-qYEDacq0k5nyROnid8KDtDLOrMhDGglWZkeZwZzDnywlJ8_uP4ffyPiZ7ZqoqO9rCNmCAOF-YKlyoJotOh43G0HqDAFTXF8yd8dS0X7K6MjF8FCl5nhYalMe7b88jlAO-kgSle2-C97ZG3QX1TgCEh6_hW5GQE-AEAYAGoI2n_vjxze0NoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPIIG2FkeC1zdWJzeW4tOTcxMzQ0MDg1Njk3OTM4OfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2DJr1FQmT2UqiRHB0qqYtJGipskw%26client%3Dca-pub-3494520468788589%26adurl%3D
Frame ID: 54064F8C58FEE3492A3E3D35ED0894DE
Requests: 18 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.myjoyonline.com
Frame ID: DC1B781404EF214CD43FE6A377D5798E
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 054148E7C39E573151FC90051356A4C2
Requests: 1 HTTP requests in this frame

Frame: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A6761B55FFC176151116AD9A6BDE2C60
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10271607261087679227/index.html
Frame ID: D2A3F9F011C9F060F61DC0597B2C5301
Requests: 23 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012301041800000/amp4ads-v0.mjs
Frame ID: 3B6B2F4A072DE76EEC160E9EA6AAF304
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 578B2BB8B6701B6A5626C0E267C49489
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvmw-maChbmzNJZ_rKKXn7JlMOJmiaybz_nJeuK94IOWk-qhLUZJfM6mM_TeccSFr_EmHOWG9uVEaptAiSU3KoE7HIe8qd_Hvefaw97WFJTE_uHkaASnfqi0wzPjya2OljfhTNpIzrvJD6jZcNnZ--vQJ5X-PyTSKvUNRLr-ExBkavfBl_vJt-cPknqejfkQ3GZXOUmyiL-Rk0S1VqZT2lgnKZ6VZRukf74BnqBcQQFRofZH-Oj447Crc96T-pWPhkizBRXo_LVTFG19SPo_4exxaA38ygV-81zSj4jljTMcGFfxSJSCxm4jXbEZlwyjV0lUup5Q1C6WznqpfxArt-87GA7XoyXPcIs0w0F51s&sai=AMfl-YRBtqky5-G_DVJjq3j_mhMPuvkXj8J9PkI0qtX0Eyz0cl5PDiGhI3-HfRmItvDMUJ-dcreRTIs3jJn2q84k33Y5fqPzU8PFHGO7msirjzsjLTaQZ49nmI5nR-MX317J&sig=Cg0ArKJSzELf6A8sd5QeEAE&uach_m=[UACH]&adurl=
Frame ID: 6959041ED48B1B3EA75FD85F917A5FC7
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssA-jM8GdePjx1I2WS2yxymdpFYuXPqBIK9DKA9b7_xkGgEbxlI1q2CVfEa5AmlvsziBgEi0wN2XRwR85PSg6aH_YUHEnmnQB4lObIUdbNtTgAIEWIWXPScq27XWankE310-s_mRAnZVGzqmNxyq_IoWfXuKo7QoFUv7pA2D-qfCcw_nyEZrP5HhL3yePKIScmrsSR3AQzWy_yrNb5Htj2qqrjrKIsvmEjqaRwo2lVBuL1tLVFIA3hFctl1mkDrROkyYTCwpQ4STgWTnQrNKw9qyI0RHcROUstvv2GyFQQPJxHs92zf7lnm1ElD-uhjxpnFdNuTreA7ZNP7mYYTgsUhk2t-o-I2W8G9apCfm1M0EmD0&sai=AMfl-YS07M0D_ryqRfzxZYFyFRfrbf_vAqV85Tdwopg5zmlnSTeozriM-6uTJEkXYd3gUi-am4edUns36fOFszg62O7hq355myyNiu1WGvrGGpAv2Ls8OiaDBJf8eoAOZbZp&sig=Cg0ArKJSzDj2jDHeOkPrEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 2B6842A296053D7F6D893E1AB7DF57E3
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv7SOocv_gAG-s0rca3xEothVu7LTzyPNaa3nOP63DzWeartQRHSSTYDE2fm_24d6-SrclnmCWLR-M6ackFcdt4vUutsLp9T4CedkgUBZMTfF1-Qa-85XNHRWZz1WMn1ioqTGWfLGqm6HFh4ZKho1AeVdgbF6h22z-H4UR0FTLQIk92NtAGNYVLutmClp_lLD2vUlam2cPtRzTmBP-ikNvwbq4OydcvjucWT5HQVejK4tLSxiXq-0ltF86pr4Sa7ulBiXFrt0PbE7XhUAATq7iuDUoAJEUDIt7GStG0vOJxq_P4F6syxAt3d-1IBEG_O3_lcxCVkCHkwopNB--naAI0mi6mn3VjMY7myLRuSivCSwhD&sai=AMfl-YTGfiM5c7saLxLw9o2vIMwPE6_2bP08vVOWemf-v9CvSVyhlMEdP7Iy5bYTOINhFxV-A-0DFFrm8ui6ew0yJCO4SQLIPV6FEG_F7c16Q-fDtLKtbivUJLh4k5aFiKo3&sig=Cg0ArKJSzENchKEzf4T_EAE&uach_m=[UACH]&adurl=
Frame ID: 95CE24CF0DDF120196839D3F1067BB64
Requests: 9 HTTP requests in this frame

Frame: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F4794FDFCD67EFFE3B11D97CBF3E3696
Requests: 9 HTTP requests in this frame

Frame: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 29E8552E76127F757D0DB5DB5B406F80
Requests: 9 HTTP requests in this frame

Frame: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4410E38B041CB270D5442EBBDF4D65CB
Requests: 9 HTTP requests in this frame

Frame: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 892060579856373FBB1870ADEE3AFB08
Requests: 9 HTTP requests in this frame

Frame: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A5515E930CAFE8155E83DBCF62EFA796
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012301041800000/amp4ads-v0.mjs
Frame ID: 1F19F6DDF0E3DD064C46745BE5FC8344
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssk_eW--x-KHZ75RkQwIsFhJ1W3pxHEBFo-qafqfmxnnAut4R0XdJjDTuL-GHtWmJ8RmGe0aXUw2Dr3s9YrqAwL4Geo4XXttICZQ09KOu2tpMkGHTnwojFNjEhIyCutOKgIF0altgm35Mq9_RxDxZsOWYfDt9ok9exrTTBfLg0EGjCAZHXm8iTgn8cCAuLpadFf7IPaMp4eEm1ehHyW75uy_C5gtdAyHQ3-QAhf6CzNt0564aEmpo36r3xT4IpFMS68whVz1uNNrJOYNEHF2uHm7LMSJT0qyW2kmVECqzAGdebOwyJPOfZpKREhSyYTf_N8ML5A3vOJNYh7jrkuo82Sh4gFSkFNi_U50E9DtZ5dzta7&sai=AMfl-YQpVaOWZ7ZAWprcg6Ge3ooiiei7Doe1cid8HTXFXsu5Nd2KHVy8XBtgEJulmt_6bSsTCzt0HCG2d82EfUzRO7fITPB9oCzBiGJFHnFWDtSCjYscJ-qB9Ze_vN23v5SZ&sig=Cg0ArKJSzDwFvnygnLd3EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 8F7EB55D36882DA224D70A87763BF72D
Requests: 13 HTTP requests in this frame

Frame: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2F491D652250E11EA7E35DE3FB45A385
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuFCVGdWmpBbyx4jqBTGva2d0QBXE7QLqUmoPpK6BDzQNpTH4ay02PsoOuDRgKHrrSWMXtcIJ0czWo4gQPfjVJPv0KNJsLBdPn4dkkUnXT9t0RT-LCowBr-NYSWlSEZ1u4A2TtMV2pVPm7PJ_3H2r-zCUN_N7rCBRYVRQvPGp5srCMRKtvBJmFz5IvcnU18TdVPg56wRBp9Boyare9zBeVMcKDj8FOR8B3ki1vgqyUJZv7VsguP-61PP6nYQA7JVDQe5MimGFnJ2Oc9OPSDzE6mQ-2lt5euIMut3B8NVB_A1WxTBkki5C1Tq-Gya6RStYWrtkA9yv-4xAKhKMlTDVilfRRZFID8CHhoJ9qZn9xo-yAxSg&sai=AMfl-YS7UQCgsesClY9l2k5szoeAhdXwDYWV1XS3kru88mbLqAdo8K-hmXvvO0NwHfzaUrgJX_ioI2xYp_EizguoBloN6b_VTFMthDR4OMgn8annmTUuDN3vdp-4cGm-6kDT&sig=Cg0ArKJSzOqDa7E1vhGNEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: D0AA4412F9CD8CC122D5D0DAEDFDBBD7
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230118/r20190131/zrt_lookup.html
Frame ID: BBFA36C274132CF54F94F8626D8647EC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15491136727519701655/index.html
Frame ID: 4217503F7072D9217A0EC32E941A1C4A
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/index.html
Frame ID: E4C481D9D0D7812602371979F735918F
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/index.html
Frame ID: EC53A53926FC02872C4EA2927A5D44B4
Requests: 23 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15491136727519701655/index.html
Frame ID: 9AAB60BB583347DE9E355CB35C00335D
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15813443360502220291/draft-4-1/index.html
Frame ID: CE72352FF4C6CE0E2778390C99B7C9E2
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4E0A088B5BF3B1F4B6A877B67D1E6387
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 39F1AD311BE5AFAC48EA908D02D2187F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A021A66741D4868A77B3AE4A7757164D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 32DC2CEC46F98FEAA16DA4834FE9306A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DA3B7A161A68FFB8EBFB93162A7217EB
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&adk=1812271804&adf=2751417948&lmt=1674473779&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=260x810_l%7C260x810_r&format=0x0&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778341&bpp=5&bdt=1117&idt=557&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&nras=1&correlator=3625127086750&frm=23&ife=4&pv=2&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=1490278158&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=250&ifk=858287017&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44779794&oid=2&pvsid=3853091257772320&tmod=1247563705&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.n8ngm5nucivn&btvi=1&fsb=1&dtd=735
Frame ID: C2866E5A5EDCCD4AB2438D22BB17A528
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186306&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778341&bpp=3&bdt=1117&idt=627&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=1490278158&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=1684&biw=1600&bih=1200&isw=300&ish=250&ifk=858287017&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44779794&oid=2&pvsid=3853091257772320&tmod=1247563705&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.s8kstpwl2ll0&btvi=2&fsb=1&dtd=747
Frame ID: F7137EB6F13331DA5A81140BFD59DBDC
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&adk=1812271804&adf=2751418289&lmt=1674473779&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=260x810_l%7C260x810_r&format=0x0&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778487&bpp=6&bdt=1194&idt=453&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=1074429281&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=250&ifk=2025311624&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779793&oid=2&pvsid=3433357123333383&tmod=822283858&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.jyt7k7nra854&btvi=1&fsb=1&dtd=685
Frame ID: C95C73632FD604416729AEBC57A34442
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189485&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778487&bpp=6&bdt=1195&idt=528&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=1074429281&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=2609&biw=1600&bih=1200&isw=300&ish=250&ifk=2025311624&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779793&oid=2&pvsid=3433357123333383&tmod=822283858&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.sxkrvsofq1if&btvi=2&fsb=1&dtd=692
Frame ID: 888E97FA030ED44088E650C5C63FCE86
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&adk=1812271804&adf=2751418303&lmt=1674473779&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=260x810_l%7C260x810_r&format=0x0&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778530&bpp=4&bdt=1223&idt=498&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=922389160&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=250&ifk=3599634041&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C21065724&oid=2&pvsid=3315224857906237&tmod=319316707&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.a8fofeu5lbif&btvi=1&fsb=1&dtd=724
Frame ID: 75D52DCA7C1835EDCBBA59BC538C0257
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189475&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778530&bpp=2&bdt=1223&idt=677&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=922389160&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=4857&biw=1600&bih=1200&isw=300&ish=250&ifk=3599634041&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C21065724&oid=2&pvsid=3315224857906237&tmod=319316707&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.btevnckfk7cn&btvi=2&fsb=1&dtd=729
Frame ID: 7D03920AD6AAC2F475CAD4F0B805AD84
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Frame ID: CCE64DFDE1C41BB3473F2000ECD06953
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 02CDF9F8B2A53C98F9417D18063E2D99
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DF43D77AACD13715694D7554C4C4F402
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 426A606BF2DDADA2B029ABE12BD69FDF
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6B7EF8813B1AE9A0F968571AD4208920
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&adk=1812271804&adf=2751418288&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.myjoyonline.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473779149&bpp=3&bdt=694&idt=997&shv=r20230118&mjsv=m202301040101&ptt=9&saldr=aa&nras=1&correlator=1879458723352&frm=24&ife=3&pv=2&ga_vid=2127825850.1674473781&ga_sid=1674473781&ga_hid=48854750&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3824908445&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44773809%2C31071641%2C21065725&oid=2&pvsid=3526288478051640&tmod=624967619&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.b3oi87f9cnd2&fsb=1&dtd=1359
Frame ID: 62A8CFBE091967D984CC4DB596532691
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189474&pi=t.ma~as.7074810865&w=300&fwrn=16&fwrnh=100&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473779149&bpp=2&bdt=695&idt=1223&shv=r20230118&mjsv=m202301040101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1879458723352&frm=24&ife=3&pv=1&ga_vid=2127825850.1674473781&ga_sid=1674473781&ga_hid=48854750&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3824908445&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44773809%2C31071641%2C21065725&oid=2&pvsid=3526288478051640&tmod=624967619&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.2lhdd9r4re6x&fsb=1&dtd=1367
Frame ID: 271A73DBE5F2DF3BD5B3444B89782157
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 65BDFFBCDA834CC7AC0F928FA9BAF6B0
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2DE9CCCFBDF75501B74412AD2AAC17C1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EE9E8E85E9664BB78F18FEEAAF1D0667
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E21F041CAFDA6C3B8C340165CDC57C77
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Frame ID: 0A27ED5EBB7438F64D44B75659271F35
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Frame ID: BC356388559ED7D3D6EDA894636568BC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5C47027BDCA2FC216E655A4B25F51D7F
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3ACFACDEBDC0BEC2592247BD3DB5D60C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0206D9FC77EC8B325093EDE89B4C07CC
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Frame ID: 51581D8E1C6B6BA20E0977112351B6BD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 47102BB151CAFF94553015434EF6C3E2
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E73212991B4A8C5B10839EC0AD6890CE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BoG directs banks to unilaterally roll over COCOBOD investors' bonds - MyJoyOnline.com

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

457
Requests

95 %
HTTPS

47 %
IPv6

59
Domains

97
Subdomains

74
IPs

9
Countries

6542 kB
Transfer

17834 kB
Size

46
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 124
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&rid=esp&cc=1
Request Chain 130
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=myjoyonline.com&sn=ChromeSyncframe&so=0&topUrl=www.myjoyonline.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=i6aIJHw1S08rMjUvbEpEUHJiYmI4THlaVzQxUkY1bnBmLzdSNGZmdUdVSzl1V25EOVNNR1FKd0VQZFRpU3pxY0g0b2luVnhTL1BZbk51SFExOEtxU3UyWFZCbjR2VnNLYTFJZHJ3d3YydkpjNytXN3dmUzJZZzFpT1A3NjZIeVY0Mmx1cUxTcVhaYzJqSjJnc01LaU1PbUtjV3o5eEhLd2twMG9qR01zL0tGUGJIbEhQeWcxZVQzRVlSYTh1eCtoVUgxUmlXclpDaXc3NG42MnBkK0RtS00rTC82KzZKSTdsL0NwQkZOem1nMjRkMUtVWnA4ZWJlQm45N3pnYmw3bEFMcWVzMk5GUFNwdE1RSEFpK0NSOCtnckFBdz09fA&cppv=2
Request Chain 160
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355225907;dc_trk_aid=546295868;dc_trk_cid=184452783;ord=2266023277;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355225907;dc_pre=CObdpfXM3fwCFTWC_QcdR30MNQ;dc_trk_aid=546295868;dc_trk_cid=184452783;ord=2266023277;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Request Chain 189
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 269
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29127678.355541211;dc_trk_aid=546292235;dc_trk_cid=183943165;ord=3043958084;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29127678.355541211;dc_pre=COPGiPbM3fwCFVmHgwcdlOEIbg;dc_trk_aid=546292235;dc_trk_cid=183943165;ord=3043958084;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Request Chain 273
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29127678.355541211;dc_trk_aid=546292235;dc_trk_cid=184115228;ord=3469949712;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29127678.355541211;dc_pre=COqxivbM3fwCFWiTdwodsbsN2g;dc_trk_aid=546292235;dc_trk_cid=184115228;ord=3469949712;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Request Chain 277
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355225907;dc_trk_aid=546295868;dc_trk_cid=184451307;ord=3847260251;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355225907;dc_pre=CI3Bi_bM3fwCFWP2EQgdkfAAJA;dc_trk_aid=546295868;dc_trk_cid=184451307;ord=3847260251;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Request Chain 281
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29127678.355541211;dc_trk_aid=546292235;dc_trk_cid=183943165;ord=1507072778;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29127678.355541211;dc_pre=CPuCjvbM3fwCFRXVdwodnaoGLQ;dc_trk_aid=546292235;dc_trk_cid=183943165;ord=1507072778;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Request Chain 361
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 363
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 366
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 367
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 380
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 505
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEIG8RdaoHdMBsK8GsR1KAjk&google_cver=1&google_push=AavPq0MzhwJ7FU6V2KuWcLj_a0amRYMNdzjfcwsbOhRhD0A4ONgGjO8wBM9QNs8ykuwaV5o1L4Tj9lN5fOPQIz2xNf42L22HZ5trvlc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0MzhwJ7FU6V2KuWcLj_a0amRYMNdzjfcwsbOhRhD0A4ONgGjO8wBM9QNs8ykuwaV5o1L4Tj9lN5fOPQIz2xNf42L22HZ5trvlc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIG8RdaoHdMBsK8GsR1KAjk&google_cver=1&google_push=AavPq0MzhwJ7FU6V2KuWcLj_a0amRYMNdzjfcwsbOhRhD0A4ONgGjO8wBM9QNs8ykuwaV5o1L4Tj9lN5fOPQIz2xNf42L22HZ5trvlc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0MzhwJ7FU6V2KuWcLj_a0amRYMNdzjfcwsbOhRhD0A4ONgGjO8wBM9QNs8ykuwaV5o1L4Tj9lN5fOPQIz2xNf42L22HZ5trvlc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 506
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEAydD6PQWST-s-0maO35u3U&google_cver=1&google_push=AavPq0ODbHSkVrYr7Tb5-1zZtLE3Y-6aG6mT8QCwrAlCySJsgQy7SVZJdTpUWvBMQzRS4yXRyJig1OHeHICpuWjDjE04XuGhakSChKk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAydD6PQWST-s-0maO35u3U&google_push=AavPq0ODbHSkVrYr7Tb5-1zZtLE3Y-6aG6mT8QCwrAlCySJsgQy7SVZJdTpUWvBMQzRS4yXRyJig1OHeHICpuWjDjE04XuGhakSChKk
Request Chain 507
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENBL2IsQpqHNdpPvxu0AMpE&google_cver=1&google_push=AavPq0OyH_ksjBNq87pJMXfXsvi93Cj_RldW7gjQkr6ihHX3oL9k3U1w6KPdClsU60UCl2W0olKllqDGh6nXf2pw8ZLURL_01iQO6ao HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0OyH_ksjBNq87pJMXfXsvi93Cj_RldW7gjQkr6ihHX3oL9k3U1w6KPdClsU60UCl2W0olKllqDGh6nXf2pw8ZLURL_01iQO6ao&google_hm=7bz_eGXPRR6PmlC72vrroaU
Request Chain 508
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDEGyH6JNFK07mkXkJZAbCo&google_cver=1&google_push=AavPq0N_45-mnNA67_pUWVAixzjExCwZcYYLALxXrluQRUSniH5sLDe0MqN0qybnitfyhriW7D-ALCAf3ySDx_qHpQN34eNwNtuPCdQ HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDEGyH6JNFK07mkXkJZAbCo&google_cver=1&google_push=AavPq0N_45-mnNA67_pUWVAixzjExCwZcYYLALxXrluQRUSniH5sLDe0MqN0qybnitfyhriW7D-ALCAf3ySDx_qHpQN34eNwNtuPCdQ&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MxdQLmyZTZOx6NwzeTKdHw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0N_45-mnNA67_pUWVAixzjExCwZcYYLALxXrluQRUSniH5sLDe0MqN0qybnitfyhriW7D-ALCAf3ySDx_qHpQN34eNwNtuPCdQ
Request Chain 509
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBubmweoldLRh2vFkcYrRKY&google_cver=1&google_push=AavPq0NuiaOVVGU7yak5o6wlPWAECH4O4KDx9RI-Etxf3y8FoGofM794ordJOcCKvMuYpQaSUgVIKanaKL5NMYVFZN6gkA9MUvtu5og HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQ4UUdFRzgtMjUtMTE4Qg==&google_push=AavPq0NuiaOVVGU7yak5o6wlPWAECH4O4KDx9RI-Etxf3y8FoGofM794ordJOcCKvMuYpQaSUgVIKanaKL5NMYVFZN6gkA9MUvtu5og
Request Chain 510
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECx4Mr3l9jwgmXzB7hwu-JI&google_cver=1&google_push=AavPq0MHljkCmFfr4BhdAZcFqyvRvWqej4S2nFT9H5Si2ZZ5HGFxjZEHB42RgtCQy3FLkHppxwj1NxWKn5FZHcrRSyFKZ3t6J_VOgQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0MHljkCmFfr4BhdAZcFqyvRvWqej4S2nFT9H5Si2ZZ5HGFxjZEHB42RgtCQy3FLkHppxwj1NxWKn5FZHcrRSyFKZ3t6J_VOgQ
Request Chain 511
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEGtpN4787VfaFUcksFy9fV0&google_cver=1&google_push=AavPq0MIfN9moQeak4CsXbdusBu8bHaJKm0IvqFX2hTjE82rkG6VxlEU50NF7YnYNVzJaG_ph_3UCdS-omwXTpoArJlamByATb1JwvE HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0MIfN9moQeak4CsXbdusBu8bHaJKm0IvqFX2hTjE82rkG6VxlEU50NF7YnYNVzJaG_ph_3UCdS-omwXTpoArJlamByATb1JwvE&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1674473781049 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b48242d7-792d-4dd5-8680-7cbc73c32152-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0MIfN9moQeak4CsXbdusBu8bHaJKm0IvqFX2hTjE82rkG6VxlEU50NF7YnYNVzJaG_ph_3UCdS-omwXTpoArJlamByATb1JwvE%26google_hm%3DA7SCQtd5LU3VhoB8vHPDIVI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0MIfN9moQeak4CsXbdusBu8bHaJKm0IvqFX2hTjE82rkG6VxlEU50NF7YnYNVzJaG_ph_3UCdS-omwXTpoArJlamByATb1JwvE&google_hm=A7SCQtd5LU3VhoB8vHPDIVI
Request Chain 514
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOWFjiDtcx2ME4QvUrQeOfc&google_cver=1&google_push=AavPq0OhKWxqMPwLIWthecsTjqKNxgBsp9jFMLxDzyZ3YtleNH45ldEK59YXlNEtLZ-iFoE8mz3OopsW0Epd8hxh16hw621J53QrRkg HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEOWFjiDtcx2ME4QvUrQeOfc&google_cver=1&google_push=AavPq0OhKWxqMPwLIWthecsTjqKNxgBsp9jFMLxDzyZ3YtleNH45ldEK59YXlNEtLZ-iFoE8mz3OopsW0Epd8hxh16hw621J53QrRkg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0OhKWxqMPwLIWthecsTjqKNxgBsp9jFMLxDzyZ3YtleNH45ldEK59YXlNEtLZ-iFoE8mz3OopsW0Epd8hxh16hw621J53QrRkg&google_hm=R-PlVrnBSNOY0IzLVoxeng==
Request Chain 516
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEC3c89GY0regDw4gMFrgqNI&google_cver=1&google_push=AavPq0PAmuj9EvbTxiYBe3frtrf-ryDTmSX_7aatD4NaPhAzQipwO_3kKAa4Ld1y0KVC9DPOaPeFKeskDf8vJbDtXj9bTkwY29VC03o HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AavPq0PAmuj9EvbTxiYBe3frtrf-ryDTmSX_7aatD4NaPhAzQipwO_3kKAa4Ld1y0KVC9DPOaPeFKeskDf8vJbDtXj9bTkwY29VC03o&google_hm=ZzU4MDAxOWQ5NGMzZWY4YjE5MzQ=
Request Chain 517
  • https://match.360yield.com/match/ebda?google_gid=CAESEBUU326is6nbCrZWhOA92aw&google_cver=1&google_push=AavPq0OGzPdUhmI2pL80ROxnlhul_0rjZKF9_JHjyOI1F-v6aIgNxZjgexb1vSV6O0FayZ5XbfCwXxqMR6dIEXfW63uJHfvg3Sfh-yc HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEBUU326is6nbCrZWhOA92aw&google_cver=1&google_push=AavPq0OGzPdUhmI2pL80ROxnlhul_0rjZKF9_JHjyOI1F-v6aIgNxZjgexb1vSV6O0FayZ5XbfCwXxqMR6dIEXfW63uJHfvg3Sfh-yc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=PJODCgPnRAKezw9V-WKUTQ&google_push=AavPq0OGzPdUhmI2pL80ROxnlhul_0rjZKF9_JHjyOI1F-v6aIgNxZjgexb1vSV6O0FayZ5XbfCwXxqMR6dIEXfW63uJHfvg3Sfh-yc
Request Chain 518
  • https://cs.media.net/cksync?type=g&google_gid=CAESEJO8EtTEWSeNXU-LblHLbuU&google_cver=1&google_push=AavPq0MzvvcEfy4dmo0qJBHu_qAXgVmJN5SBkvVqEJmwFUqh0nw8LVdnZAJiCImMBfo8ET-kkbSGMQNYtcvAq8lZIyWwqfhNzRv9znI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE3NDc1MzgxODM5NzM3MDAwMFYxMA%3d%3d&mn_hm=MzE3NDc1MzgxODM5NzM3MDAwMFYxMA%3d%3d&google_sc=1&google_push=AavPq0MzvvcEfy4dmo0qJBHu_qAXgVmJN5SBkvVqEJmwFUqh0nw8LVdnZAJiCImMBfo8ET-kkbSGMQNYtcvAq8lZIyWwqfhNzRv9znI&gdpr=&gdpr_consent=
Request Chain 519
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEBGijt2GdDPj7MKj_tuBMqc&google_cver=1&google_push=AavPq0PjZIdwrwewil17glRSyFnyk6SkLJ39-ZhdPhKbE8RROgGgv7IOCeSusgr7Mwu9Zkrw2BJhg3NvfYDflaXVcVB9KD6Ant03Aow HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEBGijt2GdDPj7MKj_tuBMqc&google_cver=1&google_push=AavPq0PjZIdwrwewil17glRSyFnyk6SkLJ39-ZhdPhKbE8RROgGgv7IOCeSusgr7Mwu9Zkrw2BJhg3NvfYDflaXVcVB9KD6Ant03Aow HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=47e3e556-b9c1-48d3-98d0-8ccb568c5e9e&%%GOOGLE_PUSH_PAIR%%
Request Chain 551
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEG_ZnjmfLhZiz9Jh6s6d9xE&google_cver=1&google_push=AavPq0MjvQ428sGjt2gEsZrfyEAPg_TCUU7Y5qIzPcopwUMU_sdVesWmNv1TXR_26AwLfks2AMQ3HicsCfQEHF202olyVoiBxG4iygE HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEG_ZnjmfLhZiz9Jh6s6d9xE&google_cver=1&google_push=AavPq0MjvQ428sGjt2gEsZrfyEAPg_TCUU7Y5qIzPcopwUMU_sdVesWmNv1TXR_26AwLfks2AMQ3HicsCfQEHF202olyVoiBxG4iygE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S2E0SURSeFMxUGpWN0Q1&google_gid=CAESEG_ZnjmfLhZiz9Jh6s6d9xE&google_cver=1&google_push=AavPq0MjvQ428sGjt2gEsZrfyEAPg_TCUU7Y5qIzPcopwUMU_sdVesWmNv1TXR_26AwLfks2AMQ3HicsCfQEHF202olyVoiBxG4iygE
Request Chain 552
  • https://um.simpli.fi/gp_match?google_gid=CAESEG6T56T6IpYwiqtinOL2f6Q&google_cver=1&google_push=AavPq0PVXLWjBi35ctZ6ZYtU5nQPONPZ4a5o3y6uvUMA268YQjjG-fpapLSUYm2FWybjOoQ9cgbBJYXWw6UxdzQD5pNhTyanajefCg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=23C9ED2999A94265B03679AC42E78E13&google_push=AavPq0PVXLWjBi35ctZ6ZYtU5nQPONPZ4a5o3y6uvUMA268YQjjG-fpapLSUYm2FWybjOoQ9cgbBJYXWw6UxdzQD5pNhTyanajefCg
Request Chain 554
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEL0umSLdjD4QQs8Hs3iYZPE&google_cver=1&google_push=AavPq0MHtENfT_klrD61XkyXKTRBL5ba-o3Kl8lbq63w7CaVFMc2Wy4KMjwGq30oDly-h1f67XdsINKfIhhTh9v8qUtIkx_GsKovQOM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5MTgxMDEyNzQyNzIwNTI1OQ%3D%3D&google_push=AavPq0MHtENfT_klrD61XkyXKTRBL5ba-o3Kl8lbq63w7CaVFMc2Wy4KMjwGq30oDly-h1f67XdsINKfIhhTh9v8qUtIkx_GsKovQOM
Request Chain 555
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOWFjiDtcx2ME4QvUrQeOfc&google_cver=1&google_push=AavPq0NFFbNvA9IWIwuEHymKwEvRtin3jMcKpslLA6znH-AiyMSGCVJpRtLGHIUY2zSv_TX2XrCO8cvMR-xWRXkDp_1DO-dNTf9Y58w HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=47e3e556-b9c1-48d3-98d0-8ccb568c5e9e HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=47e3e556-b9c1-48d3-98d0-8ccb568c5e9e HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=a29bb37c-bc1b-4702-b439-549ca01286c9&ssp=google&expires=30&user_group=5&bsw_param=47e3e556-b9c1-48d3-98d0-8ccb568c5e9e HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0NFFbNvA9IWIwuEHymKwEvRtin3jMcKpslLA6znH-AiyMSGCVJpRtLGHIUY2zSv_TX2XrCO8cvMR-xWRXkDp_1DO-dNTf9Y58w&google_hm=R-PlVrnBSNOY0IzLVoxeng==
Request Chain 556
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEAKB2NrkrX7bZ34H1KzNlM8&google_cver=1&google_push=AavPq0PbFvJEs3hR_LLQioYnm_nzDtVE0g8lVwPR4SXi0MUesPkQ8waNFyEuUGl0RhQBMNixWMsD2wQV0dX1t71MPVKLFxrYL8n04cs HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEAKB2NrkrX7bZ34H1KzNlM8&google_cver=1&google_push=AavPq0PbFvJEs3hR_LLQioYnm_nzDtVE0g8lVwPR4SXi0MUesPkQ8waNFyEuUGl0RhQBMNixWMsD2wQV0dX1t71MPVKLFxrYL8n04cs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0PbFvJEs3hR_LLQioYnm_nzDtVE0g8lVwPR4SXi0MUesPkQ8waNFyEuUGl0RhQBMNixWMsD2wQV0dX1t71MPVKLFxrYL8n04cs

457 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/ 		409 KB
65 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.196.130.246 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
246.130.196.104.bc.googleusercontent.com
Software
Apache / W3 Total Cache/2.2.9
Resource Hash
56088efa2308c496a3caa55c9d0eb98b415679ed793f0f5500df83185e5ae5a0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=3600, public
Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 23 Jan 2023 11:36:13 GMT
ETag
"c63a63b10ac53db54f27d2a4ec63c306"
Expires
Mon, 23 Jan 2023 12:36:13 GMT
Keep-Alive
timeout=5, max=100
Last-Modified
Mon, 23 Jan 2023 11:36:13 GMT
Pragma
public
Server
Apache
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
X-Powered-By
W3 Total Cache/2.2.9
lazyload.min.js
www.myjoyonline.com/wp-content/plugins/w3-total-cache/pub/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.myjoyonline.com/wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.196.130.246 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
246.130.196.104.bc.googleusercontent.com
Software
Apache /
Resource Hash
1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 11:36:13 GMT
Content-Encoding
gzip
Last-Modified
Sat, 24 Dec 2022 15:14:19 GMT
Server
Apache
ETag
"1883-5f0945b30dfb4-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2356
wp-emoji-release.min.js
www.myjoyonline.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.myjoyonline.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.196.130.246 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
246.130.196.104.bc.googleusercontent.com
Software
Apache /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 11:36:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jul 2022 05:34:25 GMT
Server
Apache
ETag
"48b9-5e2f416caa229-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
5009
all.css
use.fontawesome.com/releases/v5.6.3/css/ 		52 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/css/all.css?ver=6.1.1
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
ZR1Z72A8XW1A3WDS
age
574713
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
bIahX+h1yCpmBAE9ubBopjmg4K0YefSLbpaGXcusNICfXfbdWOo6oRdEc44UbHOgFq8KZX3E7CZMbuS7OVwNdA==
last-modified
Wed, 30 Jun 2021 15:44:33 GMT
server
cloudflare
etag
W/"dc93d584e41f8417f6b7163320d34329"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v0h%2BHgN56QDykjn5jcUQULnMDWbOTGGTNqTxrUsRvIMvhMwyQn7ZcRUb8VkT3TXi%2BBYKjSpDNrOxTKwreZBYfvCj4ulgZOf4SK5U9JMjwc1K3fKXZZBt81hwuU6c4D2W19QgK0NyeYc5SejjhfMk9Zqy"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
78e03afe89ddbbdd-FRA
css
fonts.googleapis.com/ 		1 KB
945 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Work+Sans&ver=6.1.1
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7e61b98cfd48dd5fda2b67045ebc64812e2125be27b1b8f699672567ae2d9ed3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 23 Jan 2023 11:36:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 23 Jan 2023 11:15:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 23 Jan 2023 11:36:13 GMT
f402f.js
www.myjoyonline.com/wp-content/cache/minify/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.myjoyonline.com/wp-content/cache/minify/f402f.js
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.196.130.246 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
246.130.196.104.bc.googleusercontent.com
Software
Apache /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 11:36:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 10:38:11 GMT
Server
Apache
ETag
"15851-5ee20e29cb14a-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
30677
8b1d5.js
www.myjoyonline.com/wp-content/cache/minify/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.myjoyonline.com/wp-content/cache/minify/8b1d5.js
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.196.130.246 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
246.130.196.104.bc.googleusercontent.com
Software
Apache /
Resource Hash
eaa653af5e2a278672661f05d1af722339924fc64dc6d314f85a644e1d3e52a1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 11:36:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 10:38:12 GMT
Server
Apache
ETag
"8da-5ee20e2a22fa3-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
750
56d32.js
www.myjoyonline.com/wp-content/cache/minify/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.myjoyonline.com/wp-content/cache/minify/56d32.js
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.196.130.246 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
246.130.196.104.bc.googleusercontent.com
Software
Apache /
Resource Hash
9a3d1f5824ad4bd991a67acab64088920e43d25545ca6b4cb78736dc35b696a3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 11:36:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 10:38:12 GMT
Server
Apache
ETag
"bd7-5ee20e2a06a7b-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1377
eb8ca.js
www.myjoyonline.com/wp-content/cache/minify/ 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.myjoyonline.com/wp-content/cache/minify/eb8ca.js
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.196.130.246 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
246.130.196.104.bc.googleusercontent.com
Software
Apache /
Resource Hash
8ca8a4feeb61ae9e7c5b6dc7a7918cf9c214c601be52f73231bb20cec8861c00
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 11:36:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 10:38:12 GMT
Server
Apache
ETag
"18804-5ee20e2a24ee4-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
30097
js
www.googletagmanager.com/gtag/ 		110 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-76317721-1
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
75fe206d45f477c30ab126dd570d52b795a690f8e0b34b2071b34ab8a9e11876
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43992
x-xss-protection
0
last-modified
Mon, 23 Jan 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 23 Jan 2023 11:36:14 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5ae5a08b30987e2efb3df7031ab8759a1b30f06d932412475c5778b217c41a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27759
x-xss-protection
0
server
sffe
etag
"1460 / 95 of 1000 / last-modified: 1674466937"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 23 Jan 2023 11:36:14 GMT
js
www.googletagmanager.com/gtag/ 		217 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VVPMTF49Z0
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cd6772baa401ce68f0a9cf3f086d73e8428008bb52164357d132d772ed062b59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77660
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 23 Jan 2023 11:36:14 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:2800:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 01:13:29 GMT
content-encoding
gzip
via
1.1 fe106b75368b4a44b0461d7e712cd360.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 00:57:56 GMT
server
nginx
x-amz-cf-pop
AMS54-C1
age
37365
etag
W/"62d75314-5d6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
BZIH0Yvpls5PfEQrzOV9tZGsFbIMgp1hbNxSRgS2k-0jBzzg1o_PiQ==
expires
Tue, 24 Jan 2023 01:13:29 GMT
index.js
tags.remixd.com/player/v5/ 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.remixd.com/player/v5/index.js
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-52.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
91bcc65a1a6bb4755e48576889ae27c2f620e49d126b8127dd16c1a99945b9d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:35:53 GMT
content-encoding
gzip
via
1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
last-modified
Tue, 21 Jun 2022 15:31:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
21
etag
"57b6f8ad4125903b7e06bb427c232d10"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=1800
accept-ranges
bytes
content-length
10041
x-amz-cf-id
cUZ5BNNUF13KJ8vZvdAJTp2cs7xxTc-tIZkkvuQbqAwMB9dE70viSA==
outbrain.js
widgets.outbrain.com/ 		250 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-62.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2d02dc710b58a3c71bf068def9b26347613a4dac4315d6f1eda035b00fb77609

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:14 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 10:20:55 GMT
etag
"16-1ORPGHuSnJKUOe4APqRFJ5k3N7E"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=14400
access-control-allow-credentials
false
x-traceid
8c37dc9857ec9b7d5944ffc0cf0dc6d
timing-allow-origin
*, *
content-length
88024
1615d.js
www.myjoyonline.com/wp-content/cache/minify/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.myjoyonline.com/wp-content/cache/minify/1615d.js
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.196.130.246 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
246.130.196.104.bc.googleusercontent.com
Software
Apache /
Resource Hash
1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 11:36:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 10:38:12 GMT
Server
Apache
ETag
"1883-5ee20e2a2cbe6-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2356
apstag.js
c.amazon-adsystem.com/aax2/ 		179 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.85.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-85-4.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a1a74eef6e94e2e8414e313d3dac9c34b11fccf52909e9eb833ce2cf70ced650

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:09:03 GMT
content-encoding
gzip
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront), 1.1 ecaa40073bdefd3aeab35205d96e7782.cloudfront.net (CloudFront)
last-modified
Thu, 19 Jan 2023 20:39:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, AMS50-C1
age
1632
x-amz-server-side-encryption
AES256
etag
W/"09722bdf068e1f62e3d9a9e39a8dde87"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
6avGKV2HHyVi5MahaUnKbAmGRoFV5kcBAj4iDdLRIAejDWpTmpz2AA==
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:2800:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 02:57:12 GMT
content-encoding
gzip
via
1.1 fe106b75368b4a44b0461d7e712cd360.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 17:25:10 GMT
server
nginx
x-amz-cf-pop
AMS54-C1
age
31142
etag
W/"63921df6-9377"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
g5t-2gPT66KHxrFiF06Ks1RgJmeL9WPfrwcjhhp3p1yOeEsXaJ7DoQ==
expires
Tue, 24 Jan 2023 02:57:12 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eeb399f1789ed52132e5a180555cc0e24bf966b03cd0e97792bae7c637e4e229

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cbec7579d8c2963f13b8ef90847bef861b534371bfd2dab99ebb09ff1528b0e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5390e9facc0ddb3ebb2236c1c797ba47be28e4173b948f172d133e4f8ce5748e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8Jpg.woff2
fonts.gstatic.com/s/worksans/v18/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v18/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8Jpg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c46b18a1ccba221be436881e1649ef1bfd1e656184fcd535e84bc77c77e8e5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.myjoyonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 02:21:20 GMT
x-content-type-options
nosniff
age
119694
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17912
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 17:55:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 Jan 2024 02:21:20 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 		77 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css?ver=6.1.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903

Request headers

Referer
https://use.fontawesome.com/releases/v5.6.3/css/all.css?ver=6.1.1
Origin
https://www.myjoyonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8MFMMY80NP6BCTAR
age
1675865
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
79100
x-amz-id-2
RlxNSM9ba7+zxC6pYf7yzkXqc5ahcaQ0qv4YsIgfq/8bfNef3vgFZ7TKpPKYUlDCOHwtLbH/qCs=
last-modified
Wed, 30 Jun 2021 15:44:54 GMT
server
cloudflare
etag
"5dc01cfcd5336f696cb85da7ce53fa9b"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DHQ23W0GZnfC2m9xu8VORcP9CBT315CHooj8VOXO1AwQNGlLCw7%2Fr5UHTyZ%2Bgq2hzI5FeGsBWlajYXZh%2BbOl2IsjZcrGCdQQW4C2xyFAKXEFy9byFdbEFIwGrFgXPhein9ogOC7PUrOPbREHJH%2FmjgzB"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
78e03aff6bba2c72-FRA
fa-brands-400.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css?ver=6.1.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eed474a49bdbf745c19e463f070e67977c1ab27835603eb749d9e5c249cf81f8

Request headers

Referer
https://use.fontawesome.com/releases/v5.6.3/css/all.css?ver=6.1.1
Origin
https://www.myjoyonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
RY54NYFCMTZDAT8E
age
1671265
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
74288
x-amz-id-2
doOTpeXAISn4zGpFg8ZbUn8Ea6uKcwdwQolfiR9U16hM1zIWxHQ6HxiVTxPKOXRmojahxVuM9r8SDcPvwdJB7g==
last-modified
Wed, 30 Jun 2021 15:44:54 GMT
server
cloudflare
etag
"eac60e8a656781e13d2a674b4d9051c0"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r1mNkDS%2Bf5Jc5FI2C%2B%2BLCkOp8ghUfodz8yRxD6I5398C7PFesD99w1gQfRAJW3CxDF%2FqSI98Y3aI1KmS4hTzWbWuLpA%2B8J7XroJaJH%2FZ13QJJ3m5Zt3cjj1ZmnZtlPIGd7oTMwSBYsWg0V8kb3yFDtkZ"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
78e03aff6bb72c72-FRA
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c5332142a2fbfe3cf57e287e51c2bb0d6e8df91932fc6a3051015a54d967cab0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
w.soundcloud.com/player/ Frame BC9F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://w.soundcloud.com/player/?url=https%3A//api.soundcloud.com/tracks/1428807427&color=%23ff5500&auto_play=false&hide_related=false&show_comments=true&show_user=true&show_reposts=false&show_teaser=true&visual=true
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-127.ams50.r.cloudfront.net
Software
am/2 /
Resource Hash
50ea53aaa8de06f5f0f72f2ae806505bfb1de3488c28a442da5b315ca05afb30
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=300
content-encoding
gzip
content-type
text/html
date
Mon, 23 Jan 2023 11:36:14 GMT
p3p
policyref="https://w.soundcloud.com/player/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV TAI PSAo PSDo OUR STP CNT"
server
am/2
strict-transport-security
max-age=63072000
vary
Accept-Encoding
via
sssr, 1.1 4d0f1cf23ad7680cffcd37454ed8e57c.cloudfront.net (CloudFront)
x-amz-cf-id
AhAeqmCQGGBFGfGYtUw5Acfo-mKULFBX9nZ6wgvPJL_v_wmnrFkRPQ==
x-amz-cf-pop
AMS50-C1
x-cache
Miss from cloudfront
fa-regular-400.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-regular-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css?ver=6.1.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ecdc6188a4b2ec48e2ebf84a2a6584e78473f1216d7119832b5dc109bec7492

Request headers

Referer
https://use.fontawesome.com/releases/v5.6.3/css/all.css?ver=6.1.1
Origin
https://www.myjoyonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
RY51CVV6XMQJBQ06
age
1671265
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14872
x-amz-id-2
t+dOjwFTmv+KejGFXRsQ0jnVl+nFp37gWj8Zl6jSmYavS3G+UIXYZaAcjh7xn1QR8D0U/YDirV0KFT/yba0Psg==
last-modified
Wed, 30 Jun 2021 15:44:54 GMT
server
cloudflare
etag
"4b218302f9057d02864d4909661831e9"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vmmfWPFW2eTcmsH1xuejNIRuT9TwRw5i%2FG%2BUZwPuJHM4MN4t1cVPOxC7yDmhHofRJ23TASU6KlIKZ2vsBzBPDwwXc9tLPa2QHw0P2jU0UuV90AEtryX7Bqzg9cbWdbS9Ru6GGQzZGCqqFHCg5BS4R0ph"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
78e03aff6bbe2c72-FRA
platform.js
cdn.vuukle.com/ 		199 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.vuukle.com/platform.js
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f7d41310435064aa15d0620251c2a473a016576e68136531c0a7e959b621bf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:14 GMT
content-encoding
br
cf-cache-status
HIT
age
3021
cf-polished
origSize=203470
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 20 Jan 2023 10:44:19 GMT
server
cloudflare
etag
W/"63ca7083-31ace"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=1800
cf-ray
78e03b001da59b6a-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
truncated
/ 		64 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
e816c.js
www.myjoyonline.com/wp-content/cache/minify/ 		198 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.myjoyonline.com/wp-content/cache/minify/e816c.js
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.196.130.246 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
246.130.196.104.bc.googleusercontent.com
Software
Apache /
Resource Hash
6efad1e6bd5fdd0ba9e23498896aa5b19bee073f1a880b427260e4bac3658b94
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 11:36:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 10:38:12 GMT
Server
Apache
ETag
"319e3-5ee20e2a3c5ea-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
44404
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		234 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=myjoyonline.com&domain=myjoyonline.com&path=%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
73bde07cf1f585990d0495c2d122e078446a058082698e43a43f9e11bf38ff5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-cache-hits
1
date
Mon, 23 Jan 2023 11:36:14 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
714
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
171
x-served-by
cache-hhn-etou8220054-HHN
x-timer
S1674473774.098287,VS0,VE1
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Sat, 21 Jan 2023 11:24:20 GMT
myjoyonline.com
pubcast-files.remixd.com/player-configs/ 		8 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pubcast-files.remixd.com/player-configs/myjoyonline.com
Requested by
Host: tags.remixd.com
URL: https://tags.remixd.com/player/v5/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.38.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
addec199fcf7a538b4b38ab5464ee3c8f69c0af9bbd0485943029382338ace12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 10:42:06 GMT
age
3248
x-guploader-uploadid
ADPycdu6_JdTstDpkVle5Gvt9to-1kuD7D-FnV1fPrxWxnq-w8fq65jadBSkSQf1xDqHDBUdypYEiVWCFrLLrq7M06AiZQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8372
last-modified
Mon, 31 Oct 2022 16:21:25 GMT
server
UploadServer
etag
"77488f0b6883032e1cd73f40b8eaef2c"
x-goog-generation
1667233285626577
x-goog-hash
crc32c=T0O1Ig==, md5=d0iPC2iDAy4c1z9AuOrvLA==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-meta-cache-control
public, no-cache, must-revalidate
x-goog-stored-content-length
8372
accept-ranges
bytes
content-type
application/json
expires
Mon, 23 Jan 2023 11:42:06 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=myjoyonline.com&p=%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&u=F6sa_DUPE0MBLqUIP&d=myjoyonline.com&g=65720&g0=%22Business%22&g1=Emma%20Ankrah&n=1&f=00001&c=0&x=0&m=0&y=4764&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&b=844&t=Bhh-jQD0AFP7CNHZNQBrSJaeCrhHH5&V=139&i=BoG%20directs%20banks%20to%20unilaterally%20roll%20over%20COCOBOD%20investors%27%20bonds%20-%20MyJoyOnline.com&tz=0&sn=1&sv=Dt9mh6B-b7sbDDlqFmBhcFnNChH1Aq&sd=1&im=067b2fff&_
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.231.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-231-107.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 23 Jan 2023 11:36:14 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
popular-posts
www.myjoyonline.com/wp-json/wordpress-popular-posts/v1/ 		55 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.myjoyonline.com/wp-json/wordpress-popular-posts/v1/popular-posts
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/wp-content/cache/minify/56d32.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.196.130.246 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
246.130.196.104.bc.googleusercontent.com
Software
Apache / PHP/7.3.13
Resource Hash
66b0ae298a524a79ee6d380a2b609fb15f180589e6b817b3ba2e140db0a795ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

X-WP-Nonce
d59dc15afb
Date
Mon, 23 Jan 2023 11:36:14 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
PHP/7.3.13
Connection
Keep-Alive
Content-Length
75
Server
Apache
Allow
GET, POST
Access-Control-Allow-Methods
OPTIONS, GET, POST, PUT, PATCH, DELETE
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.myjoyonline.com
Access-Control-Expose-Headers
X-WP-Total, X-WP-TotalPages, Link
Vary
Origin,Accept-Encoding
Access-Control-Allow-Credentials
true
X-Frame-Options
SAMEORIGIN
X-Robots-Tag
noindex
Keep-Alive
timeout=5, max=98
Link
<https://www.myjoyonline.com/wp-json/>; rel="https://api.w.org/"
Access-Control-Allow-Headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
d3d3Lm15am95b25saW5lLmNvbQ==
tcheck.outbrainimg.com/tcheck/check/ 		15 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/d3d3Lm15am95b25saW5lLmNvbQ==
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.125.156 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-156.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 11:36:14 GMT
ETag
W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=41351
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
32ad9247141f24d3c711cdd1d15e3321
Content-Length
15
Expires
Mon, 23 Jan 2023 23:05:25 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:14 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Wed, 22 Feb 2023 11:36:14 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		386 B
745 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.myjoyonline.com&pubid=33ad62c7-3412-4428-a63e-5fe3c8ffc47f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.85.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-85-4.ams50.r.cloudfront.net
Software
Server /
Resource Hash
c515abea3632e11f7febff0522cfc2632cbbe1d4aacc03a455571ee6d6e68e52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 09:07:05 GMT
via
1.1 ecaa40073bdefd3aeab35205d96e7782.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS50-C1
age
8948
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.myjoyonline.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
386
x-amz-cf-id
ys2V9Is3U9JSsFgvO4yyJDnwhtI8Kq14cHYfTqlEk5Txi9a7U5cofg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.85.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-85-4.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id
1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
content-encoding
gzip
via
1.1 042b48eeaf8a253b1b396e09e8bdea20.cloudfront.net (CloudFront)
date
Mon, 23 Jan 2023 02:10:50 GMT
x-amz-cf-pop
AMS50-C1
age
34150
x-cache
Hit from cloudfront
last-modified
Fri, 23 Dec 2022 01:05:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
Z2j_POSjtvdGqJh7H5rcHjQ4I8jL9I9twR7fwIbFR1NtrFAxdCO_UQ==
getGeo
vuukle.com/ 		90 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vuukle.com/getGeo
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1695 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53f98bb0b288d162a288ce2caf8406c00c1fd474f0c73a58b5893098271621a9

Request headers

Referer
https://www.myjoyonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 23 Jan 2023 11:36:14 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,HEAD,POST,OPTIONS
access-control-allow-origin
*
content-type
application/json;charset=UTF-8
cf-ray
78e03b00cec72c65-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
loadVuukle
api.vuukle.com/api/v1/Comments/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.vuukle.com/api/v1/Comments/loadVuukle?apiKey=255be353-1ccf-4eea-af0c-86d618375550&articleId=10032247693&globalRecommendation=false&host=myjoyonline.com&start=0&uri=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d34dbfa2a5e71fe0504f8ccca4cac791cdd5472c606b94cd87c2688b76fac09
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Referer
https://www.myjoyonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 23 Jan 2023 11:36:14 GMT
via
1.1 varnish (Varnish/6.2)
content-encoding
br
cf-cache-status
DYNAMIC
age
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1
pragma
no-cache
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH, OPTIONS
x-varnish
307181218
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.myjoyonline.com
cache-control
no-store,no-cache
access-control-allow-credentials
true
access-control-allow-credentiails
true
cf-ray
78e03b00edbcbb85-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
prebid3.js
cdn.vuukle.com/static/ 		474 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.vuukle.com/static/prebid3.js
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aae6af796749b4e50dfb211439d3bad2c858ac0e744908cbf969d0281f6c6a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:14 GMT
content-encoding
br
cf-cache-status
HIT
age
873052
cf-polished
origSize=634326
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 13 Jan 2023 07:55:15 GMT
server
cloudflare
etag
W/"63c10e63-9add6"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=3600
cf-ray
78e03b01683e9b6a-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
myjoyonline.com.json
cdn.vuukle.com/ads/ 		26 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.vuukle.com/ads/myjoyonline.com.json
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fb9344bf86f85a31d606c8c79ea79eadc775287a9f104756c48833b0b7b10b7

Request headers

Referer
https://www.myjoyonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 23 Jan 2023 11:36:14 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 23 Jan 2023 10:04:35 GMT
server
cloudflare
etag
W/"63ce5bb3-679c"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cf-ray
78e03b019c3a9a2f-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		0
27 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27718
x-xss-protection
0
server
sffe
etag
"1460 / 152 of 1000 / last-modified: 1674467004"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 23 Jan 2023 11:36:14 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 18 Jan 2023 10:47:57 GMT
server
cloudflare
x-amz-request-id
FWPRJKZQW4E7H0BP
age
0
etag
W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
78e03b01bdc6902e-FRA
x-amz-id-2
HcWQsuBfpb/Tfik6js3JIQHbUTNSRMBrG4FXNRkoemekMm77LKnHzEBwlVw33JvTHvCYC1TQKYUt6NsJYPhfkw==
sharebar.html
cdn.vuukle.com/widgets/ Frame 7A46 		211 KB
77 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.vuukle.com/widgets/sharebar.html?version=2.17.9
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a2b39fd81d9e5dfa7cd19122d29aae241c7dbab8e178b7e87640d27557085d1

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
age
446288
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=10800
cf-cache-status
HIT
cf-ray
78e03b0188bb9b6a-FRA
content-encoding
br
content-type
text/html
date
Mon, 23 Jan 2023 11:36:14 GMT
last-modified
Wed, 18 Jan 2023 07:34:57 GMT
server
cloudflare
vary
Accept-Encoding
placement_invocation
rock.defybrick.com/ 		48 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:1000:1a:ba5c:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Caddy /
Resource Hash
620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 09:10:03 GMT
content-encoding
gzip
via
1.1 697a26790d3ab8292d8546ca9be87bbc.cloudfront.net (CloudFront)
server
Caddy
x-amz-cf-pop
AMS54-C1
age
8771
etag
"bf8f-sbLSqLgrhMmD0M6HbtAQ/QtX6WE"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=43200
content-length
18460
x-amz-cf-id
ZIhLGZ3jqngn5NLEdDPBYID8kW_LI0xXROpDnviGzYdL6Nen6iocrQ==
expires
Mon, 23 Jan 2023 21:10:03 GMT
widget-7-215cba131f00.js
widget.sndcdn.com/ Frame BC9F 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.sndcdn.com/widget-7-215cba131f00.js
Requested by
Host: w.soundcloud.com
URL: https://w.soundcloud.com/player/?url=https%3A//api.soundcloud.com/tracks/1428807427&color=%23ff5500&auto_play=false&hide_related=false&show_comments=true&show_user=true&show_reposts=false&show_teaser=true&visual=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-41.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e5f2f9d02bd1448626ba66bdff4cf213f9d8c0186351b76b13f3b6de8a2c2b2a

Request headers

Referer
https://w.soundcloud.com/
Origin
https://w.soundcloud.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 06:45:34 GMT
x-amz-version-id
5Dil5723Csbr4JgVOqZQ1X60SemP17m_
content-encoding
gzip
via
1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
4164641
x-cache
Hit from cloudfront
last-modified
Fri, 02 Dec 2022 13:11:35 GMT
server
AmazonS3
etag
W/"d4b1983a0bff87588a0b157d86b03e25"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding
x-amz-cf-id
4vMJB5vze0fZ9t6qpija8-naxXdFicFmiMO3vzpW876_3NCJqtRvHw==
widget-8-0b77473c9644.js
widget.sndcdn.com/ Frame BC9F 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.sndcdn.com/widget-8-0b77473c9644.js
Requested by
Host: w.soundcloud.com
URL: https://w.soundcloud.com/player/?url=https%3A//api.soundcloud.com/tracks/1428807427&color=%23ff5500&auto_play=false&hide_related=false&show_comments=true&show_user=true&show_reposts=false&show_teaser=true&visual=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-41.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a31851b890b6b4806c376c27fd988d946a29f8ebd9bde9edf0c01147a027db53

Request headers

Referer
https://w.soundcloud.com/
Origin
https://w.soundcloud.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 12:46:17 GMT
x-amz-version-id
aHaVnyg_L1edzXwtKl0ABirdsLkgtIAB
content-encoding
gzip
via
1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
859798
x-cache
Hit from cloudfront
last-modified
Fri, 13 Jan 2023 12:41:42 GMT
server
AmazonS3
etag
W/"dd93e2881c8e948f579c9610be56b9d6"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding
x-amz-cf-id
yXTN4IlOsjk6X6KPdWdd8IXK-HjRuS1iB-t9q8tFbmtS33FhUz8j0Q==
widget-9-c1e8ae630fae.js
widget.sndcdn.com/ Frame BC9F 		1 MB
310 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.sndcdn.com/widget-9-c1e8ae630fae.js
Requested by
Host: w.soundcloud.com
URL: https://w.soundcloud.com/player/?url=https%3A//api.soundcloud.com/tracks/1428807427&color=%23ff5500&auto_play=false&hide_related=false&show_comments=true&show_user=true&show_reposts=false&show_teaser=true&visual=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-41.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
04ffd09228ab1b2b6a2c856284db8483ee807e1f56e245eca6e25ad64064427d

Request headers

Referer
https://w.soundcloud.com/
Origin
https://w.soundcloud.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 12:46:17 GMT
x-amz-version-id
yMRNk9tj67tRXofEDx_e7x7e163NMlcW
content-encoding
gzip
via
1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
859798
x-cache
Hit from cloudfront
last-modified
Fri, 13 Jan 2023 12:41:42 GMT
server
AmazonS3
etag
W/"a81a01ca8dd614f2adf32be17391b3cb"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding
x-amz-cf-id
ieCdhB3FIxIC3kqzAgX9D6qHXrKdMeJtNcMd568HJ9QTLcTMn4HH4A==
standard-player.html
tags.remixd.com/player/v5/players/ 		129 KB
30 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.remixd.com/player/v5/players/standard-player.html
Requested by
Host: tags.remixd.com
URL: https://tags.remixd.com/player/v5/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-52.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f5d73c848836745a93ff7aa540a8f83f9899e3668628f42e9ba0cc6ef5e0b32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:14 GMT
content-encoding
gzip
via
1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
20
x-cache
Hit from cloudfront
content-length
29730
last-modified
Tue, 21 Jun 2022 15:31:59 GMT
server
AmazonS3
etag
"9a2e807a291cbaccaab15c40f0629813"
access-control-max-age
60
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
cache-control
public,max-age=1800
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
mbiDvCbUAfRAtUbgVf7TDKk_sFMBCuyAw9BpPgbIZ0Jqp-UAFPyzeQ==
cnsnt.platform.js
cdn.vuukle.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.vuukle.com/cnsnt.platform.js
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee54185d227b97546b9516a4930f7e72a810488ab8bf9c9ba7f897a782bd0437

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:14 GMT
content-encoding
br
cf-cache-status
HIT
age
2806
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 20 Jan 2023 10:44:27 GMT
server
cloudflare
etag
W/"63ca708b-f2c"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=7200
cf-ray
78e03b01f8a2bbb3-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
pubads_impl_2023011101.js
securepubads.g.doubleclick.net/gpt/ 		383 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64f9e98a68d94c6ee1bdaee26992bd796d293641ad202e3d311c146dabe3b67d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 12:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81571
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132552
x-xss-protection
0
last-modified
Wed, 11 Jan 2023 09:35:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 22 Jan 2024 12:56:43 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		323 B
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.myjoyonline.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
417243696703ca6611fd5dd126cb363fec95fd2246247d44cba683d956f9ba67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
140
x-xss-protection
0
expires
Mon, 23 Jan 2023 11:36:14 GMT
collect
region1.google-analytics.com/g/ 		0
341 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-VVPMTF49Z0&gtm=2oe1i0&_p=2059873228&cid=1501366706.1674473774&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1674473774&sct=1&seg=0&dl=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&dt=BoG%20directs%20banks%20to%20unilaterally%20roll%20over%20COCOBOD%20investors%27%20bonds%20-%20MyJoyOnline.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VVPMTF49Z0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.myjoyonline.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-76317721-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 23 Jan 2023 10:36:45 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
3569
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20085
expires
Mon, 23 Jan 2023 12:36:45 GMT
myjoyonline.com.json
cdn.vuukle.com/ads/ 		26 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.vuukle.com/ads/myjoyonline.com.json
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/static/prebid3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fb9344bf86f85a31d606c8c79ea79eadc775287a9f104756c48833b0b7b10b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:14 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 23 Jan 2023 10:04:35 GMT
server
cloudflare
etag
W/"63ce5bb3-679c"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cf-ray
78e03b037f399a2f-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bq-publish
publish.vuukle.com/ 		29 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://publish.vuukle.com/bq-publish?callback=&{%22action%22:%22view_page%22,%22hashed_email%22:%22$4bab59-373d-46e2-a7e4-44478ebfb3dc%22,%22hostname%22:%22255be353-1ccf-4eea-af0c-86d618375550%22,%22pubdomain%22:%22myjoyonline.com%22,%22refDomain%22:%22%22,%22sessionId%22:%22e65b7a93-bc7d-44a8-bc40-a411b509609c%22,%22version%22:%224.20%22,%22articleImg%22:%22%22,%22articleTitle%22:%22BoG%20directs%20banks%20to%20unilaterally%20roll%20over%20COCOBOD%20investors%20bonds%20-%20MyJoyOnline.com%22,%22article_id%22:%2210032247693%22,%22hashed_article_url%22:%22myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F%22,%22referrer%22:%22emmaamanoahankrah@gmail.com%22,%22tags%22:%22National%22,%22browser%22:%22Chrome%22,%22device%22:%22Desktop%22,%22os%22:%22Windows%22}&_=1489139930741
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1695 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97fd90ef746f6ef3dd8fca95e7876067f0886e31fa657470635fdeb136845ee1
Security Headers
Name Value
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:14 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.myjoyonline.com
access-control-allow-credentials
true
cf-ray
78e03b037b3c2c65-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1
cropped-joychristmas.png
www.myjoyonline.com/wp-content/uploads/2022/12/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.myjoyonline.com/wp-content/uploads/2022/12/cropped-joychristmas.png
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.196.130.246 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
246.130.196.104.bc.googleusercontent.com
Software
Apache /
Resource Hash
8e8add0c0316a42e776f9ceb5d9b6af087ae2e99f8474d45456e44aaff268597
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 11:36:14 GMT
Content-Encoding
gzip
Last-Modified
Sat, 24 Dec 2022 03:58:26 GMT
Server
Apache
ETag
"6ab6-5f08aea08373c-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
27341
COCOBOD.jpg
www.myjoyonline.com/wp-content/uploads/2020/10/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.myjoyonline.com/wp-content/uploads/2020/10/COCOBOD.jpg
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.196.130.246 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
246.130.196.104.bc.googleusercontent.com
Software
Apache /
Resource Hash
d767cd5c10c702bf073c69dd55dbed1f35c9a584b8a8c516fe64609f7365f157
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 11:36:14 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Oct 2020 21:18:43 GMT
Server
Apache
ETag
"e900-5b12f60784602-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
59581
FUtg69tL.js
cdn.jwplayer.com/libraries/ Frame 341A 		119 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/libraries/FUtg69tL.js
Requested by
Host: tags.remixd.com
URL: https://tags.remixd.com/player/v5/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:6e00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
242afeb2e37b89565d37e36f17c901848b69b195d8b736c59d79060e51476cc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:33:44 GMT
content-encoding
gzip
via
1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA53-C1
age
150
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
x-robots-tag
noindex, indexifembedded
content-length
42417
x-amz-cf-id
2X-lkb_chtHTJXsaMFuGCAFRzZRzcjYTsNIvt8S3KIrM9EMD5sG8rQ==
show_pla
flint.defybrick.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flint.defybrick.com/show_pla?id=65349&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&sf=0&k=&idx=0&ch=&ext=&np=win32&nv=google%20inc.&rand=14051790188711755780291229986100848705371789119305096716028854809707&nc=0&tsf=0&tsfmi=&pv=0&cb=1674473774764&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=981103988&at=&bid=e30%3D&di=W1siZWYiLDUyODBdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImludGVsIGluYy5c%0D%0AIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNs%0D%0AIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndl%0D%0AYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwi%0D%0AYmVuXCI6OCxcIndnbFwiOjEsXCJncmVuXCI6XCJ3ZWJraXQgd2ViZ2xcIixcInNlZlwiOjEwNTE2%0D%0AOTQwODksXCJzZWNcIjpcIlwifSJdLFszNywiWzMzMTYyMjQwNDksZnVuY3Rpb24obmV3VmFsdWUp%0D%0AIHtcbiAgICAgICAgICAgICAgYWRkQ29udGVudFdpbmRvd1Byb3h5KHRoaXMpXG4gICAgICAgICAg%0D%0AICAgIC8vIFJlc2V0IHByb3BlcnR5LCB0aGUgaG9vayBpcyBvbmx5IG5lZWRlZCBvbmNlXG4gICAg%0D%0AICAgICAgICAgIE9iamVjdC5kZWZpbmVQcm9wZXJ0eShpZnJhbWUsICdzcmNkb2MnLCB7XG4gICAg%0D%0AICAgICAgICAgICAgY29uZmlndXJhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB3cml0YWJs%0D%0AZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgdmFsdWU6IF9zcmNkb2NcbiAgICAgICAgICAgICAg%0D%0AfSlcbiAgICAgICAgICAgICAgX2lmcmFtZS5zcmNkb2MgPSBuZXdWYWx1ZVxuICAgICAgICAgICAg%0D%0AfV0iXSxbLTEsIi0iXSxbLTIsIjQsZVlHOVgxL1gxdFpsUzIyZDUxeDhZTlk5TXhKUUVNQ2RVQkhK%0D%0ATDg2TDIzQUNHVWhCSXdJU1NFRUFjSUpmUmVBZ1FJRUZvSW5kQ3h3UVhqaG8yNzE5Nm1Nak92L3I4%0D%0ANzB1eHFGeCJdLFstMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwibWhqZmJtZGdjZmpiYnBh%0D%0AZW9qb2ZvaG9lZmdpZWhqYWlcIixcImludGVybmFsLW5hY2wtcGx1Z2luXCJdIl0sWy00LCItIl0s%0D%0AWy01LCItIl0sWy02LCItIl0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFst%0D%0AMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCIsXCJvZzp0aXRsZVwiLFwib2c6%0D%0AZGVzY3JpcHRpb25cIixcInR3aXR0ZXI6dGl0bGVcIixcInR3aXR0ZXI6ZGVzY3JpcHRpb25cIl19%0D%0AIl0sWy0xMiwibnVsbCJdLFstMTMsIi0iXSxbLTE0LCJ7XCJvXCI6MC4wMDgzMzMzMzMzMzMzMzMz%0D%0AMzN9Il0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCI0Il0sWy0xOCwiWzAsMCwwLDFdIl0sWy0x%0D%0AOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEy%0D%0AMDAsMTYwMCwxMjAwLDAsMCwwLDAsXCItXCIsXCItXCJdIl0sWy0yMCwiMTUwMTM2NjcwNi4xNjc0%0D%0ANDczNzc0Il0sWy0yMSwicmhoc0hSSUgiXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJd%0D%0ALFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIntcInRqaHNcIjoxOTMwMDAwMCxcInVqaHNcIjox%0D%0ANjEwMDAwMCxcImpoc2xcIjozNzYwMDAwMDAwfSJdLFstMjcsIlswLDEwLDAsXCI0Z1wiLG51bGxd%0D%0AIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTI5LCJ7XCJ2XCI6WzIsMiwyLDIsMCwwLDAsMiwwLDIsMCwy%0D%0ALDAsMCwyLDIsMiwyLDBdfSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEsImZhbHNlIl0sWy0zMiwi%0D%0ALSJdLFstMzMsIi0iXSxbLTM0LCItIl0sWy0zNSwiWzE2NzQ0NzM3NzQ3MzYsMF0iXSxbLTM2LCJb%0D%0AXCI0LzNcIixcIjQvM1wiXSJdLFstMzcsIi0xNDQtNjYtMTgwLSJdLFstMzgsImksLTEsLTEsMCww%0D%0ALDEsMCwxLDIyMCwzNDIsMTg5LDAsNzMwLDczMCwxNDgyLDE0ODMiXSxbLTM5LCJbXCIyMDAzMDEw%0D%0AN1wiLDQsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGwsdHJ1ZSw4%0D%0ALGZhbHNlLG51bGwsM10iXSxbLTQwLCIzMyJdLFstNDEsIi0iXSxbLTQyLCIxNzI0Mjk3NjUzIl0s%0D%0AWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAiXSxbLTQ0LCIwLDAsMCw1Il0sWy00NSwi%0D%0ALSJdLFstNDYsIjAiXSxbLTQ3LCJFdGMvVW5rbm93bixlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4%0D%0ALCIwLDAiXSxbLTQ5LCItIl0sWyJibmNoIiw2OF1d&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A282%2C%22y%22%3A4731%2C%22w%22%3A680%2C%22h%22%3A0%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=dJ3rnC6o25&sdd=%7B%7D&pto=1512
Requested by
Host: rock.defybrick.com
URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
ce9a77468145854567aacdd2566763baad0d40f143739a69080919805fc29310

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
text/javascript
pragma
no-cache
date
Mon, 23 Jan 2023 11:36:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1608
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
8c082bece010e3d7fb4120f165a47bb64f589a22abcef2935485c58eb544f246
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.myjoyonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.myjoyonline.com
date
Mon, 23 Jan 2023 11:36:14 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/ 		54 B
234 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:701:1000::96f , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2c04c546b4efce9f6c9ff078f7b639e2e128eb9fbaf9e858184e1ad775f55099

Request headers

Referer
https://www.myjoyonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.myjoyonline.com
date
Mon, 23 Jan 2023 11:36:15 GMT
content-length
54
vary
Origin
content-type
application/json
logo-200x120-3190df52.png
widget.sndcdn.com/assets/images/ Frame BC9F 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget.sndcdn.com/assets/images/logo-200x120-3190df52.png
Requested by
Host: w.soundcloud.com
URL: https://w.soundcloud.com/player/?url=https%3A//api.soundcloud.com/tracks/1428807427&color=%23ff5500&auto_play=false&hide_related=false&show_comments=true&show_user=true&show_reposts=false&show_teaser=true&visual=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-41.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a9e23dcec7b7d492b11006586bea4e4fe7de01f647f89c6aa84e186567b9da50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w.soundcloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 May 2022 11:03:38 GMT
x-amz-version-id
fjMLnrYDEAZSNPr67efuoC281aMLByHT
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
21169957
x-cache
Hit from cloudfront
content-length
3745
last-modified
Mon, 16 May 2022 07:11:00 GMT
server
AmazonS3
etag
"a1591e5274b36cfbae3e167dffe49970"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
5XRmizANKz5fHvY7cc494peXJDFhWIhFwN7pBio5ntjzsnMt0vu6Jw==
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1674473774899&sessionId=d969b226-d0a3-3c80-cec3-3aaacef41fb4&url=www.myjoyonline.com&cheqSource=1&cheqEvent=0&exitReason=3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 11:36:15 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
d0d91cac946b2d7eaad4971e9c578779
Content-Length
4
Expires
0
get
odb.outbrain.com/utils/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&srcUrl=https%3A%2F%2Fwww.myjoyonline.com%2Ffeed%2F&idx=0&rand=52015&key=NANOWDGT01&widgetJSId=AR_2&va=true&et=true&format=html&adblck=false&abwl=false&clid=d969b226-d0a3-3c80-cec3-3aaacef41fb4&fdu=www.myjoyonline.com&px=282&py=4731&vpd=3531&cw=680&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=201091&sig=rhhsHRIH&apv=false&&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
45fa01b9bf48281c8b7e8aed1e3240073804b9b24425361d55e02608b1fc0bf6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Mon, 23 Jan 2023 11:36:15 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1674473775.045369,VS0,VE114
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga13627-LGA, cache-fra-eddf8230037-FRA
x-traceid
8642fa1664af3de15b67c2c681e62246
accept-ranges
bytes
content-length
3033
expires
Thu, 01 Jan 1970 00:00:00 GMT
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&pid=jNoQYaeXx75vM&cb=0&ws=1600x1200&v=23.112.1442&t=2000&slots=%5B%7B%22sd%22%3A%22mjo-article-leaderboard_top%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F1002554%2FMyjoyonline%2Fmjo-article-leaderboard_top%22%7D%2C%7B%22sd%22%3A%22mjo-article-right_rectangle_top%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1002554%2FMyjoyonline%2Fmjo-article-right_rectangle_top%22%7D%2C%7B%22sd%22%3A%22mjo-article-right_rectangle_top1%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F1002554%2FMyjoyonline%2Fmjo-article-right_rectangle_top1%22%7D%2C%7B%22sd%22%3A%22mjo-article-right_rectangle_top2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1002554%2FMyjoyonline%2Fmjo-article-right_rectangle_top2%22%7D%2C%7B%22sd%22%3A%22mjo-article-left_rectangle_mid%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1002554%2FMyjoyonline%2Fmjo-article-left_rectangle_mid%22%7D%2C%7B%22sd%22%3A%22mjo-article-right_rectangle_mid%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F1002554%2FMyjoyonline%2Fmjo-article-right_rectangle_mid%22%7D%2C%7B%22sd%22%3A%22mjo-article-right_rectangle_mid1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1002554%2FMyjoyonline%2Fmjo-article-right_rectangle_mid1%22%7D%2C%7B%22sd%22%3A%22mjo-article-right_rectangle_mid2%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F1002554%2FMyjoyonline%2Fmjo-article-right_rectangle_mid2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1584539723739-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F1002554%2FMyjoyonline%2Fmjo-article-fluid%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1635764376135-0%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F1002554%2FMyjoyonline%2Fseedtag_myjoyonline_oop%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1649009341342-0%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F1002554%2FMyjoyonline%2Fmjo-article-1x1%22%7D%2C%7B%22sd%22%3A%22in-article%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1002554%2FMyjoyonline%2Fmjo-article-left_rectangle_mid1%22%7D%2C%7B%22sd%22%3A%22in-article1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1002554%2FMyjoyonline%2Fmjo-article-left_rectangle_mid1%22%7D%2C%7B%22sd%22%3A%22in-article2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1002554%2FMyjoyonline%2Fmjo-article-left_rectangle_mid1%22%7D%5D&pj=%7B%22adRefresh%22%3A%221%22%7D&schain=1.0%2C1!atunwadigital.com%2C1000000010%2C1%2C%2CAtunwa%2520Digital%2520LLC%2Catunwadigital.com&pubid=33ad62c7-3412-4428-a63e-5fe3c8ffc47f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-236.fra6.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:15 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA6-C1
x-amz-rid
NFA3HGBTJR5SMH7AS2VE
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.myjoyonline.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
thTB0TbP9Ta_SnC6_Ii6Fm-mI9UiNO-c7xDXGVdoHW3Wr_iM2ge0Zw==
1002554
fundingchoicesmessages.google.com/i/ 		122 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/1002554?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fbeefc618c29fd41bfef07437087f6ea3cee45a8a454c43763f82f01cb4b8750
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-t64yZcgbqXElpy-gwvIHAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:15 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-t64yZcgbqXElpy-gwvIHAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
39086-873205-634664-183403
api-widget.soundcloud.com/assignments/ Frame BC9F 		660 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-widget.soundcloud.com/assignments/39086-873205-634664-183403?layers=widget_listening&format=json&client_id=Iy5e1Ri4GTNgrafaXe4mLpmJLXbXEfBR&app_version=1673613681
Requested by
Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-c1e8ae630fae.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.14.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-14-48.vie50.r.cloudfront.net
Software
am/2 /
Resource Hash
21967403074915c562efb5adf32c0b1322faa7823e45fb6076ee375972ead008
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://w.soundcloud.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 11:36:15 GMT
Content-Encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
Via
1.1 4f41a6860ab116e6fd0a110c5ba1420a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
VIE50-P1
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
181
x-px-score
0
referrer-policy
no-referrer
Server
am/2
x-frame-options
DENY
access-control-max-age
1728000
Content-Type
application/json; charset=utf-8
access-control-allow-origin
https://w.soundcloud.com
access-control-allow-methods
DELETE, GET, PATCH, POST, PUT
access-control-expose-headers
Date
Cache-Control
private, max-age=0
access-control-allow-credentials
true
Vary
Origin
x-robots-tag
noindex
access-control-allow-headers
Authorization, Content-Type, Device-Locale, X-CSRF-Token
X-Amz-Cf-Id
bPxzrI5Jw41duopt_eucyM02sy8JZQ8fd5UbU1pLDe517n8wgGvl6g==
css2
fonts.googleapis.com/ Frame 341A 		3 KB
588 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600&display=swap
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5941bbcfc82fe73f86b9ae9564a319e9b39ece69f05473f767b85df011a208d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 23 Jan 2023 11:36:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 23 Jan 2023 10:03:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 23 Jan 2023 11:36:15 GMT
ping.gif
player-files.remixd.com/ Frame 341A 		43 B
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://player-files.remixd.com/ping.gif?action=playerImpression&userId=null&referrerUrl=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&domain=myjoyonline.com&adDuration=&inViewDuration=&sessionDuration=1&sessionId=884a29d7-d3a6-4bf9-a1da-0e554038c8ff&volume=null&speed=1&position=null&mediaLength=null&isAMP=false
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.38.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1d4a78769df11981630c482bfe090ec752e4a7401e15e79abd8d351f6e034903

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:15 GMT
x-guploader-uploadid
ADPycdubyETTw4Lw2vXLf8s9Fu-QOgodBgqAjfkUJH-W097XiC9IRTIrBs54L-HVzwx95bshWQCPOF-rzKOKR6qtUoldQw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
last-modified
Wed, 23 Oct 2019 15:45:02 GMT
server
UploadServer
etag
"cc8f8e28fe4d3aa85ca835a029fe08a5"
x-goog-generation
1571845502045744
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=CskzBw==, md5=zI+OKP5NOqhcqDWgKf4IpQ==
access-control-expose-headers
Content-Type
cache-control
no-cache, no-store, must-revalidate
x-goog-stored-content-length
43
accept-ranges
bytes
expires
Tue, 23 Jan 2024 11:36:15 GMT
ping.gif
player-files.remixd.com/ Frame 341A 		43 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://player-files.remixd.com/ping.gif?action=loading&userId=null&referrerUrl=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&domain=myjoyonline.com&adDuration=&inViewDuration=&sessionDuration=2&sessionId=884a29d7-d3a6-4bf9-a1da-0e554038c8ff&volume=null&speed=1&position=null&mediaLength=null&isAMP=false
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.38.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1d4a78769df11981630c482bfe090ec752e4a7401e15e79abd8d351f6e034903

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:15 GMT
x-guploader-uploadid
ADPycdtkeRSnWV6zB3Z8LHU70qeuBsJTVDsN3U3Bho5-ZrC0nfc5RUlme9coya_-Q-gsbCpcRj7Dx9hH_HWU66mmwq331g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
last-modified
Wed, 23 Oct 2019 15:45:02 GMT
server
UploadServer
etag
"cc8f8e28fe4d3aa85ca835a029fe08a5"
x-goog-generation
1571845502045744
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=CskzBw==, md5=zI+OKP5NOqhcqDWgKf4IpQ==
access-control-expose-headers
Content-Type
cache-control
no-cache, no-store, must-revalidate
x-goog-stored-content-length
43
accept-ranges
bytes
expires
Tue, 23 Jan 2024 11:36:15 GMT
ping.gif
player-files.remixd.com/ Frame 341A 		43 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://player-files.remixd.com/ping.gif?action=loaded&userId=null&referrerUrl=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&domain=myjoyonline.com&adDuration=&inViewDuration=&sessionDuration=3&sessionId=884a29d7-d3a6-4bf9-a1da-0e554038c8ff&volume=null&speed=1&position=null&mediaLength=null&isAMP=false
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.38.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1d4a78769df11981630c482bfe090ec752e4a7401e15e79abd8d351f6e034903

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:15 GMT
x-guploader-uploadid
ADPycdtcEk-TztqrDJrYMqY3YA5JCb1x-v_DRDGdoGdNf7hLPOJDPMZsEUToT9uBIR-fwAPV7lwZguw7iLvaYawuvwdPGg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
last-modified
Wed, 23 Oct 2019 15:45:02 GMT
server
UploadServer
etag
"cc8f8e28fe4d3aa85ca835a029fe08a5"
x-goog-generation
1571845502045744
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=CskzBw==, md5=zI+OKP5NOqhcqDWgKf4IpQ==
access-control-expose-headers
Content-Type
cache-control
no-cache, no-store, must-revalidate
x-goog-stored-content-length
43
accept-ranges
bytes
expires
Tue, 23 Jan 2024 11:36:15 GMT
collect
www.google-analytics.com/j/ 		2 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=2059873228&t=pageview&_s=1&dl=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ul=en-us&de=UTF-8&dt=BoG%20directs%20banks%20to%20unilaterally%20roll%20over%20COCOBOD%20investors%27%20bonds%20-%20MyJoyOnline.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=198854417&gjid=1248456038&cid=1501366706.1674473774&tid=UA-76317721-1&_gid=1980510038.1674473775&_r=1&_slc=1&gtm=2ou1i0&z=1706371891
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.myjoyonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.myjoyonline.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=2059873228&t=event&_s=2&dl=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ul=en-us&de=UTF-8&dt=BoG%20directs%20banks%20to%20unilaterally%20roll%20over%20COCOBOD%20investors%27%20bonds%20-%20MyJoyOnline.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Audio%20Article&ea=audio_article_loaded&el=Audio%20Article%20Player&_u=YADAAUABAAAAACAAI~&jid=&gjid=&cid=1501366706.1674473774&tid=UA-76317721-1&_gid=1980510038.1674473775&gtm=2ou1i0&z=942601852
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 10:07:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
5308
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
config.js
cdn.confiant-integrations.net/RNw7xiqRu-6_97G1pl1Hr7_2fbE/gpt_and_prebid/ 		122 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/RNw7xiqRu-6_97G1pl1Hr7_2fbE/gpt_and_prebid/config.js
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/static/prebid3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:106b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f62fd07dfa09c17b33bf5c23745a7e563edde4b0dded011e1d8e54cb133652b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Jan 2023 11:08:57 GMT
server
cloudflare
x-amz-request-id
SQ5A21896S7X2G8W
age
786
etag
W/"428978d12475657cecb4320413ee438f"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
78e03b067ca22bfe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
+stZZ9Y9eyi+ei9wvpzcF/Bb1lK8uVWZAWAr4ncepvdDdVOxQ6ain0BtYj3AL7ebWeN1NEedMI8=
/
id.a-mx.com/sync/ 		102 B
634 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.a-mx.com/sync/?tagId=&ref=null&u=https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/&v=7.28.0&vg=vuuklehb&us_privacy=null&gdpr=0&gdpr_consent=
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/static/prebid3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e03a20d6832e6408f2a260d8ab5d3621d9ea64252e3a27cfe451be34064d23c

Request headers

Referer
https://www.myjoyonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 23 Jan 2023 11:36:15 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dr50IxSjllt4roeugNs%2FAC%2Bw%2BcIpggfElOo3%2BoSsbcQVFDqu%2BfsBLbj1gqnWFJuY8FPOpg%2BdfOm8P1amIDFRpP7LO91hbhpUPznIgo359jxMB4A1tVzJmzP9b5rV28RjwlHEVZa8q1SbNw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,OPTIONS
access-control-allow-origin
*
content-type
application/json
cache-control
private,max-age=3600
access-control-allow-credentials
true
cf-ray
78e03b068b209a15-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
7cHqv4kjgoGqM7E3_-gs51os.woff2
fonts.gstatic.com/s/barlow/v12/ Frame 341A 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51os.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.myjoyonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:46:44 GMT
x-content-type-options
nosniff
age
308971
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20960
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:18:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Jan 2024 21:46:44 GMT
7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/ Frame 341A 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.myjoyonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 17:13:29 GMT
x-content-type-options
nosniff
age
584566
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21144
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:43:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Jan 2024 17:13:29 GMT
1065.json
id5-sync.com/g/v2/ 		216 B
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/1065.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
a9e1faa9ff9341bf201a5d6a70a64c967dea929167a480a499d44e9d05edcef3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.myjoyonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.myjoyonline.com
date
Mon, 23 Jan 2023 11:36:14 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202212211045/ 		216 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/RNw7xiqRu-6_97G1pl1Hr7_2fbE/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:106b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b59e31aeaca17f052e5e16fa1713cb48d45997454c26ae2876302420b77751c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 21 Dec 2022 15:47:15 GMT
server
cloudflare
x-amz-request-id
0FFB18QNAARP6GSD
age
928221
etag
W/"fa407ba001f2ac06196124f41d523471"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
78e03b06ccfb2bfe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
DW2dGSr5+LiEQqc+1WKQPOfVXNujKuX8uqkd/xboOZb5ctxwFbudPVObP6wNBnc0m1iDqmh1cug=
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1674473775176&sessionId=d969b226-d0a3-3c80-cec3-3aaacef41fb4&url=www.myjoyonline.com&cheqSource=1&cheqEvent=2&responseTime=845
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 11:36:15 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
caf44640f04262a723b5e39c3c5c1582
Content-Length
4
Expires
0
imp.gif
flint.defybrick.com/tracker/ 		43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flint.defybrick.com/tracker/imp.gif?e=37dfbd8ee84e00136deac332e9408d989225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163312714793d75066f578afe6d6e54719bd488ebd39e821da61c45085052aae2d05f91e4604299e5b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c82c1108f77f6aac91107ae9dceb17de50ae04eb9b1dc148d5cc79d62427d4cc66ca6f82d5e1a68dbde24c22a026b3eef92a5034b88530c1e740e2404055d65c5c80d3d4888fbc9227c32c90c6f5ae53df5f5b1aa35e64cfc6921871d0ba70f902e6974ec72dfd2b411a0ecd66eb5f8b9cfb7cead56f965ca9cfcbcb69ce010478e84b585c654173dca16fba4ed8cbcb25a89128f29d20d185f8b16f8cbbe1106665c7e85345d6b7045c4de2e1ad3ffa7ccfa918b0a26daf3bf86e8813915684f06d844f73f9fdcd35606e7d5173570054b7a6d5288a56f514091d36eaa85d8bcd0a06ffa4cdf8e93d81b2baee8cf9b3e309132ef12c87aa446f81447918d56541726fff67b27019c3f7dc658a64cb3888ad28d1a50e9f7b133c26027e7e80d2b7c9366921ef0a598781cbb1b1d64140cfa2b7798add302e9a94477e1aa6d4871278e9709755db58a66a8700988801f2ba7f&cb=1674473775176&cri=dJ3rnC6o25
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
date
Mon, 23 Jan 2023 11:36:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
widget-0-c70028204221.js
widget.sndcdn.com/ Frame BC9F 		203 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.sndcdn.com/widget-0-c70028204221.js
Requested by
Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-8-0b77473c9644.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-41.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
46ea76ed91252c472d6abeeef1484a8704b49ef56533fcb90edef5bc2a9fc0be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w.soundcloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 12:46:18 GMT
x-amz-version-id
MrNh0SSYno9xNiKf7HoDBfFZGjz_AQXI
content-encoding
gzip
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
859798
x-cache
Hit from cloudfront
last-modified
Fri, 13 Jan 2023 12:41:41 GMT
server
AmazonS3
etag
W/"81b2475e5603e94493ad6ad8a333d441"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding
x-amz-cf-id
E1V6xNLQF6a8hIqp6TC2K54Ec8v6YjbmKeOI1XbUfCyJNQHIblay-w==
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:15 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
990
expires
Wed, 22 Feb 2023 11:36:15 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
330 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=48d5b940698befb5267d8ea1f188ece2_4853_1674473775112&tm=1059&eT=0&widgetWidth=680&widgetHeight=40&widgetX=283&widgetY=4741&wRV=201091&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=2&rtt=280&oo=true&lo=855&odbreq=1647&odbres=1927&cet=4g&to=1674473773255&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 23 Jan 2023 11:36:15 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
1baf8ea9a40414df178ab0677b32bc25
Content-Length
2
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
streamFeed.js
widgets.outbrain.com/nanoWidget/201091/module/ 		254 B
488 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/201091/module/streamFeed.js?e=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8a90b3390e779e55dc8c1372fc0f62288b76cf4dfa1a691e9e9bc80e2d324ba7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:15 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 10:19:53 GMT
server
AkamaiNetStorage
etag
"80ae4b191ebacfba7528456628181d34:1674470970.339763"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
159
expires
Mon, 30 Jan 2023 11:36:15 GMT
ob_logo.svg
widgets.outbrain.com/images/widgetIcons/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo.svg
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
21a924ac651ba65e51a5c9b5ae4b51453eb9b957d5990001a85960df95603d13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:15 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"b79638966e0374c455e78107aee59bf4:1673369411.171576"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
7647
expires
Wed, 22 Feb 2023 11:36:15 GMT
AGSKWxUIc-9ZPdumgoV5907kvNUo0k3gD53JtHl_NrS3ryzqhkh47aCl-yzAE2PjkeXg0bB4jhG5iyQOgvuRzmlytio=
fundingchoicesmessages.google.com/f/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUIc-9ZPdumgoV5907kvNUo0k3gD53JtHl_NrS3ryzqhkh47aCl-yzAE2PjkeXg0bB4jhG5iyQOgvuRzmlytio=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc0NDczNzc1LDI0OTAwMDAwMF0sIkU4RTQxRDg2LTFBMzgtNDQ3Ni1BODc3LTlDMDIyRkZCRjNEMyIsbnVsbCxudWxsLFtudWxsLFs3XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsdHJ1ZSx0cnVlXSwiaHR0cHM6Ly93d3cubXlqb3lvbmxpbmUuY29tL21vbmllcy1wYWlkLWJ5LWNvY29ib2QtdG8taW52ZXN0b3JzLXdoby1wdXJjaGFzZWQtY29jb2EtYmlsbHMtd2l0aGRyYXduLyIsbnVsbCxbWzgsIlZRWnBPTk5LYTVzIl0sWzksImRlIl0sWzE2LCJbdHJ1ZSx0cnVlLHRydWVdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.VQZpONNKa5s.es5.O/d=1/rs=AJlcJMwAqzGD-EFp9fED4A54ILKgchR0Vw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
88c9d544b86bfe9622d5ff27db77308be057a5370e615e9b18f072246d366d88
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1vG8UEZ1BQ1qTQqQ3mR_1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:15 GMT
content-security-policy
script-src 'report-sample' 'nonce-1vG8UEZ1BQ1qTQqQ3mR_1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.myjoyonline.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.myjoyonline.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		24 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3316763044018593&correlator=1682310012156159&eid=31070909%2C31071324&output=ldjh&gdfp_req=1&vrg=2023011101&ptt=17&impl=fifs&npa=1&iu_parts=213794966%3A1002554%2Cvuukle-widget%2Cmyjoyonline.com&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=250x250%7C272x391%7C272x360%7C300x250%7C300x50%7C312x260%7C320x50%7C320x250%7C320x320%7C320x100%7C327x272%7C335x250%7C336x280%7C360x360%7C360x250%7C364x303%7C364x373%7C366x305%7C366x375%7C366x359%7C372x250%7C374x250%7C375x375%7C384x320%7C387x359%7C400x300%7C400x250%7C412x412%7C414x414%7C468x60%7C480x300%7C600x410%7C600x400%7C600x300&ifi=1&adks=109319723&sfv=1-0-40&prev_scp=adInView%3D0-24%2525%26impressionViewable%3D0%26refreshIteration%3D0&eri=5&cust_params=amznbid%3D0%26amznp%3D0%26url%3Dhttps%253A%252F%252Fwww.myjoyonline.com%252Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%252F%26words%3Dmonies%252Cpaid%252Cby%252Ccocobod%252Cto%252Cinvestors%252Cwho%252Cpurchased%252Ccocoa%252Cbills%252Cwithdrawn%26commit%3Ddeb96a281ec490c4c1393b617ae56cb66fa48b5a%26unblockia%3D0%26source%3Ddirect_internal%26CMP_accepted%3D0%26geo%3DDE%26device%3DDesktop%26order%3D7%26api_key%3D255be353-1ccf-4eea-af0c-86d618375550&sc=1&cookie_enabled=1&abxe=1&dt=1674473775324&dlt=1674473773606&idt=1305&adxs=498&adys=3580&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&frm=20&vis=1&psz=680x330&msz=680x0&fws=4&ohw=680&ga_vid=1501366706.1674473774&ga_sid=1674473775&ga_hid=2059873228&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
be36fa26bd14e5a187afea733b8f8b23b7a52026d366d7bbe03738c03e6512bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10445
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.myjoyonline.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8D7B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:36:15 GMT
expires
Tue, 23 Jan 2024 11:36:15 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
resolve
api-widget.soundcloud.com/ Frame BC9F 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-widget.soundcloud.com/resolve?url=https%3A//api.soundcloud.com/tracks/1428807427&format=json&client_id=Iy5e1Ri4GTNgrafaXe4mLpmJLXbXEfBR&app_version=1673613681
Requested by
Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-c1e8ae630fae.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.14.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-14-48.vie50.r.cloudfront.net
Software
am/2 /
Resource Hash
cfe869e50b9b346e9b128d60a63f479647e75060c39c8f5790cbc88796a54eed
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://w.soundcloud.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 11:36:15 GMT
Content-Encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
Via
1.1 4f41a6860ab116e6fd0a110c5ba1420a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
VIE50-P1
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
1428
x-px-score
0
referrer-policy
no-referrer
Server
am/2
x-frame-options
DENY
access-control-max-age
1728000
Content-Type
application/json; charset=utf-8
access-control-allow-origin
https://w.soundcloud.com
access-control-allow-methods
DELETE, GET, PATCH, POST, PUT
access-control-expose-headers
Date
Cache-Control
private, max-age=0
access-control-allow-credentials
true
Vary
Origin
x-robots-tag
noindex
access-control-allow-headers
Authorization, Content-Type, Device-Locale, X-CSRF-Token
X-Amz-Cf-Id
ykFola1ZDt9MdL4sAJc_1m_c1zEgc3YBEx-u8lSdy64nUY-49Z8-dg==
get
mv.outbrain.com/Multivac/api/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&settings=true&recs=true&widgetJSId=AR_2&key=NANOWDGT01&version=201091&apv=false&sig=rhhsHRIH&format=html&rand=50826&osLang=en-US&seid=null&va=true&et=true&cmpStat=0&ccpaStat=0&srcUrl=https%3A%2F%2Fwww.myjoyonline.com%2Ffeed%2F&scrW=1600&scrH=1200&t=NDhkNWI5NDA2OThiZWZiNTI2N2Q4ZWExZjE4OGVjZTI=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=0&lastCardIdx=0&fAB=11741-81572&layeredTestInfo=11741-81572-,12475-0-&clss=ChQfrzhMHLvZlxUou%2FY%2FqGw6D9qM%2BUlByZzGA7to2TBLFf3rgQlkH5xBPUrdubr6uo11IRd9jy7%2F4urz&dpr=1&cw=680&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&chs=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ed9afe72ae25dd8b41ac5605c97cfe49fe6e788966bac7ff1949b371371e3284

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Mon, 23 Jan 2023 11:36:15 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1674473775.377167,VS0,VE333
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga13627-LGA, cache-fra-eddf8230037-FRA
x-traceid
e4d09c3756b9871b030e1b5147fd61db
accept-ranges
bytes
content-length
15123
expires
Thu, 01 Jan 1970 00:00:00 GMT
avatars-ok9Bsb2DgkBhwnMM-Yda9rA-t500x500.jpg
i1.sndcdn.com/ Frame BC9F 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.sndcdn.com/avatars-ok9Bsb2DgkBhwnMM-Yda9rA-t500x500.jpg
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-8.fra56.r.cloudfront.net
Software
/
Resource Hash
d4e6f8e323458aa8091482ac77b79e4fa6c3a75ee375ada0db8ebec6222f7588

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w.soundcloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:58:25 GMT
via
1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
1935470
x-cache
Hit from cloudfront
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public,max-age=3628800
access-control-allow-headers
Accept, Accept-Encoding, Authorization, Content-Type, Origin
content-length
30093
x-amz-cf-id
5BC4LrOUwe6pTS650gW8i_dnANUOCnVFlZA9AxDDCyLeuHFp_0aDQQ==
share-b41e1876.svg
widget.sndcdn.com/assets/images/ Frame BC9F 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget.sndcdn.com/assets/images/share-b41e1876.svg
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-41.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b8791800987b9daa27029db8bf4599bd773b3110a72a4f5d1ea664509a74e65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w.soundcloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 16:28:59 GMT
x-amz-version-id
g4tT6_KFLMbQfPcoqSVGMaj1SybuUFV6
content-encoding
gzip
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
3092837
x-cache
Hit from cloudfront
last-modified
Mon, 12 Dec 2022 12:01:45 GMT
server
AmazonS3
etag
W/"9423d7e2eeb4c8673077486ceea2e516"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding
x-amz-cf-id
nvpYiVSzv2pRgcUVuZT-TORmUg5VzJV-m1uf9dbkAvfiIT3hrD0MXw==
truncated
/ Frame BC9F 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be3e74dbd9087c9f65fc9dd5ee31569b89224f667cab7edafd6ba15890201c2d

Request headers

Referer
Origin
https://w.soundcloud.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
font/woff
avatars-ok9Bsb2DgkBhwnMM-Yda9rA-t500x500.jpg
i1.sndcdn.com/ Frame BC9F 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.sndcdn.com/avatars-ok9Bsb2DgkBhwnMM-Yda9rA-t500x500.jpg
Requested by
Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-0-c70028204221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-8.fra56.r.cloudfront.net
Software
/
Resource Hash
d4e6f8e323458aa8091482ac77b79e4fa6c3a75ee375ada0db8ebec6222f7588

Request headers

Referer
https://w.soundcloud.com/
Origin
https://w.soundcloud.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:58:25 GMT
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
1935470
x-cache
Hit from cloudfront
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public,max-age=3628800
access-control-allow-headers
Accept, Accept-Encoding, Authorization, Content-Type, Origin
content-length
30093
x-amz-cf-id
BkfFhIK5RerUnzF6DBdJzquozlHZgqr1nMR51XfwTmTFndWhgeo3vQ==
hls
api-widget.soundcloud.com/media/soundcloud:tracks:1428807427/3bab078c-54a4-44c8-8241-fca5f32b2e27/stream/ Frame BC9F 		697 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-widget.soundcloud.com/media/soundcloud:tracks:1428807427/3bab078c-54a4-44c8-8241-fca5f32b2e27/stream/hls?client_id=Iy5e1Ri4GTNgrafaXe4mLpmJLXbXEfBR
Requested by
Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-c1e8ae630fae.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.14.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-14-48.vie50.r.cloudfront.net
Software
am/2 /
Resource Hash
56913dc37967caedea5906092ab3399d27f038baf0d1671eb566dedd125df7dc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w.soundcloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 11:36:15 GMT
Content-Encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
Via
1.1 4f41a6860ab116e6fd0a110c5ba1420a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
VIE50-P1
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
587
x-px-score
0
referrer-policy
no-referrer
Server
am/2
x-frame-options
DENY
access-control-max-age
1728000
Content-Type
application/json; charset=utf-8
access-control-allow-origin
https://w.soundcloud.com
access-control-allow-methods
DELETE, GET, PATCH, POST, PUT
access-control-expose-headers
Date
Cache-Control
private, max-age=0
access-control-allow-credentials
true
Vary
Origin
x-robots-tag
noindex
access-control-allow-headers
Authorization, Content-Type, Device-Locale, X-CSRF-Token
X-Amz-Cf-Id
-Vkg10sKDNoQdhg-q00S3LdxMWym3fg1sOuGYqG_8zOyjwJUJQwVCg==
avatars-ok9Bsb2DgkBhwnMM-Yda9rA-t500x500.jpg
i1.sndcdn.com/ Frame BC9F 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.sndcdn.com/avatars-ok9Bsb2DgkBhwnMM-Yda9rA-t500x500.jpg
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-8.fra56.r.cloudfront.net
Software
/
Resource Hash
d4e6f8e323458aa8091482ac77b79e4fa6c3a75ee375ada0db8ebec6222f7588

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w.soundcloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:58:25 GMT
via
1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
1935470
x-cache
Hit from cloudfront
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public,max-age=3628800
access-control-allow-headers
Accept, Accept-Encoding, Authorization, Content-Type, Origin
content-length
30093
x-amz-cf-id
cU9NNWcemWg4Ss519khvCM4N2ByXgRsMbOOcJco5ANIQGLENmIoXKA==
nqWNzLCXcvJG_m.json
wave.sndcdn.com/ Frame BC9F 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wave.sndcdn.com/nqWNzLCXcvJG_m.json
Requested by
Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-c1e8ae630fae.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-10.fra56.r.cloudfront.net
Software
am/2 /
Resource Hash
be26b6303ebfdff0716d97fb203fcbe8bade41f925107ae54077874c79015b19

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://w.soundcloud.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 18:45:37 GMT
Content-Encoding
gzip
Via
1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P7
Age
233438
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Server
am/2
Vary
Accept-Encoding
access-control-allow-methods
GET
Content-Type
application/json
access-control-allow-origin
*
Cache-Control
public, max-age=155520000
access-control-allow-headers
Accept, Accept-Encoding, Authorization, Content-Type, Origin
X-Amz-Cf-Id
kw0DICc3BroWlOvlXdyx09nkbqNnWi1sh4T6e7mKg7-z4yyUcFKrgA==
reel.js
widgets.outbrain.com/nanoWidget/201091/module/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/201091/module/reel.js?e=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
88b45b1b574945d5d914360068abd2e2c0225c98a443715015b15ce0666d3b9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:15 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 10:19:53 GMT
server
AkamaiNetStorage
etag
"cbae3f6b3820bd43c0340287d8aaca73:1674470959.810995"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
8689
expires
Mon, 30 Jan 2023 11:36:15 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
330 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=969350d28020b191711db9a0a1df6dc8_4853_1674473775607&tm=1601&eT=0&widgetWidth=680&widgetHeight=453&widgetX=283&widgetY=4793&wRV=201091&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=351&oo=true&lo=855&odbreq=1647&odbres=1927&mvreq=2115&mvres=2468&re=2471&cet=4g&cs=1&to=1674473773255&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 23 Jan 2023 11:36:15 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
0407a2a268da5b2c118ee624baa500de
Content-Length
2
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
avatars-ok9Bsb2DgkBhwnMM-Yda9rA-t500x500.jpg
i1.sndcdn.com/ Frame BC9F 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.sndcdn.com/avatars-ok9Bsb2DgkBhwnMM-Yda9rA-t500x500.jpg
Requested by
Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-0-c70028204221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-8.fra56.r.cloudfront.net
Software
/
Resource Hash
d4e6f8e323458aa8091482ac77b79e4fa6c3a75ee375ada0db8ebec6222f7588

Request headers

Referer
https://w.soundcloud.com/
Origin
https://w.soundcloud.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 01:58:25 GMT
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
1935470
x-cache
Hit from cloudfront
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public,max-age=3628800
access-control-allow-headers
Accept, Accept-Encoding, Authorization, Content-Type, Origin
content-length
30093
x-amz-cf-id
vhKqGQL6L_HBNCA31ZB9zvARa-S7ab40iC3HWepmqMOfeqv7PfF5Rg==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:21:41 GMT
via
1.1 google
age
874
x-guploader-uploadid
ADPycdtuAdxAxsdx8wDEG6biT5D44S2o2HHKfI0ibf3GtnUJjrxkxE8J8EkvqwQdKHOFdiMzP7ePQv1oORtJlowHHQJFectmR5c1
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1258
last-modified
Fri, 29 Jul 2022 16:55:09 GMT
server
UploadServer
etag
"f5bc066f146e3dbb049aa6c86c7012e6"
x-goog-generation
1659113709880056
x-goog-hash
crc32c=6QojvA==, md5=9bwGbxRuPbsEmqbIbHAS5g==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
1258
accept-ranges
bytes
expires
Mon, 23 Jan 2023 12:21:41 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-7.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4ea737ac05e8ee5e490220d97b820834c18cd7c6f1da7d85007a51a5c64425df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 06:09:48 GMT
content-encoding
gzip
via
1.1 63cf97e5788a160a76e89d4e12e2ca28.cloudfront.net (CloudFront)
last-modified
Thu, 05 Jan 2023 20:08:05 GMT
server
AmazonS3
x-amz-cf-pop
AMS50-C1
age
19588
x-amz-server-side-encryption
AES256
etag
W/"87ee016ad429d1c83712b8d81ccb3c59"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
cIRBCIfwE3-ZAXdGbea-XgIbz6JuXC4-09cv2Xffngp6H6JOEXqv5w==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:e000:a:e047:752:5701 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 04:07:40 GMT
Via
1.1 429f4d0dffb8bf0b68cf2d9d500542f8.cloudfront.net (CloudFront)
Last-Modified
Mon, 23 Jan 2023 04:07:36 GMT
Server
AmazonS3
X-Amz-Cf-Pop
VIE50-P1
Age
26916
ETag
"aded621b17723f487b3c9d0e43cf2f94"
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1859
X-Amz-Cf-Id
pHHDz1oweY8ch7QSUx_dE1i0BHzfxuG6ViaMDsiWxhzU3gyQN3FC_A==
esp.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc871e89201aa44e7380e81e7f7846c4164e5a5d3374ba722a90e518ad48feae
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:15 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 18 Jan 2023 10:47:58 GMT
server
cloudflare
x-amz-request-id
SA6HX3EQ47WC1XE3
age
2845
etag
W/"854d94282c6b6d99cd8ba33bb311e621"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
78e03b0a7c45902e-FRA
x-amz-id-2
79htdQ19spsqbMsNoVBRii35mzPQHvikWi7aJxn5SqG/UqOCZhz0q3HBXssmXjmjVXk3tTNwmSU=
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9584
x-jsd-version
master
content-encoding
br
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230064-FRA, cache-yyz4527-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9mhvr6vfLXepoxkqDSzR4GJ2Y8GARvGcNM%2Fy1gXrqDD%2FQY25TopYPoUsoNsdzv%2B%2F7fAGCGByHVTaFdYUftgSVgAlh2b0qb3DbUUSKn5eMvYi%2FaBq7DDhkXAdwWVh2GeKO9Grq%2BvDNpuhKguf%2F7Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
78e03b0aa8db926b-FRA
publishertag.ids.js
static.criteo.net/js/ld/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
7ea9327b36f8ea3355ad8a33cf7bd5735cbf2e11ed96744279181a0fedd2401e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 18 Jan 2023 01:20:50 GMT
server
nginx
etag
W/"63c74972-9c1f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 24 Jan 2023 11:36:15 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 20:50:09 GMT
content-encoding
gzip
age
1349166
x-guploader-uploadid
ADPycdt6iN4_QwReAjSC_LRG7vKFAXTDxCKMV2GXbUWI2CZkbUxvp16CdJB4GM5IU0zxTYK5GU9096eqDzRaDtbKrSxd5sgqSB-S
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sun, 07 Jan 2024 20:50:09 GMT
container.html
bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 626A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:36:15 GMT
expires
Tue, 23 Jan 2024 11:36:15 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
playlist.m3u8
cf-hls-media.sndcdn.com/playlist/nqWNzLCXcvJG.128.mp3/ Frame BC9F 		27 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cf-hls-media.sndcdn.com/playlist/nqWNzLCXcvJG.128.mp3/playlist.m3u8?Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiKjovL2NmLWhscy1tZWRpYS5zbmRjZG4uY29tL3BsYXlsaXN0L25xV056TENYY3ZKRy4xMjgubXAzL3BsYXlsaXN0Lm0zdTgqIiwiQ29uZGl0aW9uIjp7IkRhdGVMZXNzVGhhbiI6eyJBV1M6RXBvY2hUaW1lIjoxNjc0NDc0MjYxfX19XX0_&Signature=cv6HtxrDyXMfJ5n-OksFZJcmJJ8V10J51B1Z85UOJ87MT0wNdOGBRlE9rQuH3Y-2xfV27KDtVROoxfXb~VqExrMmtX~ZAo-ddrelR2~av6YmLPdMaeK2ohvL1fP8Ji0OMaTzJwvpsYDCO3frRCXt9gcFZfuV1U-n9XPCkq4oLlQHzC7NPr7HWL~h4XlmGh0K7ourYqqOEVWWpZfQjtTASgf4w-zNaZ0KjvnisZf3Law5c0MJ-n4TZgroDdXukKV72eXaqicj9yBjyQe34rq-Yw~0YuB6BbftSa~7VrekC~hUy~URWNSk2UUTMQdFohOvzdL-a2Eq6RkbJYcJ4YcsPQ__&Key-Pair-Id=APKAI6TU7MMXM5DG6EPQ
Requested by
Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-c1e8ae630fae.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-93.ams50.r.cloudfront.net
Software
am/2 /
Resource Hash
162d35904e34b72b5b900f50aac75b5a52ed6a57e8d9af9a4e66ecf9e7d2d949
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w.soundcloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:15 GMT
content-encoding
gzip
via
1.1 631cbe67f42dc4b925732ef1044517ca.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000
x-amz-cf-pop
AMS50-C1
x-cache
Miss from cloudfront
content-length
1231
x-sc-cache
Hit
server
am/2
etag
1ce1e6c62658589c9f7805706141fa71e4270c01
allow
GET, OPTIONS
access-control-allow-methods
GET, OPTIONS
content-type
audio/mpegurl
access-control-allow-origin
*
cache-control
no-cache
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type, Origin, X-SC-Auth
x-amz-cf-id
WUEUPiqWuopqKnl6A8MoVoKA4uP9u-h_5yzlsF1sLvRgf7SxF9AN7g==
comments
api-widget.soundcloud.com/tracks/1428807427/ Frame BC9F 		51 B
987 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-widget.soundcloud.com/tracks/1428807427/comments?filter_replies=1&threaded=0&limit=100&offset=0&linked_partitioning=1&format=json&client_id=Iy5e1Ri4GTNgrafaXe4mLpmJLXbXEfBR&app_version=1673613681
Requested by
Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-c1e8ae630fae.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.14.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-14-48.vie50.r.cloudfront.net
Software
am/2 /
Resource Hash
ae1663cbcdbdca7f194a1bb69d2176228b1562f3a88a7be212c3c3a474e0cafd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://w.soundcloud.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 11:36:16 GMT
Content-Encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
Via
1.1 4f41a6860ab116e6fd0a110c5ba1420a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
VIE50-P1
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
73
x-px-score
0
referrer-policy
no-referrer
Server
am/2
x-frame-options
DENY
access-control-max-age
1728000
Content-Type
application/json; charset=utf-8
access-control-allow-origin
https://w.soundcloud.com
access-control-allow-methods
DELETE, GET, PATCH, POST, PUT
access-control-expose-headers
Date
Cache-Control
private, max-age=0
access-control-allow-credentials
true
Vary
Origin
x-robots-tag
noindex
access-control-allow-headers
Authorization, Content-Type, Device-Locale, X-CSRF-Token
X-Amz-Cf-Id
HsmqGklaHKV5Ne3KeK7JCPtjtkrKgAJ7hHU8kpF_V4cn6iq6dEFvuA==
increment
id5-sync.com/api/esp/ 		0
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.myjoyonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.myjoyonline.com
date
Mon, 23 Jan 2023 11:36:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
adview
securepubads.g.doubleclick.net/pagead/ Frame 626A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CwRKbL3HOY5_QF9WB1wbJiJaQBcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzQ5NDUyMDQ2ODc4ODU4OcgBCakCh0FETJ02sj7gAgCoAwGqBJ4CT9CDQEA2F6CiS03fcuNjWv-M13n9MeKbgihU4tsjy1NesE6rVgPV69LhybeRgDWTVBdLQ32oYKmvAgBK7un---YpnHJB2ElDKsf6MkewZwVQTe83XaBbg3_Wnc3kK6Skd7eOrmAn0dxftWu16g7j8fnfdGyJYpDHiLr5gwr91CIXg0_dogv9zpYSYZ5MR8XbUJ8UwMXYTRcTdJ6UbjMyyGEkEWbW3R8aoG-qYEDacq0k5nyROnid8KDtDLOrMhDGglWZkeZwZzDnywlJ8_uP4ffyPiZ7ZqoqO9rCNmCAOF-YKlyoJotOh43G0HqDAFTXF8yd8dS0X7L4MBDuk6bljamGgGRrUmnbnRe0JA6LY-02P4vgL7rrYhgBLSvy5OAEAYAGoI2n_vjxze0NoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPIIG2FkeC1zdWJzeW4tOTcxMzQ0MDg1Njk3OTM4OYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zNDk0NTIwNDY4Nzg4NTg5GIanJQ&sigh=1_YpAZOPbfM&uach_m=[UACH]&cid=CAQSSwDq26N9o7Cj9FyCypgE_t3NgtJdj3CBcJdd95fNi6ubOdfx2ZAvD-0nnlfvcirjJE0r9QXz1ltrRVS-wYP-p6GUXoQjYiY1e7rUHRgBIBM
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 626A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k5ClCYS9E8QEkAOdg2ICAgAAABCTb-q7CO-2_t-13JGyMWAQLnHOYyPRqSGbpvR6l0wFABIAAA&wp=Y85xLwAF6B8K1cDVAAWESV38RGSqtJvz0hTmhw
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
186331
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 5406 		147 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y85xLwAF6B8K1cDVAAWESV38RGSqtJvz0hTmhw&u=%7C%2B1r8AbcyCU%2Fyrrp2EGfX3EzB7NiWIiQynRgh0K6LNt4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wc5uWn_xvlGGaP1kpXQJHZYp1FrZqLzuHSzWkkvyaZkcwSbSVGTHLF90HikB_XExokQwtpVRF14-sJBO_BPv_WI4svRyDV8WZgRTPmVPNwsNEa8osjErTwFkNdHUO4jUiXb25aKJIm46C3a0hPYQ2L2-pAbGoJr2vZXdaW1iVAkNtpWE7MgQmRC5BREJIyCZycQEC81TJWeV3D7-XgcnTC4t-7CkQZ_kPuZ1Tfxj21s0-xJvNMU1ddpgS1IADpwfbmKo8Kc4ALltgzaphYmZd6Ywvuew3M69R-yx4wFj7gf-GfzvPbJzUV6bi4nNai-tnccMBvR0YCFjli2gcluJwgy0HZu7xkMVztslI31HcCrNDOjJdY8Fhvpuu9fDmLZjrdaeruN86Hq7mKz1NBaPQFwIlfNP9ISwrFwxnBIBAVChITEbyApbh5wZjbA51mAu0sPKxIs5tlZQ33cKs4fQ5YuSJRn03Jtsrqs35zy2nIgVa0_CdlmXA4_AeLw1nTmh0sdxPmdscivsTkc5X9WJ6yC0EXx8Cn4ZffraWml5FX9XZJN-O3f7_C2_Q7MErbX7I0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCc2ZL3HOY5_QF9WB1wbJiJaQBcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzQ5NDUyMDQ2ODc4ODU4OcgBCakCh0FETJ02sj7gAgCoAwGqBKECT9CDQEA2F6CiS03fcuNjWv-M13n9MeKbgihU4tsjy1NesE6rVgPV69LhybeRgDWTVBdLQ32oYKmvAgBK7un---YpnHJB2ElDKsf6MkewZwVQTe83XaBbg3_Wnc3kK6Skd7eOrmAn0dxftWu16g7j8fnfdGyJYpDHiLr5gwr91CIXg0_dogv9zpYSYZ5MR8XbUJ8UwMXYTRcTdJ6UbjMyyGEkEWbW3R8aoG-qYEDacq0k5nyROnid8KDtDLOrMhDGglWZkeZwZzDnywlJ8_uP4ffyPiZ7ZqoqO9rCNmCAOF-YKlyoJotOh43G0HqDAFTXF8yd8dS0X7K6MjF8FCl5nhYalMe7b88jlAO-kgSle2-C97ZG3QX1TgCEh6_hW5GQE-AEAYAGoI2n_vjxze0NoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPIIG2FkeC1zdWJzeW4tOTcxMzQ0MDg1Njk3OTM4OfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2DJr1FQmT2UqiRHB0qqYtJGipskw%26client%3Dca-pub-3494520468788589%26adurl%3D
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
fea8098ef6414bd55168c6366e9c3f12bd7e3e62f0484c00629ff91140882fb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:36:15 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=L69BWQXusI_8grF4HNABg66fxOyOPa9Aw1mdxsta-AMr0zQ6wZ-HW03jBwrxYbd-twizEeW5ZH75lSPjSwaWOJsxtAOJixVMnMSAvCLLNWbmwH7E2QOsguYjA2ryVrd2XUMHNR8DoUDQjlj39UNo9zLsSpTCG0v7YdKcss-Wt4UxTcQc5SrKSB7Ouo2MlOnf-OK9QOQ2rNc_heCccI_-NVx-WZrCicCWzd7pCh66ZGfXl4DzVL_QCiL21L1JfPHEtezyLg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
85860553
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 626A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:19:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
1009
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 11:19:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 626A 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:18:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
11895
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7515
x-xss-protection
0
server
cafe
etag
5914713042212191929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:18:01 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 626A 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 08:20:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
270952
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 20 Jan 2024 08:20:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 626A 		155 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 11:36:16 GMT
encrypt
esp.rtbhouse.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.myjoyonline.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://www.myjoyonline.com
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Mon, 23 Jan 2023 11:36:16 GMT
server
Google Frontend
vary
Origin
via
1.1 google
x-cloud-trace-context
891234d9b071f5dfc6e4d1e66ddfea16
encrypt
esp.rtbhouse.com/ 		285 B
379 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
5f6b7bd800a4dea355d7119dec8eee8a8f2a3d2a95d1d0ad9e3cd6b269d7c6ca

Request headers

Referer
https://www.myjoyonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 23 Jan 2023 11:36:16 GMT
via
1.1 google
server
Google Frontend
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
f32c884c0ab9ee237bee03c0c9da88ec
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
285
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&rid=esp&cc=1
85 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&rid=esp&cc=1
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
f4e3851c7d081b8fce608c800b52c9387e2412b96eda2a599d25badd7c212776

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:16 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-H1RQIPdGOHlJB9ejYi4KgqrJ/+g"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.myjoyonline.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Mon, 23 Jan 2023 11:36:16 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.myjoyonline.com
location
/esp?url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
map
bcp.crwdcntrl.net/6/ 		60 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.217.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-217-189.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
702c7b4ba4ebf79c8e25e5d8ea1c6287e193caa175942c0f27ac2a98a68fd551

Request headers

Referer
https://www.myjoyonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:16 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.myjoyonline.com
cache-control
no-cache
x-server
10.45.13.132
access-control-allow-credentials
true
content-length
60
expires
0
events
bidder.criteo.com/csm/ 		0
221 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.myjoyonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 23 Jan 2023 11:36:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.myjoyonline.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
syncframe
gum.criteo.com/ Frame DC1B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.myjoyonline.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:36:15 GMT
server
Kestrel
server-processing-duration-in-ticks
815723
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
nqWNzLCXcvJG.128.mp3
cf-hls-media.sndcdn.com/media/159660/0/31762/ Frame BC9F 		31 KB
31 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cf-hls-media.sndcdn.com/media/159660/0/31762/nqWNzLCXcvJG.128.mp3?Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiKjovL2NmLWhscy1tZWRpYS5zbmRjZG4uY29tL21lZGlhLzE1OTY2MC8qLyovbnFXTnpMQ1hjdkpHLjEyOC5tcDMiLCJDb25kaXRpb24iOnsiRGF0ZUxlc3NUaGFuIjp7IkFXUzpFcG9jaFRpbWUiOjE2NzQ0NzQyNjJ9fX1dfQ__&Signature=QTwndsM0-VGpI5eKJrsS1Tmj5owBcbwpUrpGde6G-wmksL4DlaUtATmSb4ffz8IRg45Jjdq9RsfynuZ68qS0QaBqs0CIpl6gPQLwcf8-Lcyw7LCMc-GJSGVJJMKZ890un~QI0WSnq-aX4~QSZPLSnRwBkcv8uiQDUDOuDerSIy~kR4lLl4eJByZH0O7N-XePWngG61-6MF103ZDRiJuRJ2MH02WbfIrRJZ6hQ79c071zBO~zLL3hWO65mNKxQHM44kMp5Tyf7LmVXAvVJiJh7bJPwPFcXJIeh1ChFwZjVvtdPjihXwq2nhYtDnD2aV~PmGoa5frlIO~d8G9Jf~cQhw__&Key-Pair-Id=APKAI6TU7MMXM5DG6EPQ
Requested by
Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-c1e8ae630fae.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-93.ams50.r.cloudfront.net
Software
am/2 /
Resource Hash
b604b5779057ccd5007d7d872e9c8b2a2344c98fb13922686133973e42e8778b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w.soundcloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 18:54:59 GMT
strict-transport-security
max-age=63072000
via
1.1 631cbe67f42dc4b925732ef1044517ca.cloudfront.net (CloudFront)
server
am/2
x-amz-cf-pop
AMS50-C1
age
60077
allow
GET, OPTIONS
access-control-allow-methods
GET, OPTIONS
content-type
audio/mpeg
access-control-allow-origin
*
x-cache
Hit from cloudfront
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type, Origin, X-SC-Auth
content-length
31763
x-amz-cf-id
58ITUPRBbjo_5y78GmuRlzmBEsqUIaToO_MBQXi2DNB51JUuFpONfA==
nqWNzLCXcvJG.128.mp3
cf-hls-media.sndcdn.com/media/159660/31763/79410/ Frame BC9F 		47 KB
47 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cf-hls-media.sndcdn.com/media/159660/31763/79410/nqWNzLCXcvJG.128.mp3?Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiKjovL2NmLWhscy1tZWRpYS5zbmRjZG4uY29tL21lZGlhLzE1OTY2MC8qLyovbnFXTnpMQ1hjdkpHLjEyOC5tcDMiLCJDb25kaXRpb24iOnsiRGF0ZUxlc3NUaGFuIjp7IkFXUzpFcG9jaFRpbWUiOjE2NzQ0NzQyNjJ9fX1dfQ__&Signature=QTwndsM0-VGpI5eKJrsS1Tmj5owBcbwpUrpGde6G-wmksL4DlaUtATmSb4ffz8IRg45Jjdq9RsfynuZ68qS0QaBqs0CIpl6gPQLwcf8-Lcyw7LCMc-GJSGVJJMKZ890un~QI0WSnq-aX4~QSZPLSnRwBkcv8uiQDUDOuDerSIy~kR4lLl4eJByZH0O7N-XePWngG61-6MF103ZDRiJuRJ2MH02WbfIrRJZ6hQ79c071zBO~zLL3hWO65mNKxQHM44kMp5Tyf7LmVXAvVJiJh7bJPwPFcXJIeh1ChFwZjVvtdPjihXwq2nhYtDnD2aV~PmGoa5frlIO~d8G9Jf~cQhw__&Key-Pair-Id=APKAI6TU7MMXM5DG6EPQ
Requested by
Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-c1e8ae630fae.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-93.ams50.r.cloudfront.net
Software
am/2 /
Resource Hash
0352a8b11babe6354d371e00d9c273412d9606f150f710bd738866ae5fa3399b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w.soundcloud.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 18:55:02 GMT
strict-transport-security
max-age=63072000
via
1.1 631cbe67f42dc4b925732ef1044517ca.cloudfront.net (CloudFront)
server
am/2
x-amz-cf-pop
AMS50-C1
age
60073
allow
GET, OPTIONS
access-control-allow-methods
GET, OPTIONS
content-type
audio/mpeg
access-control-allow-origin
*
x-cache
Hit from cloudfront
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type, Origin, X-SC-Auth
content-length
47648
x-amz-cf-id
7TYElXqvoNlA_nAKHhpyJco6fEVts6w-IS1o4TbLhejL0RweCTmcow==
sid
mug.criteo.com/ Frame DC1B
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=myjoyonline.com&sn=ChromeSyncframe&so=0&topUrl=www.myjoyonline.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=i6aIJHw1S08rMjUvbEpEUHJiYmI4THlaVzQxUkY1bnBmLzdSNGZmdUdVSzl1V25EOVNNR1FKd0VQZFRpU3pxY0g0b2luVnhTL1BZbk51SFExOEtxU3UyWFZCbjR2VnNLYTFJZHJ3d3YydkpjNytXN3dmUzJZZzFpT1A3Nj...
423 B
653 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=i6aIJHw1S08rMjUvbEpEUHJiYmI4THlaVzQxUkY1bnBmLzdSNGZmdUdVSzl1V25EOVNNR1FKd0VQZFRpU3pxY0g0b2luVnhTL1BZbk51SFExOEtxU3UyWFZCbjR2VnNLYTFJZHJ3d3YydkpjNytXN3dmUzJZZzFpT1A3NjZIeVY0Mmx1cUxTcVhaYzJqSjJnc01LaU1PbUtjV3o5eEhLd2twMG9qR01zL0tGUGJIbEhQeWcxZVQzRVlSYTh1eCtoVUgxUmlXclpDaXc3NG42MnBkK0RtS00rTC82KzZKSTdsL0NwQkZOem1nMjRkMUtVWnA4ZWJlQm45N3pnYmw3bEFMcWVzMk5GUFNwdE1RSEFpK0NSOCtnckFBdz09fA&cppv=2
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2d02f1e3c0ea583351f54ebddfac7a060ebc033d94fe688174d19e2c7e02f5ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:15 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2601001
expires
0

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:15 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=i6aIJHw1S08rMjUvbEpEUHJiYmI4THlaVzQxUkY1bnBmLzdSNGZmdUdVSzl1V25EOVNNR1FKd0VQZFRpU3pxY0g0b2luVnhTL1BZbk51SFExOEtxU3UyWFZCbjR2VnNLYTFJZHJ3d3YydkpjNytXN3dmUzJZZzFpT1A3NjZIeVY0Mmx1cUxTcVhaYzJqSjJnc01LaU1PbUtjV3o5eEhLd2twMG9qR01zL0tGUGJIbEhQeWcxZVQzRVlSYTh1eCtoVUgxUmlXclpDaXc3NG42MnBkK0RtS00rTC82KzZKSTdsL0NwQkZOem1nMjRkMUtVWnA4ZWJlQm45N3pnYmw3bEFMcWVzMk5GUFNwdE1RSEFpK0NSOCtnckFBdz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
647826
content-length
0
expires
0
truncated
/ Frame 626A 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fba938b48470da3a351326f572c6da242c9bf9a79829c1d429cb8c5dff68f919

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 5406 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y85xLwAF6B8K1cDVAAWESV38RGSqtJvz0hTmhw&u=%7C%2B1r8AbcyCU%2Fyrrp2EGfX3EzB7NiWIiQynRgh0K6LNt4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wc5uWn_xvlGGaP1kpXQJHZYp1FrZqLzuHSzWkkvyaZkcwSbSVGTHLF90HikB_XExokQwtpVRF14-sJBO_BPv_WI4svRyDV8WZgRTPmVPNwsNEa8osjErTwFkNdHUO4jUiXb25aKJIm46C3a0hPYQ2L2-pAbGoJr2vZXdaW1iVAkNtpWE7MgQmRC5BREJIyCZycQEC81TJWeV3D7-XgcnTC4t-7CkQZ_kPuZ1Tfxj21s0-xJvNMU1ddpgS1IADpwfbmKo8Kc4ALltgzaphYmZd6Ywvuew3M69R-yx4wFj7gf-GfzvPbJzUV6bi4nNai-tnccMBvR0YCFjli2gcluJwgy0HZu7xkMVztslI31HcCrNDOjJdY8Fhvpuu9fDmLZjrdaeruN86Hq7mKz1NBaPQFwIlfNP9ISwrFwxnBIBAVChITEbyApbh5wZjbA51mAu0sPKxIs5tlZQ33cKs4fQ5YuSJRn03Jtsrqs35zy2nIgVa0_CdlmXA4_AeLw1nTmh0sdxPmdscivsTkc5X9WJ6yC0EXx8Cn4ZffraWml5FX9XZJN-O3f7_C2_Q7MErbX7I0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCc2ZL3HOY5_QF9WB1wbJiJaQBcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzQ5NDUyMDQ2ODc4ODU4OcgBCakCh0FETJ02sj7gAgCoAwGqBKECT9CDQEA2F6CiS03fcuNjWv-M13n9MeKbgihU4tsjy1NesE6rVgPV69LhybeRgDWTVBdLQ32oYKmvAgBK7un---YpnHJB2ElDKsf6MkewZwVQTe83XaBbg3_Wnc3kK6Skd7eOrmAn0dxftWu16g7j8fnfdGyJYpDHiLr5gwr91CIXg0_dogv9zpYSYZ5MR8XbUJ8UwMXYTRcTdJ6UbjMyyGEkEWbW3R8aoG-qYEDacq0k5nyROnid8KDtDLOrMhDGglWZkeZwZzDnywlJ8_uP4ffyPiZ7ZqoqO9rCNmCAOF-YKlyoJotOh43G0HqDAFTXF8yd8dS0X7K6MjF8FCl5nhYalMe7b88jlAO-kgSle2-C97ZG3QX1TgCEh6_hW5GQE-AEAYAGoI2n_vjxze0NoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPIIG2FkeC1zdWJzeW4tOTcxMzQ0MDg1Njk3OTM4OfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2DJr1FQmT2UqiRHB0qqYtJGipskw%26client%3Dca-pub-3494520468788589%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 18 Jan 2024 11:36:16 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 5406 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y85xLwAF6B8K1cDVAAWESV38RGSqtJvz0hTmhw&u=%7C%2B1r8AbcyCU%2Fyrrp2EGfX3EzB7NiWIiQynRgh0K6LNt4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wc5uWn_xvlGGaP1kpXQJHZYp1FrZqLzuHSzWkkvyaZkcwSbSVGTHLF90HikB_XExokQwtpVRF14-sJBO_BPv_WI4svRyDV8WZgRTPmVPNwsNEa8osjErTwFkNdHUO4jUiXb25aKJIm46C3a0hPYQ2L2-pAbGoJr2vZXdaW1iVAkNtpWE7MgQmRC5BREJIyCZycQEC81TJWeV3D7-XgcnTC4t-7CkQZ_kPuZ1Tfxj21s0-xJvNMU1ddpgS1IADpwfbmKo8Kc4ALltgzaphYmZd6Ywvuew3M69R-yx4wFj7gf-GfzvPbJzUV6bi4nNai-tnccMBvR0YCFjli2gcluJwgy0HZu7xkMVztslI31HcCrNDOjJdY8Fhvpuu9fDmLZjrdaeruN86Hq7mKz1NBaPQFwIlfNP9ISwrFwxnBIBAVChITEbyApbh5wZjbA51mAu0sPKxIs5tlZQ33cKs4fQ5YuSJRn03Jtsrqs35zy2nIgVa0_CdlmXA4_AeLw1nTmh0sdxPmdscivsTkc5X9WJ6yC0EXx8Cn4ZffraWml5FX9XZJN-O3f7_C2_Q7MErbX7I0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCc2ZL3HOY5_QF9WB1wbJiJaQBcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzQ5NDUyMDQ2ODc4ODU4OcgBCakCh0FETJ02sj7gAgCoAwGqBKECT9CDQEA2F6CiS03fcuNjWv-M13n9MeKbgihU4tsjy1NesE6rVgPV69LhybeRgDWTVBdLQ32oYKmvAgBK7un---YpnHJB2ElDKsf6MkewZwVQTe83XaBbg3_Wnc3kK6Skd7eOrmAn0dxftWu16g7j8fnfdGyJYpDHiLr5gwr91CIXg0_dogv9zpYSYZ5MR8XbUJ8UwMXYTRcTdJ6UbjMyyGEkEWbW3R8aoG-qYEDacq0k5nyROnid8KDtDLOrMhDGglWZkeZwZzDnywlJ8_uP4ffyPiZ7ZqoqO9rCNmCAOF-YKlyoJotOh43G0HqDAFTXF8yd8dS0X7K6MjF8FCl5nhYalMe7b88jlAO-kgSle2-C97ZG3QX1TgCEh6_hW5GQE-AEAYAGoI2n_vjxze0NoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPIIG2FkeC1zdWJzeW4tOTcxMzQ0MDg1Njk3OTM4OfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2DJr1FQmT2UqiRHB0qqYtJGipskw%26client%3Dca-pub-3494520468788589%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 18 Jan 2024 11:36:16 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 5406 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y85xLwAF6B8K1cDVAAWESV38RGSqtJvz0hTmhw&u=%7C%2B1r8AbcyCU%2Fyrrp2EGfX3EzB7NiWIiQynRgh0K6LNt4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wc5uWn_xvlGGaP1kpXQJHZYp1FrZqLzuHSzWkkvyaZkcwSbSVGTHLF90HikB_XExokQwtpVRF14-sJBO_BPv_WI4svRyDV8WZgRTPmVPNwsNEa8osjErTwFkNdHUO4jUiXb25aKJIm46C3a0hPYQ2L2-pAbGoJr2vZXdaW1iVAkNtpWE7MgQmRC5BREJIyCZycQEC81TJWeV3D7-XgcnTC4t-7CkQZ_kPuZ1Tfxj21s0-xJvNMU1ddpgS1IADpwfbmKo8Kc4ALltgzaphYmZd6Ywvuew3M69R-yx4wFj7gf-GfzvPbJzUV6bi4nNai-tnccMBvR0YCFjli2gcluJwgy0HZu7xkMVztslI31HcCrNDOjJdY8Fhvpuu9fDmLZjrdaeruN86Hq7mKz1NBaPQFwIlfNP9ISwrFwxnBIBAVChITEbyApbh5wZjbA51mAu0sPKxIs5tlZQ33cKs4fQ5YuSJRn03Jtsrqs35zy2nIgVa0_CdlmXA4_AeLw1nTmh0sdxPmdscivsTkc5X9WJ6yC0EXx8Cn4ZffraWml5FX9XZJN-O3f7_C2_Q7MErbX7I0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCc2ZL3HOY5_QF9WB1wbJiJaQBcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzQ5NDUyMDQ2ODc4ODU4OcgBCakCh0FETJ02sj7gAgCoAwGqBKECT9CDQEA2F6CiS03fcuNjWv-M13n9MeKbgihU4tsjy1NesE6rVgPV69LhybeRgDWTVBdLQ32oYKmvAgBK7un---YpnHJB2ElDKsf6MkewZwVQTe83XaBbg3_Wnc3kK6Skd7eOrmAn0dxftWu16g7j8fnfdGyJYpDHiLr5gwr91CIXg0_dogv9zpYSYZ5MR8XbUJ8UwMXYTRcTdJ6UbjMyyGEkEWbW3R8aoG-qYEDacq0k5nyROnid8KDtDLOrMhDGglWZkeZwZzDnywlJ8_uP4ffyPiZ7ZqoqO9rCNmCAOF-YKlyoJotOh43G0HqDAFTXF8yd8dS0X7K6MjF8FCl5nhYalMe7b88jlAO-kgSle2-C97ZG3QX1TgCEh6_hW5GQE-AEAYAGoI2n_vjxze0NoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPIIG2FkeC1zdWJzeW4tOTcxMzQ0MDg1Njk3OTM4OfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2DJr1FQmT2UqiRHB0qqYtJGipskw%26client%3Dca-pub-3494520468788589%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 18 Jan 2024 11:36:16 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 5406 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y85xLwAF6B8K1cDVAAWESV38RGSqtJvz0hTmhw&u=%7C%2B1r8AbcyCU%2Fyrrp2EGfX3EzB7NiWIiQynRgh0K6LNt4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wc5uWn_xvlGGaP1kpXQJHZYp1FrZqLzuHSzWkkvyaZkcwSbSVGTHLF90HikB_XExokQwtpVRF14-sJBO_BPv_WI4svRyDV8WZgRTPmVPNwsNEa8osjErTwFkNdHUO4jUiXb25aKJIm46C3a0hPYQ2L2-pAbGoJr2vZXdaW1iVAkNtpWE7MgQmRC5BREJIyCZycQEC81TJWeV3D7-XgcnTC4t-7CkQZ_kPuZ1Tfxj21s0-xJvNMU1ddpgS1IADpwfbmKo8Kc4ALltgzaphYmZd6Ywvuew3M69R-yx4wFj7gf-GfzvPbJzUV6bi4nNai-tnccMBvR0YCFjli2gcluJwgy0HZu7xkMVztslI31HcCrNDOjJdY8Fhvpuu9fDmLZjrdaeruN86Hq7mKz1NBaPQFwIlfNP9ISwrFwxnBIBAVChITEbyApbh5wZjbA51mAu0sPKxIs5tlZQ33cKs4fQ5YuSJRn03Jtsrqs35zy2nIgVa0_CdlmXA4_AeLw1nTmh0sdxPmdscivsTkc5X9WJ6yC0EXx8Cn4ZffraWml5FX9XZJN-O3f7_C2_Q7MErbX7I0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCc2ZL3HOY5_QF9WB1wbJiJaQBcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzQ5NDUyMDQ2ODc4ODU4OcgBCakCh0FETJ02sj7gAgCoAwGqBKECT9CDQEA2F6CiS03fcuNjWv-M13n9MeKbgihU4tsjy1NesE6rVgPV69LhybeRgDWTVBdLQ32oYKmvAgBK7un---YpnHJB2ElDKsf6MkewZwVQTe83XaBbg3_Wnc3kK6Skd7eOrmAn0dxftWu16g7j8fnfdGyJYpDHiLr5gwr91CIXg0_dogv9zpYSYZ5MR8XbUJ8UwMXYTRcTdJ6UbjMyyGEkEWbW3R8aoG-qYEDacq0k5nyROnid8KDtDLOrMhDGglWZkeZwZzDnywlJ8_uP4ffyPiZ7ZqoqO9rCNmCAOF-YKlyoJotOh43G0HqDAFTXF8yd8dS0X7K6MjF8FCl5nhYalMe7b88jlAO-kgSle2-C97ZG3QX1TgCEh6_hW5GQE-AEAYAGoI2n_vjxze0NoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPIIG2FkeC1zdWJzeW4tOTcxMzQ0MDg1Njk3OTM4OfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2DJr1FQmT2UqiRHB0qqYtJGipskw%26client%3Dca-pub-3494520468788589%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 18 Jan 2024 11:36:16 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 5406 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=3q0Ks_ENCm225sH-lNPY28zVj5PZDSsKJE5SooyXx1ialCtubd7kPm4bn11yGQ-iJSOoE28sksnDH7EbqUzq-ckVGXOcJ_jCUeu7MoUoVV0GD5OxoFBnXQNRB0SmRYehUf84rVckdpDoDlM7SFmEMwop4oU8TjtO3L_RX3aBUox_0rGNXAilm5oMmb3h2UpOxwT5YZJZkM9m1qm7n0wTkzYOGvThKnhX0pFRmrbfWcp31E0_glaV6LamJohvrvkkougNL-bZ51G7tI5b7vDX9h-WHf-fHCt-waQDz11k3JKzLLgLy_bxb4rSVCxFRHK182aFa7Fg1bWw1KMZSZdar1oOIEFridwGzA3vHttU9ZlPgqDaL6meYLxN_S6ZN3ohj0xFtMouOkbBUH4npMFpURi4bB6-lH1KLUGLhG7BXebiVVE9WsImypcM4rhrbKz4CtyfVQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y85xLwAF6B8K1cDVAAWESV38RGSqtJvz0hTmhw&u=%7C%2B1r8AbcyCU%2Fyrrp2EGfX3EzB7NiWIiQynRgh0K6LNt4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wc5uWn_xvlGGaP1kpXQJHZYp1FrZqLzuHSzWkkvyaZkcwSbSVGTHLF90HikB_XExokQwtpVRF14-sJBO_BPv_WI4svRyDV8WZgRTPmVPNwsNEa8osjErTwFkNdHUO4jUiXb25aKJIm46C3a0hPYQ2L2-pAbGoJr2vZXdaW1iVAkNtpWE7MgQmRC5BREJIyCZycQEC81TJWeV3D7-XgcnTC4t-7CkQZ_kPuZ1Tfxj21s0-xJvNMU1ddpgS1IADpwfbmKo8Kc4ALltgzaphYmZd6Ywvuew3M69R-yx4wFj7gf-GfzvPbJzUV6bi4nNai-tnccMBvR0YCFjli2gcluJwgy0HZu7xkMVztslI31HcCrNDOjJdY8Fhvpuu9fDmLZjrdaeruN86Hq7mKz1NBaPQFwIlfNP9ISwrFwxnBIBAVChITEbyApbh5wZjbA51mAu0sPKxIs5tlZQ33cKs4fQ5YuSJRn03Jtsrqs35zy2nIgVa0_CdlmXA4_AeLw1nTmh0sdxPmdscivsTkc5X9WJ6yC0EXx8Cn4ZffraWml5FX9XZJN-O3f7_C2_Q7MErbX7I0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCc2ZL3HOY5_QF9WB1wbJiJaQBcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzQ5NDUyMDQ2ODc4ODU4OcgBCakCh0FETJ02sj7gAgCoAwGqBKECT9CDQEA2F6CiS03fcuNjWv-M13n9MeKbgihU4tsjy1NesE6rVgPV69LhybeRgDWTVBdLQ32oYKmvAgBK7un---YpnHJB2ElDKsf6MkewZwVQTe83XaBbg3_Wnc3kK6Skd7eOrmAn0dxftWu16g7j8fnfdGyJYpDHiLr5gwr91CIXg0_dogv9zpYSYZ5MR8XbUJ8UwMXYTRcTdJ6UbjMyyGEkEWbW3R8aoG-qYEDacq0k5nyROnid8KDtDLOrMhDGglWZkeZwZzDnywlJ8_uP4ffyPiZ7ZqoqO9rCNmCAOF-YKlyoJotOh43G0HqDAFTXF8yd8dS0X7K6MjF8FCl5nhYalMe7b88jlAO-kgSle2-C97ZG3QX1TgCEh6_hW5GQE-AEAYAGoI2n_vjxze0NoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPIIG2FkeC1zdWJzeW4tOTcxMzQ0MDg1Njk3OTM4OfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2DJr1FQmT2UqiRHB0qqYtJGipskw%26client%3Dca-pub-3494520468788589%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
4295229
expires
Mon, 26 Jul 1997 05:00:00 GMT
ai.aspx
m.exactag.com/ Frame 5406 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=15&extPu=72360-criteo&extLi=152208&rnd=63ce712f427da4f1f03c38b2e5d6134a&criteoid=&consent_string=&iab=1&url=
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y85xLwAF6B8K1cDVAAWESV38RGSqtJvz0hTmhw&u=%7C%2B1r8AbcyCU%2Fyrrp2EGfX3EzB7NiWIiQynRgh0K6LNt4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wc5uWn_xvlGGaP1kpXQJHZYp1FrZqLzuHSzWkkvyaZkcwSbSVGTHLF90HikB_XExokQwtpVRF14-sJBO_BPv_WI4svRyDV8WZgRTPmVPNwsNEa8osjErTwFkNdHUO4jUiXb25aKJIm46C3a0hPYQ2L2-pAbGoJr2vZXdaW1iVAkNtpWE7MgQmRC5BREJIyCZycQEC81TJWeV3D7-XgcnTC4t-7CkQZ_kPuZ1Tfxj21s0-xJvNMU1ddpgS1IADpwfbmKo8Kc4ALltgzaphYmZd6Ywvuew3M69R-yx4wFj7gf-GfzvPbJzUV6bi4nNai-tnccMBvR0YCFjli2gcluJwgy0HZu7xkMVztslI31HcCrNDOjJdY8Fhvpuu9fDmLZjrdaeruN86Hq7mKz1NBaPQFwIlfNP9ISwrFwxnBIBAVChITEbyApbh5wZjbA51mAu0sPKxIs5tlZQ33cKs4fQ5YuSJRn03Jtsrqs35zy2nIgVa0_CdlmXA4_AeLw1nTmh0sdxPmdscivsTkc5X9WJ6yC0EXx8Cn4ZffraWml5FX9XZJN-O3f7_C2_Q7MErbX7I0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCc2ZL3HOY5_QF9WB1wbJiJaQBcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzQ5NDUyMDQ2ODc4ODU4OcgBCakCh0FETJ02sj7gAgCoAwGqBKECT9CDQEA2F6CiS03fcuNjWv-M13n9MeKbgihU4tsjy1NesE6rVgPV69LhybeRgDWTVBdLQ32oYKmvAgBK7un---YpnHJB2ElDKsf6MkewZwVQTe83XaBbg3_Wnc3kK6Skd7eOrmAn0dxftWu16g7j8fnfdGyJYpDHiLr5gwr91CIXg0_dogv9zpYSYZ5MR8XbUJ8UwMXYTRcTdJ6UbjMyyGEkEWbW3R8aoG-qYEDacq0k5nyROnid8KDtDLOrMhDGglWZkeZwZzDnywlJ8_uP4ffyPiZ7ZqoqO9rCNmCAOF-YKlyoJotOh43G0HqDAFTXF8yd8dS0X7K6MjF8FCl5nhYalMe7b88jlAO-kgSle2-C97ZG3QX1TgCEh6_hW5GQE-AEAYAGoI2n_vjxze0NoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPIIG2FkeC1zdWJzeW4tOTcxMzQ0MDg1Njk3OTM4OfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2DJr1FQmT2UqiRHB0qqYtJGipskw%26client%3Dca-pub-3494520468788589%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
85.14.248.72 Kamp-Lintfort, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Mon, 23 Jan 2023 11:36:15 GMT
X-Content-Type-Options
nosniff
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
Content-Length
43
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Mo, 23 Jan 2023 11:36:16 GMT
X-ET-Code
0
Accept-CH
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://ads.eu.criteo.com
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1696
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.myjoyonline.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.myjoyonline.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame 5406 		2 KB
899 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y85xLwAF6B8K1cDVAAWESV38RGSqtJvz0hTmhw&u=%7C%2B1r8AbcyCU%2Fyrrp2EGfX3EzB7NiWIiQynRgh0K6LNt4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wc5uWn_xvlGGaP1kpXQJHZYp1FrZqLzuHSzWkkvyaZkcwSbSVGTHLF90HikB_XExokQwtpVRF14-sJBO_BPv_WI4svRyDV8WZgRTPmVPNwsNEa8osjErTwFkNdHUO4jUiXb25aKJIm46C3a0hPYQ2L2-pAbGoJr2vZXdaW1iVAkNtpWE7MgQmRC5BREJIyCZycQEC81TJWeV3D7-XgcnTC4t-7CkQZ_kPuZ1Tfxj21s0-xJvNMU1ddpgS1IADpwfbmKo8Kc4ALltgzaphYmZd6Ywvuew3M69R-yx4wFj7gf-GfzvPbJzUV6bi4nNai-tnccMBvR0YCFjli2gcluJwgy0HZu7xkMVztslI31HcCrNDOjJdY8Fhvpuu9fDmLZjrdaeruN86Hq7mKz1NBaPQFwIlfNP9ISwrFwxnBIBAVChITEbyApbh5wZjbA51mAu0sPKxIs5tlZQ33cKs4fQ5YuSJRn03Jtsrqs35zy2nIgVa0_CdlmXA4_AeLw1nTmh0sdxPmdscivsTkc5X9WJ6yC0EXx8Cn4ZffraWml5FX9XZJN-O3f7_C2_Q7MErbX7I0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCc2ZL3HOY5_QF9WB1wbJiJaQBcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzQ5NDUyMDQ2ODc4ODU4OcgBCakCh0FETJ02sj7gAgCoAwGqBKECT9CDQEA2F6CiS03fcuNjWv-M13n9MeKbgihU4tsjy1NesE6rVgPV69LhybeRgDWTVBdLQ32oYKmvAgBK7un---YpnHJB2ElDKsf6MkewZwVQTe83XaBbg3_Wnc3kK6Skd7eOrmAn0dxftWu16g7j8fnfdGyJYpDHiLr5gwr91CIXg0_dogv9zpYSYZ5MR8XbUJ8UwMXYTRcTdJ6UbjMyyGEkEWbW3R8aoG-qYEDacq0k5nyROnid8KDtDLOrMhDGglWZkeZwZzDnywlJ8_uP4ffyPiZ7ZqoqO9rCNmCAOF-YKlyoJotOh43G0HqDAFTXF8yd8dS0X7K6MjF8FCl5nhYalMe7b88jlAO-kgSle2-C97ZG3QX1TgCEh6_hW5GQE-AEAYAGoI2n_vjxze0NoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPIIG2FkeC1zdWJzeW4tOTcxMzQ0MDg1Njk3OTM4OfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2DJr1FQmT2UqiRHB0qqYtJGipskw%26client%3Dca-pub-3494520468788589%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f077-9fe"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 18 Jan 2024 11:36:16 GMT
opensans-700.css
static.criteo.net/design/googlefont/opensans/ Frame 5406 		2 KB
900 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-700.css
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y85xLwAF6B8K1cDVAAWESV38RGSqtJvz0hTmhw&u=%7C%2B1r8AbcyCU%2Fyrrp2EGfX3EzB7NiWIiQynRgh0K6LNt4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wc5uWn_xvlGGaP1kpXQJHZYp1FrZqLzuHSzWkkvyaZkcwSbSVGTHLF90HikB_XExokQwtpVRF14-sJBO_BPv_WI4svRyDV8WZgRTPmVPNwsNEa8osjErTwFkNdHUO4jUiXb25aKJIm46C3a0hPYQ2L2-pAbGoJr2vZXdaW1iVAkNtpWE7MgQmRC5BREJIyCZycQEC81TJWeV3D7-XgcnTC4t-7CkQZ_kPuZ1Tfxj21s0-xJvNMU1ddpgS1IADpwfbmKo8Kc4ALltgzaphYmZd6Ywvuew3M69R-yx4wFj7gf-GfzvPbJzUV6bi4nNai-tnccMBvR0YCFjli2gcluJwgy0HZu7xkMVztslI31HcCrNDOjJdY8Fhvpuu9fDmLZjrdaeruN86Hq7mKz1NBaPQFwIlfNP9ISwrFwxnBIBAVChITEbyApbh5wZjbA51mAu0sPKxIs5tlZQ33cKs4fQ5YuSJRn03Jtsrqs35zy2nIgVa0_CdlmXA4_AeLw1nTmh0sdxPmdscivsTkc5X9WJ6yC0EXx8Cn4ZffraWml5FX9XZJN-O3f7_C2_Q7MErbX7I0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCc2ZL3HOY5_QF9WB1wbJiJaQBcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzQ5NDUyMDQ2ODc4ODU4OcgBCakCh0FETJ02sj7gAgCoAwGqBKECT9CDQEA2F6CiS03fcuNjWv-M13n9MeKbgihU4tsjy1NesE6rVgPV69LhybeRgDWTVBdLQ32oYKmvAgBK7un---YpnHJB2ElDKsf6MkewZwVQTe83XaBbg3_Wnc3kK6Skd7eOrmAn0dxftWu16g7j8fnfdGyJYpDHiLr5gwr91CIXg0_dogv9zpYSYZ5MR8XbUJ8UwMXYTRcTdJ6UbjMyyGEkEWbW3R8aoG-qYEDacq0k5nyROnid8KDtDLOrMhDGglWZkeZwZzDnywlJ8_uP4ffyPiZ7ZqoqO9rCNmCAOF-YKlyoJotOh43G0HqDAFTXF8yd8dS0X7K6MjF8FCl5nhYalMe7b88jlAO-kgSle2-C97ZG3QX1TgCEh6_hW5GQE-AEAYAGoI2n_vjxze0NoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPIIG2FkeC1zdWJzeW4tOTcxMzQ0MDg1Njk3OTM4OfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2DJr1FQmT2UqiRHB0qqYtJGipskw%26client%3Dca-pub-3494520468788589%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:05 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f079-9fe"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 18 Jan 2024 11:36:16 GMT
animejs.js
static.criteo.net/animejs/ Frame 5406 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y85xLwAF6B8K1cDVAAWESV38RGSqtJvz0hTmhw&u=%7C%2B1r8AbcyCU%2Fyrrp2EGfX3EzB7NiWIiQynRgh0K6LNt4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wc5uWn_xvlGGaP1kpXQJHZYp1FrZqLzuHSzWkkvyaZkcwSbSVGTHLF90HikB_XExokQwtpVRF14-sJBO_BPv_WI4svRyDV8WZgRTPmVPNwsNEa8osjErTwFkNdHUO4jUiXb25aKJIm46C3a0hPYQ2L2-pAbGoJr2vZXdaW1iVAkNtpWE7MgQmRC5BREJIyCZycQEC81TJWeV3D7-XgcnTC4t-7CkQZ_kPuZ1Tfxj21s0-xJvNMU1ddpgS1IADpwfbmKo8Kc4ALltgzaphYmZd6Ywvuew3M69R-yx4wFj7gf-GfzvPbJzUV6bi4nNai-tnccMBvR0YCFjli2gcluJwgy0HZu7xkMVztslI31HcCrNDOjJdY8Fhvpuu9fDmLZjrdaeruN86Hq7mKz1NBaPQFwIlfNP9ISwrFwxnBIBAVChITEbyApbh5wZjbA51mAu0sPKxIs5tlZQ33cKs4fQ5YuSJRn03Jtsrqs35zy2nIgVa0_CdlmXA4_AeLw1nTmh0sdxPmdscivsTkc5X9WJ6yC0EXx8Cn4ZffraWml5FX9XZJN-O3f7_C2_Q7MErbX7I0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCc2ZL3HOY5_QF9WB1wbJiJaQBcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzQ5NDUyMDQ2ODc4ODU4OcgBCakCh0FETJ02sj7gAgCoAwGqBKECT9CDQEA2F6CiS03fcuNjWv-M13n9MeKbgihU4tsjy1NesE6rVgPV69LhybeRgDWTVBdLQ32oYKmvAgBK7un---YpnHJB2ElDKsf6MkewZwVQTe83XaBbg3_Wnc3kK6Skd7eOrmAn0dxftWu16g7j8fnfdGyJYpDHiLr5gwr91CIXg0_dogv9zpYSYZ5MR8XbUJ8UwMXYTRcTdJ6UbjMyyGEkEWbW3R8aoG-qYEDacq0k5nyROnid8KDtDLOrMhDGglWZkeZwZzDnywlJ8_uP4ffyPiZ7ZqoqO9rCNmCAOF-YKlyoJotOh43G0HqDAFTXF8yd8dS0X7K6MjF8FCl5nhYalMe7b88jlAO-kgSle2-C97ZG3QX1TgCEh6_hW5GQE-AEAYAGoI2n_vjxze0NoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPIIG2FkeC1zdWJzeW4tOTcxMzQ0MDg1Njk3OTM4OfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2DJr1FQmT2UqiRHB0qqYtJGipskw%26client%3Dca-pub-3494520468788589%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 18 Jan 2024 11:36:16 GMT
img
pix.eu.criteo.net/img/ Frame 5406 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12719&q=80&r=0&u=https%3A%2F%2Fmedia.mey-edlich.de%2Fproducts%2Fmey-edlich%2Fimages%2F1441x1922%2FEC24_6696_FA.jpg&v=3&w=800&s=IcXBooS6AWYQeL0j5IM1KN1d&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y85xLwAF6B8K1cDVAAWESV38RGSqtJvz0hTmhw&u=%7C%2B1r8AbcyCU%2Fyrrp2EGfX3EzB7NiWIiQynRgh0K6LNt4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wc5uWn_xvlGGaP1kpXQJHZYp1FrZqLzuHSzWkkvyaZkcwSbSVGTHLF90HikB_XExokQwtpVRF14-sJBO_BPv_WI4svRyDV8WZgRTPmVPNwsNEa8osjErTwFkNdHUO4jUiXb25aKJIm46C3a0hPYQ2L2-pAbGoJr2vZXdaW1iVAkNtpWE7MgQmRC5BREJIyCZycQEC81TJWeV3D7-XgcnTC4t-7CkQZ_kPuZ1Tfxj21s0-xJvNMU1ddpgS1IADpwfbmKo8Kc4ALltgzaphYmZd6Ywvuew3M69R-yx4wFj7gf-GfzvPbJzUV6bi4nNai-tnccMBvR0YCFjli2gcluJwgy0HZu7xkMVztslI31HcCrNDOjJdY8Fhvpuu9fDmLZjrdaeruN86Hq7mKz1NBaPQFwIlfNP9ISwrFwxnBIBAVChITEbyApbh5wZjbA51mAu0sPKxIs5tlZQ33cKs4fQ5YuSJRn03Jtsrqs35zy2nIgVa0_CdlmXA4_AeLw1nTmh0sdxPmdscivsTkc5X9WJ6yC0EXx8Cn4ZffraWml5FX9XZJN-O3f7_C2_Q7MErbX7I0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCc2ZL3HOY5_QF9WB1wbJiJaQBcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzQ5NDUyMDQ2ODc4ODU4OcgBCakCh0FETJ02sj7gAgCoAwGqBKECT9CDQEA2F6CiS03fcuNjWv-M13n9MeKbgihU4tsjy1NesE6rVgPV69LhybeRgDWTVBdLQ32oYKmvAgBK7un---YpnHJB2ElDKsf6MkewZwVQTe83XaBbg3_Wnc3kK6Skd7eOrmAn0dxftWu16g7j8fnfdGyJYpDHiLr5gwr91CIXg0_dogv9zpYSYZ5MR8XbUJ8UwMXYTRcTdJ6UbjMyyGEkEWbW3R8aoG-qYEDacq0k5nyROnid8KDtDLOrMhDGglWZkeZwZzDnywlJ8_uP4ffyPiZ7ZqoqO9rCNmCAOF-YKlyoJotOh43G0HqDAFTXF8yd8dS0X7K6MjF8FCl5nhYalMe7b88jlAO-kgSle2-C97ZG3QX1TgCEh6_hW5GQE-AEAYAGoI2n_vjxze0NoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPIIG2FkeC1zdWJzeW4tOTcxMzQ0MDg1Njk3OTM4OfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2DJr1FQmT2UqiRHB0qqYtJGipskw%26client%3Dca-pub-3494520468788589%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
5c0eb4511d6f5b763b5f31869d398c39865d81800cdd14dc574c53e7c3c22637
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:15 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18474
expires
Mon, 23 Jan 2023 11:36:16 GMT
img
pix.eu.criteo.net/img/ Frame 5406 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12719&q=80&r=0&u=https%3A%2F%2Fmedia.mey-edlich.de%2Fproducts%2Fmey-edlich%2Fimages%2F1441x1922%2FEC24_6038_FA.jpg&v=3&w=800&s=pdaQQ6LH19WpkN6YEtrIaYWc&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y85xLwAF6B8K1cDVAAWESV38RGSqtJvz0hTmhw&u=%7C%2B1r8AbcyCU%2Fyrrp2EGfX3EzB7NiWIiQynRgh0K6LNt4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wc5uWn_xvlGGaP1kpXQJHZYp1FrZqLzuHSzWkkvyaZkcwSbSVGTHLF90HikB_XExokQwtpVRF14-sJBO_BPv_WI4svRyDV8WZgRTPmVPNwsNEa8osjErTwFkNdHUO4jUiXb25aKJIm46C3a0hPYQ2L2-pAbGoJr2vZXdaW1iVAkNtpWE7MgQmRC5BREJIyCZycQEC81TJWeV3D7-XgcnTC4t-7CkQZ_kPuZ1Tfxj21s0-xJvNMU1ddpgS1IADpwfbmKo8Kc4ALltgzaphYmZd6Ywvuew3M69R-yx4wFj7gf-GfzvPbJzUV6bi4nNai-tnccMBvR0YCFjli2gcluJwgy0HZu7xkMVztslI31HcCrNDOjJdY8Fhvpuu9fDmLZjrdaeruN86Hq7mKz1NBaPQFwIlfNP9ISwrFwxnBIBAVChITEbyApbh5wZjbA51mAu0sPKxIs5tlZQ33cKs4fQ5YuSJRn03Jtsrqs35zy2nIgVa0_CdlmXA4_AeLw1nTmh0sdxPmdscivsTkc5X9WJ6yC0EXx8Cn4ZffraWml5FX9XZJN-O3f7_C2_Q7MErbX7I0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCc2ZL3HOY5_QF9WB1wbJiJaQBcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzQ5NDUyMDQ2ODc4ODU4OcgBCakCh0FETJ02sj7gAgCoAwGqBKECT9CDQEA2F6CiS03fcuNjWv-M13n9MeKbgihU4tsjy1NesE6rVgPV69LhybeRgDWTVBdLQ32oYKmvAgBK7un---YpnHJB2ElDKsf6MkewZwVQTe83XaBbg3_Wnc3kK6Skd7eOrmAn0dxftWu16g7j8fnfdGyJYpDHiLr5gwr91CIXg0_dogv9zpYSYZ5MR8XbUJ8UwMXYTRcTdJ6UbjMyyGEkEWbW3R8aoG-qYEDacq0k5nyROnid8KDtDLOrMhDGglWZkeZwZzDnywlJ8_uP4ffyPiZ7ZqoqO9rCNmCAOF-YKlyoJotOh43G0HqDAFTXF8yd8dS0X7K6MjF8FCl5nhYalMe7b88jlAO-kgSle2-C97ZG3QX1TgCEh6_hW5GQE-AEAYAGoI2n_vjxze0NoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPIIG2FkeC1zdWJzeW4tOTcxMzQ0MDg1Njk3OTM4OfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2DJr1FQmT2UqiRHB0qqYtJGipskw%26client%3Dca-pub-3494520468788589%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
f5961a3178201a6de5f9b6eb4767ccf3efbd406e39a47285a33ee066a508d81d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:15 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=167357
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
10196
expires
Wed, 25 Jan 2023 10:05:34 GMT
img
pix.eu.criteo.net/img/ Frame 5406 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=12719&q=80&r=0&u=https%3A%2F%2Fmedia.mey-edlich.de%2Fproducts%2Fmey-edlich%2Fimages%2F1441x1922%2FEC24_4481_FA.jpg&v=3&w=800&s=VzAd7lV80sPP48x8dSkkdqMC&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y85xLwAF6B8K1cDVAAWESV38RGSqtJvz0hTmhw&u=%7C%2B1r8AbcyCU%2Fyrrp2EGfX3EzB7NiWIiQynRgh0K6LNt4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wc5uWn_xvlGGaP1kpXQJHZYp1FrZqLzuHSzWkkvyaZkcwSbSVGTHLF90HikB_XExokQwtpVRF14-sJBO_BPv_WI4svRyDV8WZgRTPmVPNwsNEa8osjErTwFkNdHUO4jUiXb25aKJIm46C3a0hPYQ2L2-pAbGoJr2vZXdaW1iVAkNtpWE7MgQmRC5BREJIyCZycQEC81TJWeV3D7-XgcnTC4t-7CkQZ_kPuZ1Tfxj21s0-xJvNMU1ddpgS1IADpwfbmKo8Kc4ALltgzaphYmZd6Ywvuew3M69R-yx4wFj7gf-GfzvPbJzUV6bi4nNai-tnccMBvR0YCFjli2gcluJwgy0HZu7xkMVztslI31HcCrNDOjJdY8Fhvpuu9fDmLZjrdaeruN86Hq7mKz1NBaPQFwIlfNP9ISwrFwxnBIBAVChITEbyApbh5wZjbA51mAu0sPKxIs5tlZQ33cKs4fQ5YuSJRn03Jtsrqs35zy2nIgVa0_CdlmXA4_AeLw1nTmh0sdxPmdscivsTkc5X9WJ6yC0EXx8Cn4ZffraWml5FX9XZJN-O3f7_C2_Q7MErbX7I0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCc2ZL3HOY5_QF9WB1wbJiJaQBcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzQ5NDUyMDQ2ODc4ODU4OcgBCakCh0FETJ02sj7gAgCoAwGqBKECT9CDQEA2F6CiS03fcuNjWv-M13n9MeKbgihU4tsjy1NesE6rVgPV69LhybeRgDWTVBdLQ32oYKmvAgBK7un---YpnHJB2ElDKsf6MkewZwVQTe83XaBbg3_Wnc3kK6Skd7eOrmAn0dxftWu16g7j8fnfdGyJYpDHiLr5gwr91CIXg0_dogv9zpYSYZ5MR8XbUJ8UwMXYTRcTdJ6UbjMyyGEkEWbW3R8aoG-qYEDacq0k5nyROnid8KDtDLOrMhDGglWZkeZwZzDnywlJ8_uP4ffyPiZ7ZqoqO9rCNmCAOF-YKlyoJotOh43G0HqDAFTXF8yd8dS0X7K6MjF8FCl5nhYalMe7b88jlAO-kgSle2-C97ZG3QX1TgCEh6_hW5GQE-AEAYAGoI2n_vjxze0NoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPIIG2FkeC1zdWJzeW4tOTcxMzQ0MDg1Njk3OTM4OfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2DJr1FQmT2UqiRHB0qqYtJGipskw%26client%3Dca-pub-3494520468788589%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
d3c892e01af29ac871d6435b47601960d2692dfb570dcef54ba0c1f3747173f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=252865
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19442
expires
Thu, 26 Jan 2023 09:50:41 GMT
all
csm.eu.criteo.net/ Frame 5406 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=L69BWQXusI_8grF4HNABg66fxOyOPa9Aw1mdxsta-AMr0zQ6wZ-HW03jBwrxYbd-twizEeW5ZH75lSPjSwaWOJsxtAOJixVMnMSAvCLLNWbmwH7E2QOsguYjA2ryVrd2XUMHNR8DoUDQjlj39UNo9zLsSpTCG0v7YdKcss-Wt4UxTcQc5SrKSB7Ouo2MlOnf-OK9QOQ2rNc_heCccI_-NVx-WZrCicCWzd7pCh66ZGfXl4DzVL_QCiL21L1JfPHEtezyLg&sds=2&rev=84230&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y85xLwAF6B8K1cDVAAWESV38RGSqtJvz0hTmhw&u=%7C%2B1r8AbcyCU%2Fyrrp2EGfX3EzB7NiWIiQynRgh0K6LNt4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wc5uWn_xvlGGaP1kpXQJHZYp1FrZqLzuHSzWkkvyaZkcwSbSVGTHLF90HikB_XExokQwtpVRF14-sJBO_BPv_WI4svRyDV8WZgRTPmVPNwsNEa8osjErTwFkNdHUO4jUiXb25aKJIm46C3a0hPYQ2L2-pAbGoJr2vZXdaW1iVAkNtpWE7MgQmRC5BREJIyCZycQEC81TJWeV3D7-XgcnTC4t-7CkQZ_kPuZ1Tfxj21s0-xJvNMU1ddpgS1IADpwfbmKo8Kc4ALltgzaphYmZd6Ywvuew3M69R-yx4wFj7gf-GfzvPbJzUV6bi4nNai-tnccMBvR0YCFjli2gcluJwgy0HZu7xkMVztslI31HcCrNDOjJdY8Fhvpuu9fDmLZjrdaeruN86Hq7mKz1NBaPQFwIlfNP9ISwrFwxnBIBAVChITEbyApbh5wZjbA51mAu0sPKxIs5tlZQ33cKs4fQ5YuSJRn03Jtsrqs35zy2nIgVa0_CdlmXA4_AeLw1nTmh0sdxPmdscivsTkc5X9WJ6yC0EXx8Cn4ZffraWml5FX9XZJN-O3f7_C2_Q7MErbX7I0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCc2ZL3HOY5_QF9WB1wbJiJaQBcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzQ5NDUyMDQ2ODc4ODU4OcgBCakCh0FETJ02sj7gAgCoAwGqBKECT9CDQEA2F6CiS03fcuNjWv-M13n9MeKbgihU4tsjy1NesE6rVgPV69LhybeRgDWTVBdLQ32oYKmvAgBK7un---YpnHJB2ElDKsf6MkewZwVQTe83XaBbg3_Wnc3kK6Skd7eOrmAn0dxftWu16g7j8fnfdGyJYpDHiLr5gwr91CIXg0_dogv9zpYSYZ5MR8XbUJ8UwMXYTRcTdJ6UbjMyyGEkEWbW3R8aoG-qYEDacq0k5nyROnid8KDtDLOrMhDGglWZkeZwZzDnywlJ8_uP4ffyPiZ7ZqoqO9rCNmCAOF-YKlyoJotOh43G0HqDAFTXF8yd8dS0X7K6MjF8FCl5nhYalMe7b88jlAO-kgSle2-C97ZG3QX1TgCEh6_hW5GQE-AEAYAGoI2n_vjxze0NoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPIIG2FkeC1zdWJzeW4tOTcxMzQ0MDg1Njk3OTM4OfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2DJr1FQmT2UqiRHB0qqYtJGipskw%26client%3Dca-pub-3494520468788589%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 23 Jan 2023 11:36:15 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5406 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y85xLwAF6B8K1cDVAAWESV38RGSqtJvz0hTmhw&u=%7C%2B1r8AbcyCU%2Fyrrp2EGfX3EzB7NiWIiQynRgh0K6LNt4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wc5uWn_xvlGGaP1kpXQJHZYp1FrZqLzuHSzWkkvyaZkcwSbSVGTHLF90HikB_XExokQwtpVRF14-sJBO_BPv_WI4svRyDV8WZgRTPmVPNwsNEa8osjErTwFkNdHUO4jUiXb25aKJIm46C3a0hPYQ2L2-pAbGoJr2vZXdaW1iVAkNtpWE7MgQmRC5BREJIyCZycQEC81TJWeV3D7-XgcnTC4t-7CkQZ_kPuZ1Tfxj21s0-xJvNMU1ddpgS1IADpwfbmKo8Kc4ALltgzaphYmZd6Ywvuew3M69R-yx4wFj7gf-GfzvPbJzUV6bi4nNai-tnccMBvR0YCFjli2gcluJwgy0HZu7xkMVztslI31HcCrNDOjJdY8Fhvpuu9fDmLZjrdaeruN86Hq7mKz1NBaPQFwIlfNP9ISwrFwxnBIBAVChITEbyApbh5wZjbA51mAu0sPKxIs5tlZQ33cKs4fQ5YuSJRn03Jtsrqs35zy2nIgVa0_CdlmXA4_AeLw1nTmh0sdxPmdscivsTkc5X9WJ6yC0EXx8Cn4ZffraWml5FX9XZJN-O3f7_C2_Q7MErbX7I0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCc2ZL3HOY5_QF9WB1wbJiJaQBcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzQ5NDUyMDQ2ODc4ODU4OcgBCakCh0FETJ02sj7gAgCoAwGqBKECT9CDQEA2F6CiS03fcuNjWv-M13n9MeKbgihU4tsjy1NesE6rVgPV69LhybeRgDWTVBdLQ32oYKmvAgBK7un---YpnHJB2ElDKsf6MkewZwVQTe83XaBbg3_Wnc3kK6Skd7eOrmAn0dxftWu16g7j8fnfdGyJYpDHiLr5gwr91CIXg0_dogv9zpYSYZ5MR8XbUJ8UwMXYTRcTdJ6UbjMyyGEkEWbW3R8aoG-qYEDacq0k5nyROnid8KDtDLOrMhDGglWZkeZwZzDnywlJ8_uP4ffyPiZ7ZqoqO9rCNmCAOF-YKlyoJotOh43G0HqDAFTXF8yd8dS0X7K6MjF8FCl5nhYalMe7b88jlAO-kgSle2-C97ZG3QX1TgCEh6_hW5GQE-AEAYAGoI2n_vjxze0NoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPIIG2FkeC1zdWJzeW4tOTcxMzQ0MDg1Njk3OTM4OfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2DJr1FQmT2UqiRHB0qqYtJGipskw%26client%3Dca-pub-3494520468788589%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 18 Jan 2024 11:36:16 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 5406 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y85xLwAF6B8K1cDVAAWESV38RGSqtJvz0hTmhw&u=%7C%2B1r8AbcyCU%2Fyrrp2EGfX3EzB7NiWIiQynRgh0K6LNt4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wc5uWn_xvlGGaP1kpXQJHZYp1FrZqLzuHSzWkkvyaZkcwSbSVGTHLF90HikB_XExokQwtpVRF14-sJBO_BPv_WI4svRyDV8WZgRTPmVPNwsNEa8osjErTwFkNdHUO4jUiXb25aKJIm46C3a0hPYQ2L2-pAbGoJr2vZXdaW1iVAkNtpWE7MgQmRC5BREJIyCZycQEC81TJWeV3D7-XgcnTC4t-7CkQZ_kPuZ1Tfxj21s0-xJvNMU1ddpgS1IADpwfbmKo8Kc4ALltgzaphYmZd6Ywvuew3M69R-yx4wFj7gf-GfzvPbJzUV6bi4nNai-tnccMBvR0YCFjli2gcluJwgy0HZu7xkMVztslI31HcCrNDOjJdY8Fhvpuu9fDmLZjrdaeruN86Hq7mKz1NBaPQFwIlfNP9ISwrFwxnBIBAVChITEbyApbh5wZjbA51mAu0sPKxIs5tlZQ33cKs4fQ5YuSJRn03Jtsrqs35zy2nIgVa0_CdlmXA4_AeLw1nTmh0sdxPmdscivsTkc5X9WJ6yC0EXx8Cn4ZffraWml5FX9XZJN-O3f7_C2_Q7MErbX7I0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCc2ZL3HOY5_QF9WB1wbJiJaQBcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzQ5NDUyMDQ2ODc4ODU4OcgBCakCh0FETJ02sj7gAgCoAwGqBKECT9CDQEA2F6CiS03fcuNjWv-M13n9MeKbgihU4tsjy1NesE6rVgPV69LhybeRgDWTVBdLQ32oYKmvAgBK7un---YpnHJB2ElDKsf6MkewZwVQTe83XaBbg3_Wnc3kK6Skd7eOrmAn0dxftWu16g7j8fnfdGyJYpDHiLr5gwr91CIXg0_dogv9zpYSYZ5MR8XbUJ8UwMXYTRcTdJ6UbjMyyGEkEWbW3R8aoG-qYEDacq0k5nyROnid8KDtDLOrMhDGglWZkeZwZzDnywlJ8_uP4ffyPiZ7ZqoqO9rCNmCAOF-YKlyoJotOh43G0HqDAFTXF8yd8dS0X7K6MjF8FCl5nhYalMe7b88jlAO-kgSle2-C97ZG3QX1TgCEh6_hW5GQE-AEAYAGoI2n_vjxze0NoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPIIG2FkeC1zdWJzeW4tOTcxMzQ0MDg1Njk3OTM4OfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2DJr1FQmT2UqiRHB0qqYtJGipskw%26client%3Dca-pub-3494520468788589%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 18 Jan 2024 11:36:16 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		61 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3316763044018593&correlator=5503292375851&eid=31070909%2C31071324&output=ldjh&gdfp_req=1&vrg=2023011101&ptt=17&impl=fifs&npa=1&iu_parts=213794966%3A1002554%2Cvuukle-widget%2Cmyjoyonline.com&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=250x250%7C272x391%7C272x360%7C300x250%7C300x50%7C312x260%7C320x50%7C320x250%7C320x320%7C320x100%7C327x272%7C335x250%7C336x280%7C360x360%7C360x250%7C364x303%7C364x373%7C366x305%7C366x375%7C366x359%7C372x250%7C374x250%7C375x375%7C384x320%7C387x359%7C400x300%7C400x250%7C412x412%7C414x414%7C468x60%7C480x300%7C600x410%7C600x400%7C600x300&ifi=2&adks=109319723&sfv=1-0-40&ris=1&rcs=1&prev_scp=adInView%3D0-24%2525%26impressionViewable%3D0%26refreshIteration%3D0&eri=5&cust_params=amznbid%3D0%26amznp%3D0%26url%3Dhttps%253A%252F%252Fwww.myjoyonline.com%252Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%252F%26words%3Dmonies%252Cpaid%252Cby%252Ccocobod%252Cto%252Cinvestors%252Cwho%252Cpurchased%252Ccocoa%252Cbills%252Cwithdrawn%26commit%3Ddeb96a281ec490c4c1393b617ae56cb66fa48b5a%26unblockia%3D0%26source%3Ddirect_internal%26CMP_accepted%3D0%26geo%3DDE%26device%3DDesktop%26order%3D7%26api_key%3D255be353-1ccf-4eea-af0c-86d618375550&sc=1&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&abxe=1&dt=1674473776294&dlt=1674473773606&idt=1305&adxs=333&adys=3580&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&frm=20&vis=1&psz=680x400&msz=680x400&fws=4&ohw=680&ga_vid=1501366706.1674473774&ga_sid=1674473775&ga_hid=2059873228&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYhsWo890wSABSAghkEhkKCnB1YmNpZC5vcmcY88ao890wSABSAghqEoICCghydGJob3VzZRLsAURRMWU5WUg1ams5a1FjcG1mUjFvYTlNNkRTQTF4RUVja0hCT2F6Zlc4eTAvRkkwK2FLRlhYSXdvMEZrWEpyaUhvay83R2dYRStzbDAyaUZXb2F5TFBJQlplUVdob0x1SXlZMHgxcXM0MEVSN3dKa0trZDJFZXE5czNESlk5R1V0RzZJaGNTVmRHOE9YeEg4aVJOY2w3Z2l1bVYyVHlBY3AwczZkblRoNzNnQlRUU0M3aDQ1aXRuNCtSSVlLYnkwQVpOcG5aVUw2eFU1dllFanNGR2VNMElXZFhSVmwxcGVvN3FRUCs4aGRqakE9GIfIqPPdMEgAEh0KDmVzcC5jcml0ZW8uY29tGIbFqPPdMEgAUgIIZBIZCgp1aWRhcGkuY29tGIbFqPPdMEgAUgIIZBIUCgVvcGVueBiGxajz3TBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKTHqPPdMEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1000f7966970f9c1c67fcce622ee8ab386101d08f4b195012186b7aeec85ed06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12942
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.myjoyonline.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		115 KB
42 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3316763044018593&correlator=5503292375851&eid=31070909%2C31071324&output=ldjh&gdfp_req=1&vrg=2023011101&ptt=17&impl=fifs&npa=1&iu_parts=22191989129%3A1002554%2CMGL%2Cmgl_atunwa_300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=3&adks=41891436&sfv=1-0-40&eri=5&cust_params=amznbid%3D0%26amznp%3D0%26url%3Dhttps%253A%252F%252Fwww.myjoyonline.com%252Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%252F%26words%3Dmonies%252Cpaid%252Cby%252Ccocobod%252Cto%252Cinvestors%252Cwho%252Cpurchased%252Ccocoa%252Cbills%252Cwithdrawn%26commit%3Ddeb96a281ec490c4c1393b617ae56cb66fa48b5a%26unblockia%3D0%26source%3Ddirect_internal%26CMP_accepted%3D0%26geo%3DDE%26device%3DDesktop%26order%3D7%26api_key%3D255be353-1ccf-4eea-af0c-86d618375550&sc=1&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&abxe=1&dt=1674473776306&dlt=1674473773606&idt=1305&adxs=1005&adys=965&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&frm=20&vis=1&psz=355x1428&msz=325x0&fws=4&ohw=1600&ga_vid=1501366706.1674473774&ga_sid=1674473775&ga_hid=2059873228&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYhsWo890wSABSAghkEhkKCnB1YmNpZC5vcmcY88ao890wSABSAghqEoICCghydGJob3VzZRLsAURRMWU5WUg1ams5a1FjcG1mUjFvYTlNNkRTQTF4RUVja0hCT2F6Zlc4eTAvRkkwK2FLRlhYSXdvMEZrWEpyaUhvay83R2dYRStzbDAyaUZXb2F5TFBJQlplUVdob0x1SXlZMHgxcXM0MEVSN3dKa0trZDJFZXE5czNESlk5R1V0RzZJaGNTVmRHOE9YeEg4aVJOY2w3Z2l1bVYyVHlBY3AwczZkblRoNzNnQlRUU0M3aDQ1aXRuNCtSSVlLYnkwQVpOcG5aVUw2eFU1dllFanNGR2VNMElXZFhSVmwxcGVvN3FRUCs4aGRqakE9GIfIqPPdMEgAEh0KDmVzcC5jcml0ZW8uY29tGIbFqPPdMEgAUgIIZBIZCgp1aWRhcGkuY29tGIbFqPPdMEgAUgIIZBIUCgVvcGVueBiGxajz3TBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKTHqPPdMEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86fd506ffb52ebe0c517741410cb674fa74cd8b29ad175b591b4d020908b64a4
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10271607261087679227/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10271607261087679227/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CILagPXM3fwCFdYMBgAdnFAMgQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/10271607261087679227/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10271607261087679227/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10271607261087679227/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CILagPXM3fwCFdYMBgAdnFAMgQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/10271607261087679227/index.html
date
Mon, 23 Jan 2023 11:36:16 GMT
x-content-type-options
nosniff
content-encoding
br
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42743
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.myjoyonline.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		797 KB
114 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3316763044018593&correlator=5503292375851&eid=31070909%2C31071324&output=ldjh&gdfp_req=1&vrg=2023011101&ptt=17&impl=fifs&npa=1&iu_parts=1002554%2CMyjoyonline%2Cmjo-article-leaderboard_top%2Cmjo-article-right_rectangle_top%2Cmjo-article-right_rectangle_top1%2Cmjo-article-right_rectangle_top2%2Cmjo-article-left_rectangle_mid%2Cmjo-article-right_rectangle_mid%2Cmjo-article-right_rectangle_mid1%2Cmjo-article-right_rectangle_mid2%2Cmjo-article-fluid%2Cseedtag_myjoyonline_oop%2Cmjo-article-1x1%2Cmjo-article-left_rectangle_mid1&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7%2C%2F0%2F1%2F8%2C%2F0%2F1%2F9%2C%2F0%2F1%2F10%2C%2F0%2F1%2F11%2C%2F0%2F1%2F12%2C%2F0%2F1%2F13%2C%2F0%2F1%2F13%2C%2F0%2F1%2F13&prev_iu_szs=970x250%7C970x90%2C300x250%2C300x600%2C300x250%2C300x250%2C300x600%2C300x250%2C300x600%2C320x50%7C300x250%7C336x280%7C1x1%2C1x1%2C1x1%2C300x250%2C300x250%2C300x250&fluid=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2Cheight%2C0%2C0%2C0%2C0%2C0&ifi=4&adks=217630568%2C841315098%2C3967851544%2C2457191795%2C1507287477%2C3023427354%2C4171557308%2C885957586%2C1691924742%2C3033927387%2C1491190864%2C3122488463%2C2284752827%2C2284752826&sfv=1-0-40&ists=16&prev_scp=fold%3Datf%26refresh%3Dtrue%26page%3Darticle%26url%3Dhttps%253A%252F%252Fwww.myjoyonline.com%252Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%252F%26amznbid%3D2%26amznp%3D2%7Cfold%3Datf%26refresh%3Dtrue%26page%3Darticle%26url%3Dhttps%253A%252F%252Fwww.myjoyonline.com%252Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%252F%26amznbid%3D2%26amznp%3D2%7Cfold%3Datf%26refresh%3Dtrue%26page%3Darticle%26url%3Dhttps%253A%252F%252Fwww.myjoyonline.com%252Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%252F%26amznbid%3D2%26amznp%3D2%7Cfold%3Datf%26refresh%3Dtrue%26page%3Darticle%26url%3Dhttps%253A%252F%252Fwww.myjoyonline.com%252Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%252F%26amznbid%3D2%26amznp%3D2%7Cfold%3Datf%26refresh%3Dtrue%26page%3Darticle%26url%3Dhttps%253A%252F%252Fwww.myjoyonline.com%252Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%252F%26amznbid%3D2%26amznp%3D2%7Cfold%3Dbtf%26refresh%3Dtrue%26page%3Darticle%26url%3Dhttps%253A%252F%252Fwww.myjoyonline.com%252Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%252F%26amznbid%3D2%26amznp%3D2%7Cfold%3Dbtf%26refresh%3Dtrue%26page%3Darticle%26url%3Dhttps%253A%252F%252Fwww.myjoyonline.com%252Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%252F%26amznbid%3D2%26amznp%3D2%7Cfold%3Dbtf%26refresh%3Dtrue%26page%3Darticle%26url%3Dhttps%253A%252F%252Fwww.myjoyonline.com%252Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%252F%26amznbid%3D2%26amznp%3D2%7Cfold%3Dbtf%26refresh%3Dtrue%26page%3Darticle%26url%3Dhttps%253A%252F%252Fwww.myjoyonline.com%252Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%252F%26amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Cpage%3Darticle%26refresh%3Dtrue%26amznbid%3D2%26amznp%3D2%7Cpage%3Darticle%26refresh%3Dtrue%26amznbid%3D2%26amznp%3D2%7Cpage%3Darticle%26refresh%3Dtrue%26amznbid%3D2%26amznp%3D2&eri=5&cust_params=amznbid%3D0%26amznp%3D0%26url%3Dhttps%253A%252F%252Fwww.myjoyonline.com%252Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%252F%26words%3Dmonies%252Cpaid%252Cby%252Ccocobod%252Cto%252Cinvestors%252Cwho%252Cpurchased%252Ccocoa%252Cbills%252Cwithdrawn%26commit%3Ddeb96a281ec490c4c1393b617ae56cb66fa48b5a%26unblockia%3D0%26source%3Ddirect_internal%26CMP_accepted%3D0%26geo%3DDE%26device%3DDesktop%26order%3D7%26api_key%3D255be353-1ccf-4eea-af0c-86d618375550&sc=1&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&abxe=1&dt=1674473776322&dlt=1674473773606&idt=1305&adxs=315%2C1005%2C1005%2C1005%2C283%2C1005%2C1005%2C1005%2C473%2C0%2C298%2C473%2C473%2C473&adys=80%2C691%2C989%2C2120%2C1197%2C2385%2C3907%2C4172%2C4356%2C5943%2C4356%2C1569%2C2494%2C3091&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C3%7C0%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12&ucis=3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&frm=20&vis=1&psz=1600x250%7C355x1428%7C355x1428%7C325x250%7C680x2310%7C325x250%7C325x250%7C325x250%7C680x1%7C1600x5943%7C680x1%7C680x2310%7C680x2310%7C680x2310&msz=1600x250%7C325x250%7C325x250%7C325x250%7C300x0%7C325x250%7C325x250%7C325x250%7C650x0%7C1600x0%7C650x0%7C680x250%7C680x250%7C680x250&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C680%2C1600%2C680%2C680%2C680%2C680&ga_vid=1501366706.1674473774&ga_sid=1674473775&ga_hid=2059873228&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYhsWo890wSABSAghkEhkKCnB1YmNpZC5vcmcY88ao890wSABSAghqEoICCghydGJob3VzZRLsAURRMWU5WUg1ams5a1FjcG1mUjFvYTlNNkRTQTF4RUVja0hCT2F6Zlc4eTAvRkkwK2FLRlhYSXdvMEZrWEpyaUhvay83R2dYRStzbDAyaUZXb2F5TFBJQlplUVdob0x1SXlZMHgxcXM0MEVSN3dKa0trZDJFZXE5czNESlk5R1V0RzZJaGNTVmRHOE9YeEg4aVJOY2w3Z2l1bVYyVHlBY3AwczZkblRoNzNnQlRUU0M3aDQ1aXRuNCtSSVlLYnkwQVpOcG5aVUw2eFU1dllFanNGR2VNMElXZFhSVmwxcGVvN3FRUCs4aGRqakE9GIfIqPPdMEgAEh0KDmVzcC5jcml0ZW8uY29tGIbFqPPdMEgAUgIIZBIZCgp1aWRhcGkuY29tGIbFqPPdMEgAUgIIZBIUCgVvcGVueBiGxajz3TBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKTHqPPdMEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5941756843e528a29a7222fc10529ff3b2f406f2234cff25a28a2477de5b9137
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15491136727519701655/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15491136727519701655/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMi0hfXM3fwCFfAGBgAdVXgJuw&gqi=&layout=/sadbundle/%24csp%253Der3%24/15491136727519701655/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15491136727519701655/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15491136727519701655/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CM20hfXM3fwCFfAGBgAdVXgJuw&gqi=&layout=/sadbundle/%24csp%253Der3%24/15491136727519701655/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMq0hfXM3fwCFfAGBgAdVXgJuw&gqi=&layout=/sadbundle/%24csp%253Der3%24/11699188833985797144/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15813443360502220291/draft-4-1/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15813443360502220291/draft-4-1/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMm0hfXM3fwCFfAGBgAdVXgJuw&gqi=&layout=/sadbundle/%24csp%253Der3%24/15813443360502220291/draft-4-1/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMu0hfXM3fwCFfAGBgAdVXgJuw&gqi=&layout=/sadbundle/%24csp%253Der3%24/11082872204613916311/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15491136727519701655/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15491136727519701655/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMi0hfXM3fwCFfAGBgAdVXgJuw&gqi=&layout=/sadbundle/%24csp%253Der3%24/15491136727519701655/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15491136727519701655/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15491136727519701655/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CM20hfXM3fwCFfAGBgAdVXgJuw&gqi=&layout=/sadbundle/%24csp%253Der3%24/15491136727519701655/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMq0hfXM3fwCFfAGBgAdVXgJuw&gqi=&layout=/sadbundle/%24csp%253Der3%24/11699188833985797144/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15813443360502220291/draft-4-1/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15813443360502220291/draft-4-1/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMm0hfXM3fwCFfAGBgAdVXgJuw&gqi=&layout=/sadbundle/%24csp%253Der3%24/15813443360502220291/draft-4-1/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMu0hfXM3fwCFfAGBgAdVXgJuw&gqi=&layout=/sadbundle/%24csp%253Der3%24/11082872204613916311/index.html
date
Mon, 23 Jan 2023 11:36:17 GMT
x-content-type-options
nosniff
content-encoding
br
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116484
x-xss-protection
0
google-lineitem-id
6175175416,6175175416,-1,-1,-1,-1,4698493357,-1,-1,-2,-2,5408961803,5408961803,5408961803
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138416545192,138415682436,-1,-1,-1,-1,138358652166,-1,-1,-2,-2,138358861506,138315463107,138346473324
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.myjoyonline.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame 0541 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Mon, 23 Jan 2023 11:36:16 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=8.315448456781699
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-lz3EWiSWNA_6AGxEUNfzvg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:16 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-lz3EWiSWNA_6AGxEUNfzvg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="ContributorServingDetectionHttp"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorServingDetectionHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingDetectionHttp/external"}]}
content-type
image/gif
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=5.0742000049207014
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-hYQBvldeAnpdsYrNxG1vfA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:16 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-hYQBvldeAnpdsYrNxG1vfA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWhivIzQ2Lm4202MT_lv4T4ghKWD9JwI5Q5njnvt_ODVD-XyVoEtOy3SjQUIgUI9GTLmlV5DzIzJ0Oo1wf1t_BmFVRtbBqRpkpGejAKIr0O4-hryBCsoqb2s0FEP1_JuyJH6tZtAg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWhivIzQ2Lm4202MT_lv4T4ghKWD9JwI5Q5njnvt_ODVD-XyVoEtOy3SjQUIgUI9GTLmlV5DzIzJ0Oo1wf1t_BmFVRtbBqRpkpGejAKIr0O4-hryBCsoqb2s0FEP1_JuyJH6tZtAg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.VQZpONNKa5s.es5.O/d=1/rs=AJlcJMwAqzGD-EFp9fED4A54ILKgchR0Vw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nbO6xUp2ZYv5Xw46ftG04g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 23 Jan 2023 11:36:16 GMT
content-security-policy
script-src 'report-sample' 'nonce-nbO6xUp2ZYv5Xw46ftG04g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.myjoyonline.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
opensans-400-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame 5406 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f077-4164"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 18 Jan 2024 11:36:16 GMT
opensans-700-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame 5406 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-700-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-700.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
1baff9bf8d69c7de6ea553b53218dc5990e8a58d69200bab0c4763e70639fef4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/opensans/opensans-700.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:05 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f079-3ff4"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 18 Jan 2024 11:36:16 GMT
container.html
bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A676 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:36:15 GMT
expires
Tue, 23 Jan 2024 11:36:15 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10271607261087679227/ Frame D2A3 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10271607261087679227/index.html
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb124e502b5c41e197d70daf1372272b4f6c7ebe8ce427f6921db3345b0eaeae
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
455045
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1667
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Wed, 18 Jan 2023 05:12:11 GMT
expires
Thu, 18 Jan 2024 05:12:11 GMT
last-modified
Mon, 19 Dec 2022 14:46:17 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
B29090062.355225907;dc_pre=CObdpfXM3fwCFTWC_QcdR30MNQ;dc_trk_aid=546295868;dc_trk_cid=184452783;ord=2266023277;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/ Frame A676
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355225907;dc_trk_aid=546295868;dc_trk_cid=184452783;ord=2266023277;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355225907;dc_pre=CObdpfXM3fwCFTWC_QcdR30MNQ;dc_trk_aid=546295868;dc_trk_cid=184452783;ord=2266023277;dc_lat=;dc_rdid=;ta...
42 B
118 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355225907;dc_pre=CObdpfXM3fwCFTWC_QcdR30MNQ;dc_trk_aid=546295868;dc_trk_cid=184452783;ord=2266023277;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.180.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:16 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355225907;dc_pre=CObdpfXM3fwCFTWC_QcdR30MNQ;dc_trk_aid=546295868;dc_trk_cid=184452783;ord=2266023277;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame A676 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cq6d9MHHOY4KCFtaZmLAPnKGxiAj6zKzObu39y97fENvZHhABIL2Lt39gleKQgqAHoAHF6pm5AsgBCakCh0FETJ02sj7gAgCoAwHIA0iqBMsCT9CNNsKY0f0giF4wjE1kvBbr037Z1SP-B-QtspmgM6foLjQjW2hSuAP_K-oYi__Wk0CsK4vOZ1ihMn7I3lr1ZZZMPYXG42ic2YaM0BTPwp2OU0IX9ZkYjlqBRPTHWoypr4UJASPed7TtTxRy7AY318jWJFMyCUa7AVYGxd4Jb_CodJGSqjXeDx-75GPz2ikpPruroGtcHLRQO0sNOWoYMWGBM-jhGdr-GT0uT2CbLmuNN_BZsgXe4tl7loYnHsK8q7Pt27neDwc_nzSPABKYtTp8Sy5zOFFOS0tkFPzJHmtWgM9ZrADN3LIrqbZSxZMD1QEkWwSgE_cfWjjc8B322LQgux7_3no-cpkt4GJQowvaLU0ySgEuUm7qwSOkG7TTNAnQ9Y_OkjnR1BkWHCATc-oJXuf0K3BCfPbhFEmNlPnXRe10qxmmbHmGSsAE3avPyZoE4AQBoAYugAejlebGAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIWxF9IIEQiA4YBwEAEYHTIC6wI6AoBAgAoDyAsB2BMD0BUBmBYBgBcBshceChwIABIUcHViLTE1MjA5NjAzMDU4MTQwNTQY7uZ3&sigh=DJhiRtBzoO4&uach_m=[UACH]&cid=CAQSOwDq26N9u0ULnxzxPRJ_KmXOalWe108zLr7pDAwrIhyP9LHkT0BQEC6XHU1YoAKn5mQxtIZZMIvwjYW6GAEgEw&template_id=419
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/ Frame A676 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite_fy2021.js
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:18:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
11895
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8872
x-xss-protection
0
server
cafe
etag
4731094640903799552
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:18:01 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 626A 		0
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012301041800000/ Frame 3B6B 		221 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301041800000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4e7f21914210e4d6da2b44cc05a554cdd1e538ee43e1d4dc5d6e6a1f1ee1282
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 17 Jan 2023 18:07:13 GMT
age
494943
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61740
x-xss-protection
0
server
sffe
etag
"8e9029bac2b10828"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 17 Jan 2024 18:07:13 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012301041800000/v0/ Frame 3B6B 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301041800000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
885cb07503e088de00e0b1502940db47d59817caf2a3e35e1f92432d48d6f8fe
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 17 Jan 2023 18:07:13 GMT
age
494943
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5230
x-xss-protection
0
server
sffe
etag
"98e8559bf0300638"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 17 Jan 2024 18:07:13 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012301041800000/v0/ Frame 3B6B 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301041800000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6629584f62feeb6b024b50fae7e99ed6bec9942ce434c8163e2d627f1253dbb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 18 Jan 2023 13:59:01 GMT
age
423435
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28829
x-xss-protection
0
server
sffe
etag
"80143a542ab189b2"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 18 Jan 2024 13:59:01 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012301041800000/v0/ Frame 3B6B 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301041800000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9ed6c0cdb54ddeb561369fa2f9748cd0dcba457ba2cd0cb1955cf48387bcf2a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 19 Jan 2023 10:54:14 GMT
age
348122
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1904
x-xss-protection
0
server
sffe
etag
"c26873ae23a2dfcc"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 19 Jan 2024 10:54:14 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012301041800000/v0/ Frame 3B6B 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301041800000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f239f3f5ba2fe8def7ffc52c0268cfb1cbd362214823676459daa279370a9cfa
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 17 Jan 2023 18:07:13 GMT
age
494943
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12956
x-xss-protection
0
server
sffe
etag
"a53f7d5e2894160e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 17 Jan 2024 18:07:13 GMT
css
fonts.googleapis.com/ Frame 3B6B 		8 KB
895 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 23 Jan 2023 11:36:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 23 Jan 2023 09:49:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 23 Jan 2023 11:36:16 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3B6B 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 05:07:54 GMT
x-content-type-options
nosniff
server
cafe
age
23302
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 24 Jan 2023 05:07:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3B6B 		295 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 09:50:10 GMT
x-content-type-options
nosniff
server
cafe
age
6366
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 24 Jan 2023 09:50:10 GMT
l
www.google.com/ads/measurement/ Frame 3B6B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSLofsBUKi0pPRuzBBhcLkytqv6mjUIg8680RD26BxLzZFlz5MtSWrbQlLQTDhXauB4-wOF
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 3B6B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cz37QMHHOY4-wFZaomLAP3fis6AObpY6lbo-57YXJENvZHhABIO7-ikpgleKQgqAHoAH75N-YA8gBCakCh0FETJ02sj7gAgCoAwHIAwqqBJoCT9A6113wIJ7mOOprWWEpuR4VQ2Va9yk-al7nBeZuaBsNln6D40UK14UwPDsN6uUWX9Evua1g54kWQYEtY3W4lOxlo2RLI8sWfovRMPFLgKyUahySG_sulMawQ3ROOH4tnNCV-q5EInMxDQOaFKCqLRtSsgyvQZBUcKTgFQ8fUOt6-vZBt48e3Dqg61Gz2xPO7xgMgjFhph8a82jJPlcDOCy06zDnyrBxu87Jz_IOidMNnSaAbKLBuA2i0fhMknpIHTn9Gukmy6L69zOqkazzXn275E5B8ZasFWs_W_uZvoN_OgApbCUPYj89l0hgzKLW4e5jflGkaHXT2PAjcuem5am2ZOgHA_YRzSe4odGOGEvD0nwMws_yDyjkwAS7scW3zgPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH7ZqgZ6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIeeBtIIEQiA4YBwEAEYHTIC6wI6AoBA8ggbYWR4LXN1YnN5bi05NzEzNDQwODU2OTc5Mzg5gAoDyAsB2BMMiBQC0BUBmBYBgBcBshceChwIABIUcHViLTM0OTQ1MjA0Njg3ODg1ODkYhqcl&sigh=k9SJFEiIdHs&uach_m=[UACH]&cid=CAQSOwDq26N90-c1vpiVL85yHmd8sdGuZLiYqLzTzUMYrGb1sEKp6DOUSyrkyv7jReBbWQ0loVlyS2uA7VxgGAEgEw&template_id=5000
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
14763004658117789537
tpc.googlesyndication.com/simgad/8315932788975875912/ Frame 3B6B 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8315932788975875912/14763004658117789537?w=600&h=314
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a26af5cc1bafec3821428137004d4fedc4ce3a04aeb320eeeb4fc62cdd56150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 10:07:39 GMT
x-content-type-options
nosniff
age
264517
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42559
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 03:22:28 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 20 Jan 2024 10:07:39 GMT
truncated
/ Frame 3B6B 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3B6B 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3B6B 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
30a75d4a33c84b4b111e38de784ab2174f0744ea4ffadb57cfb779d102cd2f52

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame D2A3 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10271607261087679227/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 18:58:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
59879
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2551
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 23 Jan 2023 18:58:17 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame D2A3 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10271607261087679227/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 09:40:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
6918
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 24 Jan 2023 09:40:58 GMT
tweenmax_2.1.2_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame D2A3 		113 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.1.2_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10271607261087679227/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39910
x-xss-protection
0
last-modified
Mon, 11 Mar 2019 14:29:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 Jan 2023 11:36:17 GMT
main.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10271607261087679227/ Frame D2A3 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10271607261087679227/main.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10271607261087679227/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8893201d22f593c535d23bc413757040c3c12bc17e54ac4aa8a8a386c9ef8f29
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 17 Jan 2023 21:36:23 GMT
age
482393
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2615
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 14:46:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 17 Jan 2024 21:36:23 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 578B 		143 B
476 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2678
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 10:51:38 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame A676 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:19:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
1009
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 11:19:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame A676 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:18:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
11895
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7515
x-xss-protection
0
server
cafe
etag
5914713042212191929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:18:01 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 3B6B 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.myjoyonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:35:41 GMT
x-content-type-options
nosniff
age
309635
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Jan 2024 21:35:41 GMT
l
www.google.com/ads/measurement/ Frame A676 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQXl_SOsKyNH2SWK0YJf1xgMn_ZaM9POJcLZbKjil-3ZCU2ylXkaZMdK7SgmrPMq2k6YnHK
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A676 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 11:36:16 GMT
truncated
/ Frame A676 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd24bfe5129d1c9a47b7fb73b9b60bbda68b3d6ee394fef9eb13e17521528298

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 578B
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
307 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:36:17 GMT
expires
Mon, 23 Jan 2023 11:36:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:36:17 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
468x60-
fundingchoicesmessages.google.com/f/AGSKWxXFwRuHRhenVCcqGX5BqQY988gAGpeaPhJ9ZXQOXLLQU2XQoWtTeqkcmMwvAXWye-fvhTpIDYOXxDpUCFCiF19rjUsOfB_2fpmuzPFLZFkkluKR53lkNV1ZbJE-dSZRBaUyRPuVLYZeay3c9oL6TqfLxgg3p... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXFwRuHRhenVCcqGX5BqQY988gAGpeaPhJ9ZXQOXLLQU2XQoWtTeqkcmMwvAXWye-fvhTpIDYOXxDpUCFCiF19rjUsOfB_2fpmuzPFLZFkkluKR53lkNV1ZbJE-dSZRBaUyRPuVLYZeay3c9oL6TqfLxgg3p8Wm1hmRrdbMOYzlTCn91l_00VBY0uZy/_/pubfig.min.js/adsensegb._480x60-/boxad2./468x60-
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.VQZpONNKa5s.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwAqzGD-EFp9fED4A54ILKgchR0Vw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8b8c6218040c027d2762ed6e7eab042ed294e60a1e9d706c15eda72be4f8045d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-88Kf-okFEX-_NXpY_cCUYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:17 GMT
content-security-policy
script-src 'report-sample' 'nonce-88Kf-okFEX-_NXpY_cCUYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.VQZpONNKa5s.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwAqzGD-EFp9fED4A54ILKgchR0Vw/m=ad_blocking_detection_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
016c6450ddb7c1e8e337ad0190d95079ae90fd5a2907e06c72906a431e202ce2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:19:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
1015
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12629
x-xss-protection
0
server
cafe
etag
9062828921656238526
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Mon, 23 Jan 2023 12:19:22 GMT
AGSKWxWhivIzQ2Lm4202MT_lv4T4ghKWD9JwI5Q5njnvt_ODVD-XyVoEtOy3SjQUIgUI9GTLmlV5DzIzJ0Oo1wf1t_BmFVRtbBqRpkpGejAKIr0O4-hryBCsoqb2s0FEP1_JuyJH6tZtAg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWhivIzQ2Lm4202MT_lv4T4ghKWD9JwI5Q5njnvt_ODVD-XyVoEtOy3SjQUIgUI9GTLmlV5DzIzJ0Oo1wf1t_BmFVRtbBqRpkpGejAKIr0O4-hryBCsoqb2s0FEP1_JuyJH6tZtAg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.VQZpONNKa5s.es5.O/d=1/rs=AJlcJMwAqzGD-EFp9fED4A54ILKgchR0Vw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5S7rziNzkRZ2AOQi2GAHqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 23 Jan 2023 11:36:17 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5S7rziNzkRZ2AOQi2GAHqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.myjoyonline.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
commerzbank_affluent_mut_300x250_v3_js.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10271607261087679227/ Frame D2A3 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10271607261087679227/commerzbank_affluent_mut_300x250_v3_js.png
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d17a78f4d9779ae7353e2f0eb56d6d3b57eaf1bc2d3e4beb482ae693b00b37b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sun, 22 Jan 2023 23:00:08 GMT
x-content-type-options
nosniff
age
45369
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62324
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 14:46:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 22 Jan 2024 23:00:08 GMT
AGSKWxWhivIzQ2Lm4202MT_lv4T4ghKWD9JwI5Q5njnvt_ODVD-XyVoEtOy3SjQUIgUI9GTLmlV5DzIzJ0Oo1wf1t_BmFVRtbBqRpkpGejAKIr0O4-hryBCsoqb2s0FEP1_JuyJH6tZtAg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWhivIzQ2Lm4202MT_lv4T4ghKWD9JwI5Q5njnvt_ODVD-XyVoEtOy3SjQUIgUI9GTLmlV5DzIzJ0Oo1wf1t_BmFVRtbBqRpkpGejAKIr0O4-hryBCsoqb2s0FEP1_JuyJH6tZtAg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.VQZpONNKa5s.es5.O/d=1/rs=AJlcJMwAqzGD-EFp9fED4A54ILKgchR0Vw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-lZl7MTU0-E70ux9YE5pjfA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 23 Jan 2023 11:36:17 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-lZl7MTU0-E70ux9YE5pjfA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.myjoyonline.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6959 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvmw-maChbmzNJZ_rKKXn7JlMOJmiaybz_nJeuK94IOWk-qhLUZJfM6mM_TeccSFr_EmHOWG9uVEaptAiSU3KoE7HIe8qd_Hvefaw97WFJTE_uHkaASnfqi0wzPjya2OljfhTNpIzrvJD6jZcNnZ--vQJ5X-PyTSKvUNRLr-ExBkavfBl_vJt-cPknqejfkQ3GZXOUmyiL-Rk0S1VqZT2lgnKZ6VZRukf74BnqBcQQFRofZH-Oj447Crc96T-pWPhkizBRXo_LVTFG19SPo_4exxaA38ygV-81zSj4jljTMcGFfxSJSCxm4jXbEZlwyjV0lUup5Q1C6WznqpfxArt-87GA7XoyXPcIs0w0F51s&sai=AMfl-YRBtqky5-G_DVJjq3j_mhMPuvkXj8J9PkI0qtX0Eyz0cl5PDiGhI3-HfRmItvDMUJ-dcreRTIs3jJn2q84k33Y5fqPzU8PFHGO7msirjzsjLTaQZ49nmI5nR-MX317J&sig=Cg0ArKJSzELf6A8sd5QeEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/ Frame 6959 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:18:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
11896
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8872
x-xss-protection
0
server
cafe
etag
4731094640903799552
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:18:01 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 6959 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:19:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
1010
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 11:19:27 GMT
l
www.google.com/ads/measurement/ Frame 6959 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTohykibyfhYmnqzOVZOQh9cWlJK4wg9gPsL59OBQUbYwuY0rVLIdzjQk-eNzNWldvTDK5U
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6959 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 11:36:17 GMT
7766120503777531736
tpc.googlesyndication.com/simgad/ Frame 6959 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7766120503777531736
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8dabbe9a72646731da94581f6de8704d4a020deb7a456aa868583d2020385c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 18:38:34 GMT
x-content-type-options
nosniff
age
579463
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
90110
x-xss-protection
0
last-modified
Fri, 09 Dec 2022 13:44:35 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 16 Jan 2024 18:38:34 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2B68 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssA-jM8GdePjx1I2WS2yxymdpFYuXPqBIK9DKA9b7_xkGgEbxlI1q2CVfEa5AmlvsziBgEi0wN2XRwR85PSg6aH_YUHEnmnQB4lObIUdbNtTgAIEWIWXPScq27XWankE310-s_mRAnZVGzqmNxyq_IoWfXuKo7QoFUv7pA2D-qfCcw_nyEZrP5HhL3yePKIScmrsSR3AQzWy_yrNb5Htj2qqrjrKIsvmEjqaRwo2lVBuL1tLVFIA3hFctl1mkDrROkyYTCwpQ4STgWTnQrNKw9qyI0RHcROUstvv2GyFQQPJxHs92zf7lnm1ElD-uhjxpnFdNuTreA7ZNP7mYYTgsUhk2t-o-I2W8G9apCfm1M0EmD0&sai=AMfl-YS07M0D_ryqRfzxZYFyFRfrbf_vAqV85Tdwopg5zmlnSTeozriM-6uTJEkXYd3gUi-am4edUns36fOFszg62O7hq355myyNiu1WGvrGGpAv2Ls8OiaDBJf8eoAOZbZp&sig=Cg0ArKJSzDj2jDHeOkPrEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 2B68 		145 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2500680891621702
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71d66521dfd4a8eea681f0b8be5ec675ed120466214c9507ffb2d48531d6796c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Origin
https://www.myjoyonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49852
x-xss-protection
0
server
cafe
etag
14960832628788501314
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 23 Jan 2023 11:36:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2B68 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 11:36:17 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 95CE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv7SOocv_gAG-s0rca3xEothVu7LTzyPNaa3nOP63DzWeartQRHSSTYDE2fm_24d6-SrclnmCWLR-M6ackFcdt4vUutsLp9T4CedkgUBZMTfF1-Qa-85XNHRWZz1WMn1ioqTGWfLGqm6HFh4ZKho1AeVdgbF6h22z-H4UR0FTLQIk92NtAGNYVLutmClp_lLD2vUlam2cPtRzTmBP-ikNvwbq4OydcvjucWT5HQVejK4tLSxiXq-0ltF86pr4Sa7ulBiXFrt0PbE7XhUAATq7iuDUoAJEUDIt7GStG0vOJxq_P4F6syxAt3d-1IBEG_O3_lcxCVkCHkwopNB--naAI0mi6mn3VjMY7myLRuSivCSwhD&sai=AMfl-YTGfiM5c7saLxLw9o2vIMwPE6_2bP08vVOWemf-v9CvSVyhlMEdP7Iy5bYTOINhFxV-A-0DFFrm8ui6ew0yJCO4SQLIPV6FEG_F7c16Q-fDtLKtbivUJLh4k5aFiKo3&sig=Cg0ArKJSzENchKEzf4T_EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/ Frame 95CE 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:18:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
11896
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8872
x-xss-protection
0
server
cafe
etag
4731094640903799552
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:18:01 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 95CE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:19:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
1010
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 11:19:27 GMT
l
www.google.com/ads/measurement/ Frame 95CE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQy1lBw03KXkRLe6JFEQv2zGxgiv47lgPPidbGwVVbNcqifdw8AdCn6jZEFHXaClAqwG4HJ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 95CE 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 11:36:17 GMT
2863772282946991659
tpc.googlesyndication.com/simgad/ Frame 95CE 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2863772282946991659
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b759c4ab19d3efbd9690a76f96a8905734e104aaa98104f91c3fd3cfa0b154d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 16:51:12 GMT
x-content-type-options
nosniff
age
326705
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13276
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 09:53:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 19 Jan 2024 16:51:12 GMT
container.html
bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F479 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:36:15 GMT
expires
Tue, 23 Jan 2024 11:36:15 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 29E8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:36:15 GMT
expires
Tue, 23 Jan 2024 11:36:15 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4410 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:36:15 GMT
expires
Tue, 23 Jan 2024 11:36:15 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8920 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:36:15 GMT
expires
Tue, 23 Jan 2024 11:36:15 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A551 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:36:15 GMT
expires
Tue, 23 Jan 2024 11:36:15 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012301041800000/ Frame 1F19 		221 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301041800000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4e7f21914210e4d6da2b44cc05a554cdd1e538ee43e1d4dc5d6e6a1f1ee1282
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 17 Jan 2023 18:07:13 GMT
age
494944
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61740
x-xss-protection
0
server
sffe
etag
"8e9029bac2b10828"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 17 Jan 2024 18:07:13 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012301041800000/v0/ Frame 1F19 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301041800000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
885cb07503e088de00e0b1502940db47d59817caf2a3e35e1f92432d48d6f8fe
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 17 Jan 2023 18:07:13 GMT
age
494944
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5230
x-xss-protection
0
server
sffe
etag
"98e8559bf0300638"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 17 Jan 2024 18:07:13 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012301041800000/v0/ Frame 1F19 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301041800000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6629584f62feeb6b024b50fae7e99ed6bec9942ce434c8163e2d627f1253dbb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 18 Jan 2023 13:59:01 GMT
age
423436
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28829
x-xss-protection
0
server
sffe
etag
"80143a542ab189b2"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 18 Jan 2024 13:59:01 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012301041800000/v0/ Frame 1F19 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301041800000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9ed6c0cdb54ddeb561369fa2f9748cd0dcba457ba2cd0cb1955cf48387bcf2a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 19 Jan 2023 10:54:14 GMT
age
348123
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1904
x-xss-protection
0
server
sffe
etag
"c26873ae23a2dfcc"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 19 Jan 2024 10:54:14 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012301041800000/v0/ Frame 1F19 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301041800000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f239f3f5ba2fe8def7ffc52c0268cfb1cbd362214823676459daa279370a9cfa
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 17 Jan 2023 18:07:13 GMT
age
494944
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12956
x-xss-protection
0
server
sffe
etag
"a53f7d5e2894160e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 17 Jan 2024 18:07:13 GMT
css
fonts.googleapis.com/ Frame 1F19 		6 KB
672 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 23 Jan 2023 11:36:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 23 Jan 2023 10:01:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 23 Jan 2023 11:36:17 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1F19 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 05:07:54 GMT
x-content-type-options
nosniff
server
cafe
age
23303
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 24 Jan 2023 05:07:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1F19 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 09:50:10 GMT
x-content-type-options
nosniff
server
cafe
age
6367
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 24 Jan 2023 09:50:10 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 1F19 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CRZZMMHHOY87cGvCNmLAP1fCl2AuF5ZG7bva-673rEODwsdKbKRABIIL1siFgleKQgqAHoAH5-cP-A8gBCakCh0FETJ02sj7gAgCoAwHIAwqqBL0CT9DX7YoCPKa8qLlCPelcIi7zpGkgDiBOxxb83lyitsEUIJ7UG3Ymk8zrmmP3NbZHCGPs9QLn5CvZeDeP_7owXWZaXXKJ5uYrJEn2xx8gnj6zmOiNEyQdiDa0Gt0zCQys5QredoDK3IzfHNZr6PvazkzWfO_KW3RfA9MQQwTkaaEFa5jYJmX0qTBEGhEqYkN8gv1mbm4oingc8JpuSNeHkAb_KVo_m_lm3UClJxWiNllct0ySsStcTNKU6iyGHRs1qHMRNlZPqMg44sUbrfYzfj3y15Xl4IkUjDCK9m6EJWsdyfd56ZFIyG_4t94SmI9IfEcWTgCrrZUiIoWf25YHPKrq6ffq_kAVpRvhvW8LcFoSPaBgRqtlmr-Lc71rWcGClvf1faxP6ZVqcwsj4OBdT_gAVUg2EnkQx_AXQBDABOWSw6abBOAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfvhbwBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQiJUG0ggRCIDhgHAQARgdMgLrAjoCgECACgPICwG4E-QD2BMN0BUBmBYBgBcBshceChwIABIUcHViLTUyMzU3NTM0Mjc5NzY0NjAYitMF&sigh=khuZfuxSKAQ&uach_m=[UACH]&cid=CAQSOwDq26N9204WN_666g3j1d6eirC6xOAV3uMHu4dy_iDq2wraV_WKV1ht4Bd208a-9GmpAFEi2UlWxk-EGAEgEw&template_id=484
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 8F7E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssk_eW--x-KHZ75RkQwIsFhJ1W3pxHEBFo-qafqfmxnnAut4R0XdJjDTuL-GHtWmJ8RmGe0aXUw2Dr3s9YrqAwL4Geo4XXttICZQ09KOu2tpMkGHTnwojFNjEhIyCutOKgIF0altgm35Mq9_RxDxZsOWYfDt9ok9exrTTBfLg0EGjCAZHXm8iTgn8cCAuLpadFf7IPaMp4eEm1ehHyW75uy_C5gtdAyHQ3-QAhf6CzNt0564aEmpo36r3xT4IpFMS68whVz1uNNrJOYNEHF2uHm7LMSJT0qyW2kmVECqzAGdebOwyJPOfZpKREhSyYTf_N8ML5A3vOJNYh7jrkuo82Sh4gFSkFNi_U50E9DtZ5dzta7&sai=AMfl-YQpVaOWZ7ZAWprcg6Ge3ooiiei7Doe1cid8HTXFXsu5Nd2KHVy8XBtgEJulmt_6bSsTCzt0HCG2d82EfUzRO7fITPB9oCzBiGJFHnFWDtSCjYscJ-qB9Ze_vN23v5SZ&sig=Cg0ArKJSzDwFvnygnLd3EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 8F7E 		145 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2500680891621702
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ae454ccb04e1208e158521cafe1379733770bd2e14c7e972ab46fa55282f3f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Origin
https://www.myjoyonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49851
x-xss-protection
0
server
cafe
etag
795308420496111029
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 23 Jan 2023 11:36:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8F7E 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 11:36:17 GMT
container.html
bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2F49 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:36:15 GMT
expires
Tue, 23 Jan 2024 11:36:15 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame D0AA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuFCVGdWmpBbyx4jqBTGva2d0QBXE7QLqUmoPpK6BDzQNpTH4ay02PsoOuDRgKHrrSWMXtcIJ0czWo4gQPfjVJPv0KNJsLBdPn4dkkUnXT9t0RT-LCowBr-NYSWlSEZ1u4A2TtMV2pVPm7PJ_3H2r-zCUN_N7rCBRYVRQvPGp5srCMRKtvBJmFz5IvcnU18TdVPg56wRBp9Boyare9zBeVMcKDj8FOR8B3ki1vgqyUJZv7VsguP-61PP6nYQA7JVDQe5MimGFnJ2Oc9OPSDzE6mQ-2lt5euIMut3B8NVB_A1WxTBkki5C1Tq-Gya6RStYWrtkA9yv-4xAKhKMlTDVilfRRZFID8CHhoJ9qZn9xo-yAxSg&sai=AMfl-YS7UQCgsesClY9l2k5szoeAhdXwDYWV1XS3kru88mbLqAdo8K-hmXvvO0NwHfzaUrgJX_ioI2xYp_EizguoBloN6b_VTFMthDR4OMgn8annmTUuDN3vdp-4cGm-6kDT&sig=Cg0ArKJSzOqDa7E1vhGNEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame D0AA 		145 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2500680891621702
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a329dd223f386b9f40064d7cc46df26baf6921105439bf8e3a995745e15f763b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Origin
https://www.myjoyonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49851
x-xss-protection
0
server
cafe
etag
16232096282664451457
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 23 Jan 2023 11:36:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D0AA 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 11:36:17 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/10648192445247625181/ Frame 1F19 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10648192445247625181/2076313506083323656
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336b0ab398ee7578f27446dd3140ff81aa3f91826ac35261fbacdbbc8e17b20c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 23:06:17 GMT
x-content-type-options
nosniff
age
304200
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23993
x-xss-protection
0
last-modified
Wed, 04 Jan 2023 18:15:12 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 19 Jan 2024 23:06:17 GMT
truncated
/ Frame 1F19 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
69afca92e3ef536873ac787779a518a28b99924a59335ab5ffafea36a7b61a98

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 1F19 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34a9b11b2cdcaef45bc7c6834c7e48adf1e11207a4f4d8115df2072836c0423c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D2A3 		38 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e27baa66e35f5d5adc061e7e1dde7ecc416a7ae08a15b8e0c6f36e7a2557e5a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame D2A3 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3062de421ab0dcb3f282bbbda8049e7aa250ef25eff9a9683e36c3108ee93d24

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D2A3 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c93dc84049ced06257c79f0b114862380a1964936f843f7c962076b4e107d58c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D2A3 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dcfd81c9426baeb3821d227a40cd765d3df097fbb0df64913f7bdd414bf4a3a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D2A3 		992 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
650da9e6f05c29b40c5cf21e4ce0a863c81e6ea5234b23f4d9b93b51dc6cfc56

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D2A3 		852 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e5ec9d53f8d82f9d59a8e9157c213b7b9cf49ef83d6e068e22f63238f195aa15

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D2A3 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea19606333339c1f788ee53fde82a94ed6d164673abe2e5939fd3aa081ab53eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D2A3 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44b34578989a08119535b5c54623cab8c70a3ed38106e766784108ea3bd06949

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 6959 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea5b3b1976c12b43f1e432cbe0259f6ceede85fdf6c859f3addf2f9be2559a0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 95CE 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4d3be73592ea977806586f213211e9f21fcff7d5dad5043614ee519be37fb1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1F19 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.myjoyonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 16:44:52 GMT
x-content-type-options
nosniff
age
586285
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Jan 2024 16:44:52 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1F19 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.myjoyonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 20:40:44 GMT
x-content-type-options
nosniff
age
226533
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 Jan 2024 20:40:44 GMT
QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
pagead2.googlesyndication.com/bg/ Frame D2A3 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 07:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
185830
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Jan 2024 07:59:07 GMT
AGSKWxWhivIzQ2Lm4202MT_lv4T4ghKWD9JwI5Q5njnvt_ODVD-XyVoEtOy3SjQUIgUI9GTLmlV5DzIzJ0Oo1wf1t_BmFVRtbBqRpkpGejAKIr0O4-hryBCsoqb2s0FEP1_JuyJH6tZtAg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWhivIzQ2Lm4202MT_lv4T4ghKWD9JwI5Q5njnvt_ODVD-XyVoEtOy3SjQUIgUI9GTLmlV5DzIzJ0Oo1wf1t_BmFVRtbBqRpkpGejAKIr0O4-hryBCsoqb2s0FEP1_JuyJH6tZtAg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.VQZpONNKa5s.es5.O/d=1/rs=AJlcJMwAqzGD-EFp9fED4A54ILKgchR0Vw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GyLH1MNQrhp10MkNcHCZkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 23 Jan 2023 11:36:17 GMT
content-security-policy
script-src 'report-sample' 'nonce-GyLH1MNQrhp10MkNcHCZkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.myjoyonline.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWhivIzQ2Lm4202MT_lv4T4ghKWD9JwI5Q5njnvt_ODVD-XyVoEtOy3SjQUIgUI9GTLmlV5DzIzJ0Oo1wf1t_BmFVRtbBqRpkpGejAKIr0O4-hryBCsoqb2s0FEP1_JuyJH6tZtAg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWhivIzQ2Lm4202MT_lv4T4ghKWD9JwI5Q5njnvt_ODVD-XyVoEtOy3SjQUIgUI9GTLmlV5DzIzJ0Oo1wf1t_BmFVRtbBqRpkpGejAKIr0O4-hryBCsoqb2s0FEP1_JuyJH6tZtAg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.VQZpONNKa5s.es5.O/d=1/rs=AJlcJMwAqzGD-EFp9fED4A54ILKgchR0Vw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-j7qcegKVkYrjcG-yyzMSjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 23 Jan 2023 11:36:17 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-j7qcegKVkYrjcG-yyzMSjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.myjoyonline.com
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVQNc1lomxdSCTKux_7M70-XQ9xYhQl-AtECgoDq5EqmOcVs6LNBn6nG8VhUyYaMcMozIWoCv3XsEaGyDjYfmqVJYnsZMRCodlCCy470VLOWfgIxA0sM9HzZ5CXg8wJ0f6tNS68Fw==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVQNc1lomxdSCTKux_7M70-XQ9xYhQl-AtECgoDq5EqmOcVs6LNBn6nG8VhUyYaMcMozIWoCv3XsEaGyDjYfmqVJYnsZMRCodlCCy470VLOWfgIxA0sM9HzZ5CXg8wJ0f6tNS68Fw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc0NDczNzc3LDQwNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDEsMSxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3Lm15am95b25saW5lLmNvbS9tb25pZXMtcGFpZC1ieS1jb2NvYm9kLXRvLWludmVzdG9ycy13aG8tcHVyY2hhc2VkLWNvY29hLWJpbGxzLXdpdGhkcmF3bi8iLG51bGwsW1s4LCJWUVpwT05OS2E1cyJdLFs5LCJkZSJdLFsxNiwiW3RydWUsdHJ1ZSx0cnVlXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.VQZpONNKa5s.es5.O/d=1/rs=AJlcJMwAqzGD-EFp9fED4A54ILKgchR0Vw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cf6fbf15b384dc4de9a63b90731bde9bbf6c4133b27c90368ac9f014123ddd8d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-2ypHH8TejB8wpId284ZT7w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:17 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-2ypHH8TejB8wpId284ZT7w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame D2A3 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
37b9a627674745ecd071e8ec6c13a61a868d34579812be5ccfb4ede29f863396

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D2A3 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b2a799b6550ce9540544ad8167eb69afca6b4478a996146262f63e077bc3d55

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D2A3 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c35829b27cab8baa43d3fcab2264640c80df89151eee9391708049c39ddd368c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D2A3 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93cb5925a330630f84012b5d56afe97a04dfed609ccf3c73203ef570624ce821

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D2A3 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f18c40a3fd1a75d239b3598c66016b18faa6b559aafccc5aba1870fef6fb146

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D2A3 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c0916f65ed64f655a33783c1340f634d26cd954009c0fbf5162784e68c529c33

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D2A3 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87a26ed5fd2ef06513a60d162c6d4f0ddf062686222533f7321794343f0b5da0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D2A3 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1fa693d2cd4a5db2635ceb147f1aa0b5d4d75691c093bd8848e1e4a7b8449e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 95CE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUb4s60Zztay_6aCLpb-nsaXW6_dIXhbVBv_QRWvz21zps4w0fxQ7SnALJmOmBC354DdoQ1YO-NmDZ3sR_fdSMO0uJ85rAA3v1dHYhYVKluYt9J3Cg1ssf-k-M2P_03SkP_fP3tPCs6oBeLJG-CnCD2v4lTIUXB2Z7z8IQ0A7XNFumVMiv_4n5KBXQoCaTenJlLxXyOzMcRqQeYNMoX_q_1QIOYPHeWvVrRdoMS2pNCGoG16ECTHRdWHjMn7Vii9_83IGNN4RDAWkRJrY-adkvOP4OS2U7Ce4LJwIhUE5a_SEdJqPQJhCsT9uDfPHI0wcKJQIN1gQqkj_7xnuyMll84qAtzXjamOyJ34SLVsUiKmUTut4&sai=AMfl-YT3aSuZuPxHTe-ipx-ScaLZ5W7F9_uYAE8PAxz3hyvgHvSNA1U7X0DFhqJnvYXeBn3EjG_EqT2z_m7rYkY4L7xqKneR-TjKVWcUDWkG24_rhbhoODyawgxWsw1jZGg1&sig=Cg0ArKJSzHKBxIHtsqWzEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 23 Jan 2023 11:36:17 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6959 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBGqfqIl320qJdPH0oaCxIafI5Uy9XSJWcuDOvu-B_mnAEvKpzxvcDS9pnzemPEEEB9R3Q2hAMtXBQsjGF9IHfH_hWRvv4wHj5zKGbx3VyX-KTmQb3By3za9pKpdduOjB-2jEwrQiK_u8YbQPSqhb7qDHVPfu0HOMtI9aPorVzAgqXLFVcUeV5c4Zweat6IK3InypkMlAzV9drZfAJgiXcCfjiaXFFkpBgum0nh9rKxzAgYVxHNAmZJyVyRQmbnpK--DrFAbAaACRunEtfz5v5HEquNd0ivqMLmZIFOIA7Rmz2hjH-pAZPym_95D-W68KurAOrkbCtOf31IyF6x2Rwqx3HHUi2viSwiG_MoI3QrA&sai=AMfl-YRTjJ3F-gnsLaaYqfpvAJRCcULAcOoq93Lo6pwZsR0tx2cbutT_TN7QE62nTkLqmuB20Mk0i-zfplH2veyY1W9rbhLWAl96eAiq6S_znXKYXG6th2KzsgiWSDtKnBmL&sig=Cg0ArKJSzBL63Kc7VEiCEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 23 Jan 2023 11:36:17 GMT
truncated
/ Frame 2B68 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
389af64d78629d373fe78d04a5211cd124ccc8a85a5b7edb060de5d6630bc6df

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8F7E 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3394fcc1aa6da5d93c2f52e131f4ee4193691d5797cafb35c7dbdabfab4cecde

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/ Frame 2B68 		358 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2500680891621702
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3d5052d92ada24a48667a3ae060bead82f286f3fec25c4a2bb558883fc5680b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120547
x-xss-protection
0
server
cafe
etag
12233610112347858836
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 23 Jan 2023 11:36:18 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230118/r20190131/ Frame BBFA 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230118/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2500680891621702
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
51926
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 22 Jan 2023 21:10:52 GMT
etag
10353107486223812946
expires
Sun, 05 Feb 2023 21:10:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame D0AA 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09424cafb222cfc6d6eb2fb2a2dfca0a1600f96235d97ceff3a24effbf41c406

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/ Frame 8F7E 		358 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2500680891621702
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fe1e61c7bf884642fc7ddaa06c70e37a6f1eaddfb86b775d832316bf568ce2b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120547
x-xss-protection
0
server
cafe
etag
13722922315964133151
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 23 Jan 2023 11:36:18 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A676 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstQy91FeHtVtRgoOvH0q6MqGLzJZzfiAjI8dA9nTJO0ln5EFCph5ygwagmMYFIU2vB9Y5eQTEnYmoTEHikXjWGkBt80YXWbR4oqsUAnxsBiPCHWWOQr5FFRNeB7EvB6KMV_Z6hhFt6UBPJxVej2fStHr0qi10m5To9Qrw5WJnymm98PLfYGtLsZn4i78ZhfH9_T74BlvHNWgYE3n0roLwzpj2ALFdUn9yhlmvfMDwc1Re-E_hMU8JS17vmsfKIkmlFVk8Q9gwY8ksdr7irB6_Mb4SjGnt5mmuQU4sB8tDV9SCnSkD47yld7cm9uyTok127610fDuyn_j1pmXp3kpNAuTzkwKpVtwbnAJjdjCtPMY6IZjBhK50CtpseleMSz0CRyS76IokCLVq-STlFqYSS2xjui1i60BLQ5bqz-rliCyxtRonN0U5IKWo3hlJjpMP4IWWnfGBnCCgoMMuyGJFEupDY5GkEEZWgFza0BBhInhpdmAbdVA97ryT04n5RTNRgontbcGcFptP3ivMMxNEIfB2i79HKA7U6ZWB3NVnwB2WgNtJSx_JbPbqOIA604UNYHsXtoWpRYmc5JY5CytAHynuwccrkvgoNVOhe_0oatQq1ZYmzBiczZli5wF5vk8WZrRRy3kG5bXRniFMh5XAhADdEBeGyNPXwcu4BZ-xvRwPNONh7Taqwx0J_OevrQvInGUU_aUIhAy1liTALDPjT-DnRZIMsdildFOgwhge-NzmyVL6OCopXTNoMXbeK3mdnNZ0sTzqo5ln70v-t3sb-5_pO1O04t7mvEA8iEEY3Cvl-o650MprWV0uBe-OU78P22F0sWwbgReysu8_EYLmPy48YXll-ViuzgPAoeJluH7bv9Oy8o0RKotIhiDnK8hW2t0C9k-xX_oEIvSp6MtYb08EJulkPHUmJ0pfdExBLJwCgGVDI8xyqPOK33ndsuD0p0OhclvNyAmjRmLJIy3WtLl92fMN8a4FvRihjgKpWGPEP1cVjwtQer6_6D_mHGcRi2f7yFvV13ULnxTYoQay2grq91BprBp_t4xtzB3Wc9n4cGBfJdYvR7oUHQ005uQmElyVq3Hi5CNMX4ivcfADZIR1q6nU4xOmJIJAEdTFExoBIa0mRZ9w8dQgNHAap3nXzI4gnIh69rau2YSfwcGV592vHoROkCfa89R_YwMQN063fXIT7fupivEsZ2Pqwl7l4&sai=AMfl-YRrGwPOIJ0lP9HE7U4PkETGUIfNWUk5Wj-tC5rihD__mfXEHislMhkkRXgwmpGAHl3cILSv9ex5kmYAaH4n2uy306XnUCT0YNXhHuQPKjDCWh3fb0LObFDmdvRKa8ygplxS24gNucYUz5Q&sig=Cg0ArKJSzH7gDOFmNvmYEAE&cid=CAQSOwDq26N9u0ULnxzxPRJ_KmXOalWe108zLr7pDAwrIhyP9LHkT0BQEC6XHU1YoAKn5mQxtIZZMIvwjYW6GAEgEw&id=lidar2&mcvt=1437&p=965,1005,1215,1305&mtos=0,1437,1437,1437,1437&tos=0,1437,0,0,0&v=20230118&bin=7&avms=nio&bs=0,0&mc=0.94&if=1&vu=1&app=0&itpl=2&adk=41891436&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674473776741&rpt=296&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/ Frame D0AA 		358 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2500680891621702
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fe1e61c7bf884642fc7ddaa06c70e37a6f1eaddfb86b775d832316bf568ce2b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120547
x-xss-protection
0
server
cafe
etag
13722922315964133151
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 23 Jan 2023 11:36:18 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15491136727519701655/ Frame 4217 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15491136727519701655/index.html
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfcf65d9367265634451d5ea043d0f33e1fef98d8595a7e86085dde04b392cab
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
45375
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1668
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Sun, 22 Jan 2023 23:00:03 GMT
expires
Mon, 22 Jan 2024 23:00:03 GMT
last-modified
Mon, 19 Dec 2022 13:58:11 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
B29127678.355541211;dc_pre=COPGiPbM3fwCFVmHgwcdlOEIbg;dc_trk_aid=546292235;dc_trk_cid=183943165;ord=3043958084;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/ Frame F479
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29127678.355541211;dc_trk_aid=546292235;dc_trk_cid=183943165;ord=3043958084;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29127678.355541211;dc_pre=COPGiPbM3fwCFVmHgwcdlOEIbg;dc_trk_aid=546292235;dc_trk_cid=183943165;ord=3043958084;dc_lat=;dc_rdid=;ta...
42 B
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29127678.355541211;dc_pre=COPGiPbM3fwCFVmHgwcdlOEIbg;dc_trk_aid=546292235;dc_trk_cid=183943165;ord=3043958084;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.180.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:18 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29127678.355541211;dc_pre=COPGiPbM3fwCFVmHgwcdlOEIbg;dc_trk_aid=546292235;dc_trk_cid=183943165;ord=3043958084;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame F479 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cw7_GMHHOY8jcGvCNmLAP1fCl2AvTk5PDbrX6y97fENvZHhABIIL1siFgleKQgqAHoAHF6pm5AsgBCakCh0FETJ02sj7gAgCoAwHIA0iqBMQCT9CkZVt3NprQq7VGi7VTA7lBVYcVsZepsIq6La7tpXCCUc50UTHCOpDnmS0APnggEr-VpX-M0xRmfciLVikCEk9s69F0UzVp3jFhgaWwuVwrGRC4awrE5xYtuisOUMhMAU-DFhxVRen91JJ6Sf1sMLo11y8T0U54-TU7ut9FdCZzVOJHouu2hkod3NvwAYBSiAWv4xBnD5ALoGx_OkOP3fJ0JaVpPseluvWGWfRpzCHhUySc1jKGSeoJ5A3nnvb84srDrXpZgbLpHM_81dMBXbc9YxeAd1VxpUIDrYa8_ZOkYeS8bb5ME0j_O4fldSCeiWicvcMUWPSbl4INggzSXBqNbAr2QQLSIUD6kkwocqhWZGr--CGYKOjwncjVjcEtbsYC6uTcSVIpsikXGplYh1MY1h1tYEdsoLBqlJiMqq-fuydYwATR98OxmATgBAGgBi6AB6OV5sYBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQtqcd0ggRCIDhgHAQARgdMgLrAjoCgECACgPICwHYEwPQFQGYFgGAFwGyFx4KHAgAEhRwdWItNTIzNTc1MzQyNzk3NjQ2MBiK0wU&sigh=CvQRlMFV_ds&uach_m=[UACH]&cid=CAQSOwDq26N9204WN_666g3j1d6eirC6xOAV3uMHu4dy_iDq2wraV_WKV1ht4Bd208a-9GmpAFEi2UlWxk-EGAEgEw&template_id=419
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/ Frame F479 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite_fy2021.js
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:18:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
11897
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8872
x-xss-protection
0
server
cafe
etag
4731094640903799552
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:18:01 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/ Frame E4C4 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/index.html
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfcf65d9367265634451d5ea043d0f33e1fef98d8595a7e86085dde04b392cab
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
45370
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1668
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Sun, 22 Jan 2023 23:00:08 GMT
expires
Mon, 22 Jan 2024 23:00:08 GMT
last-modified
Mon, 19 Dec 2022 13:55:24 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
B29127678.355541211;dc_pre=COqxivbM3fwCFWiTdwodsbsN2g;dc_trk_aid=546292235;dc_trk_cid=184115228;ord=3469949712;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/ Frame 29E8
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29127678.355541211;dc_trk_aid=546292235;dc_trk_cid=184115228;ord=3469949712;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29127678.355541211;dc_pre=COqxivbM3fwCFWiTdwodsbsN2g;dc_trk_aid=546292235;dc_trk_cid=184115228;ord=3469949712;dc_lat=;dc_rdid=;ta...
42 B
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29127678.355541211;dc_pre=COqxivbM3fwCFWiTdwodsbsN2g;dc_trk_aid=546292235;dc_trk_cid=184115228;ord=3469949712;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.180.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:18 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29127678.355541211;dc_pre=COqxivbM3fwCFWiTdwodsbsN2g;dc_trk_aid=546292235;dc_trk_cid=184115228;ord=3469949712;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 29E8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C5otQMHHOY8vcGvCNmLAP1fCl2AvTk5PDbp34y97fENvZHhABIIL1siFgleKQgqAHoAHF6pm5AsgBCakCh0FETJ02sj7gAgCoAwHIA0iqBMQCT9Aqxc6kE6_on14PrzAEd9-KTWcSjOViDbUXpTfcz65EQfgv2T2-Bnr7FmnTX3qYFEQFtlkN0EBhn2sl-IgYb6fTjK3JMqFIBN9p4Jval46fJFVfqDZ2SSnIxOzYxDzgu_SXNRXQ8tp4cJafKCbxihOJgJGfhoaxhXnPs0_8jGetwp3FpNrMg1O5M838dd7Ryq3SVbLtBpqI4CfW5zmx8WTz6aufGtAClVnEelvoJ4nfNVyMnn6L1oe2MB1QjWspwNnRHY2_CCpRzhsfEa4PzNYR7Is3sQVFqBIVOk_CBdFdP_vNYA1KGb--A0U5RaiTj1w1ofbuWYNL6kD6OLje9CjAehcj2ht3xZVqRewQx-lYDhCJ78CN63lD3pGGG0FF1dZB339RWLn7on9H1uwwvKVM0yci8BrJ9fHcc_cTEIX97vSnwATR98OxmATgBAGgBi6AB6OV5sYBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQtLkT0ggRCIDhgHAQARgdMgLrAjoCgECACgPICwHYEwPQFQGYFgGAFwGyFx4KHAgAEhRwdWItNTIzNTc1MzQyNzk3NjQ2MBiK0wU&sigh=JOVmFJWyxoU&uach_m=[UACH]&cid=CAQSOwDq26N9204WN_666g3j1d6eirC6xOAV3uMHu4dy_iDq2wraV_WKV1ht4Bd208a-9GmpAFEi2UlWxk-EGAEgEw&template_id=419
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/ Frame 29E8 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite_fy2021.js
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:18:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
11897
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8872
x-xss-protection
0
server
cafe
etag
4731094640903799552
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:18:01 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/ Frame EC53 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/index.html
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb124e502b5c41e197d70daf1372272b4f6c7ebe8ce427f6921db3345b0eaeae
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
35191
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1667
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 01:49:47 GMT
expires
Tue, 23 Jan 2024 01:49:47 GMT
last-modified
Mon, 19 Dec 2022 14:46:22 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
B29090062.355225907;dc_pre=CI3Bi_bM3fwCFWP2EQgdkfAAJA;dc_trk_aid=546295868;dc_trk_cid=184451307;ord=3847260251;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/ Frame 4410
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355225907;dc_trk_aid=546295868;dc_trk_cid=184451307;ord=3847260251;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355225907;dc_pre=CI3Bi_bM3fwCFWP2EQgdkfAAJA;dc_trk_aid=546295868;dc_trk_cid=184451307;ord=3847260251;dc_lat=;dc_rdid=;ta...
42 B
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355225907;dc_pre=CI3Bi_bM3fwCFWP2EQgdkfAAJA;dc_trk_aid=546295868;dc_trk_cid=184451307;ord=3847260251;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.180.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:18 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355225907;dc_pre=CI3Bi_bM3fwCFWP2EQgdkfAAJA;dc_trk_aid=546295868;dc_trk_cid=184451307;ord=3847260251;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 4410 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CwSYHMHHOY8rcGvCNmLAP1fCl2Av6zKzObs38y97fENvZHhABIIL1siFgleKQgqAHoAHF6pm5AsgBCakCh0FETJ02sj7gAgCoAwHIA0iqBMcCT9DM0vJZuMspbLCM3GhtLITdMTBzOlPOrfL0iK8TnquJEAv0B3-SuzVdvL11d8zBfHtbE1kx4c66dbYa0l6vEoLZqFmLkEmfo1omctzEDjOrlJryYqgLlc0Q3sQCo6xVjXH7vAo2jkNyFcIqz40UgDGDCpR1DzIWoiXsU8t_rj8xejyLhH1RUSEr761qjmRQ9D7LCSMvqslRGp06CSlCBrU425D0dlksTr1twm4M3UVIoTPKaBGH6_IiwIIY0gHkiOKYKXBKe49a7FL2eTzfj7jQ9nBeGn6sf3pqA5Zdg57Gf2SWtGgXY4u_di0DHqU0bJhtZS8f2pqEfO85u0n-BxGiluqS_vHtEN87Buh1H5fuy-qTzBJmS-CyNScJrLUQTkQmcU7amDSbUpfgqoqNPS4LjWcjR1ARKDpJs2AH8V_BlHWeHgk8wATdq8_JmgTgBAGgBi6AB6OV5sYBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQw-0L0ggRCIDhgHAQARgdMgLrAjoCgECACgPICwHYEwPQFQGYFgGAFwGyFx4KHAgAEhRwdWItNTIzNTc1MzQyNzk3NjQ2MBiK0wU&sigh=GS3Bs8Ng9xE&uach_m=[UACH]&cid=CAQSOwDq26N9204WN_666g3j1d6eirC6xOAV3uMHu4dy_iDq2wraV_WKV1ht4Bd208a-9GmpAFEi2UlWxk-EGAEgEw&template_id=419
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/ Frame 4410 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite_fy2021.js
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:18:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
11897
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8872
x-xss-protection
0
server
cafe
etag
4731094640903799552
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:18:01 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15491136727519701655/ Frame 9AAB 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15491136727519701655/index.html
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfcf65d9367265634451d5ea043d0f33e1fef98d8595a7e86085dde04b392cab
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
45375
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1668
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Sun, 22 Jan 2023 23:00:03 GMT
expires
Mon, 22 Jan 2024 23:00:03 GMT
last-modified
Mon, 19 Dec 2022 13:58:11 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
B29127678.355541211;dc_pre=CPuCjvbM3fwCFRXVdwodnaoGLQ;dc_trk_aid=546292235;dc_trk_cid=183943165;ord=1507072778;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/ Frame 8920
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29127678.355541211;dc_trk_aid=546292235;dc_trk_cid=183943165;ord=1507072778;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29127678.355541211;dc_pre=CPuCjvbM3fwCFRXVdwodnaoGLQ;dc_trk_aid=546292235;dc_trk_cid=183943165;ord=1507072778;dc_lat=;dc_rdid=;ta...
42 B
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29127678.355541211;dc_pre=CPuCjvbM3fwCFRXVdwodnaoGLQ;dc_trk_aid=546292235;dc_trk_cid=183943165;ord=1507072778;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.180.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:18 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29127678.355541211;dc_pre=CPuCjvbM3fwCFRXVdwodnaoGLQ;dc_trk_aid=546292235;dc_trk_cid=183943165;ord=1507072778;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 8920 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CxsmbMHHOY83cGvCNmLAP1fCl2AvTk5PDbrX6y97fENvZHhABIIL1siFgleKQgqAHoAHF6pm5AsgBCakCh0FETJ02sj7gAgCoAwHIA0iqBMQCT9Ct7HzokrslJAaEfZS2GCUWmfM03-45y1gGuM6inxjVO76wmb4ziS-jtajrvQKSjzuIJDvrmt6olInA2_ocK_gKxZgrswQxgAr2lZjnMg1gACGGyiNrlo0s6GVkEeaE65_jRHAIJSPtIz5_Wbpi5uN3OfK8BDqt2gSnHo1IYsomVgEbfejH2rBmS7SHrSO3a_3b5GsILT2MeGDU2PC262PdWiXI4mXdwGkpOy7dyhKLc7GoI6CeZBAnr5s_yqbpaWfE5E2g63IMpzAYaDv90uO-Kz9ZTVhsL6yWbI_lxIfN0ihTNhtdiDVnCZXwPqLdPACXwpy1wIFclF-Gc3Mo5yQ1TiSFUZh27URz25kaKZF1axplzWZicI6o5YOaWk4ffkNP_97EfAKeeZ45DWLpOiUKMuouxTFs24vz7OsR5Y2TGclGwATR98OxmATgBAGgBi6AB6OV5sYBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQiJUG0ggRCIDhgHAQARgdMgLrAjoCgECACgPICwHYEwPQFQGYFgGAFwGyFx4KHAgAEhRwdWItNTIzNTc1MzQyNzk3NjQ2MBiK0wU&sigh=RAcPaIRQvFU&uach_m=[UACH]&cid=CAQSOwDq26N9204WN_666g3j1d6eirC6xOAV3uMHu4dy_iDq2wraV_WKV1ht4Bd208a-9GmpAFEi2UlWxk-EGAEgEw&template_id=419
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/ Frame 8920 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite_fy2021.js
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:18:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
11897
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8872
x-xss-protection
0
server
cafe
etag
4731094640903799552
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:18:01 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15813443360502220291/draft-4-1/ Frame CE72 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15813443360502220291/draft-4-1/index.html
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6180554d32fc60803090badcdc5539a54e3c84637e9b97a07cf0bc14ecab60d5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
354164
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1241
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Jan 2023 09:13:34 GMT
expires
Fri, 19 Jan 2024 09:13:34 GMT
last-modified
Wed, 06 Jul 2022 13:05:44 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame A551 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CNjPpMHHOY8ncGvCNmLAP1fCl2Auzzfj0bM-7stvoEKXAoM-KOBABIIL1siFgleKQgqAHoAHvq8r6AsgBCakCh0FETJ02sj7gAgCoAwHIA0iqBMgCT9BubYpTLoaKxSH1-NBAFLruiuX-0652_MuZqBbrY9MaNOSHICK_W5SQcOiG1TRWpudDGurv5ejoo0sfsPdcYNMTHjCvdKf6KFOmWSCnV-N0iRO7l7So8XIiiwok4vJaJ6ZWMSPkkPBg0s_29oRnY2XNTvoAI8CY3jGLOdAnr5qljZ3_Uij5uFiPLMPmufT_5OiKMUhxmpCtbmilzJwJNZ53kjv-jZ8SJ0StRCAtAmY1nms2_vP8JVC-ZPMlJIPgGQAVaLNt6lIBYG1Jhdm1a9cJwr1HeLg_LXXUnqsG1YwDThJYQeNbxKgenlyIxD2xkDf7Fzo8WNyKxi3vvJXAf2oxSapQ1UKQxMP7T-Z5VJkUicNVlxpYSwx5tMeAViYaEq0JLJqfegBHXaQOpOVH_KAsNuPPazrNCPAMBTjSbExhcMidBGMvB8AEtKii66sE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_nTtYUBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQiJUG0ggRCIDhgHAQARgdMgLrAjoCgECACgPICwHYEw7QFQGYFgGAFwGyFx4KHAgAEhRwdWItNTIzNTc1MzQyNzk3NjQ2MBiK0wU&sigh=k2AJunTq1aM&uach_m=[UACH]&cid=CAQSOwDq26N9204WN_666g3j1d6eirC6xOAV3uMHu4dy_iDq2wraV_WKV1ht4Bd208a-9GmpAFEi2UlWxk-EGAEgEw&template_id=419
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/ Frame A551 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite_fy2021.js
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:18:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
11897
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8872
x-xss-protection
0
server
cafe
etag
4731094640903799552
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:18:01 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2F49 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 08:20:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
270954
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 20 Jan 2024 08:20:24 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 2F49 		144 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2500680891621702
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05ebcc01830f2d7b2d4654ed7ade8d4696cb5fbf2a0878f431b658e520fe40ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
Origin
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49622
x-xss-protection
0
server
cafe
etag
16474487251016223717
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 23 Jan 2023 11:36:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2F49 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 11:36:18 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 95CE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuUbhLo3ZoVoik0J001ba74B6GTGrNJfcBkYzQB5VcbAH1sweR9O-QZ6dN2-y_D4U7MiKu70F9e60Qv4ym1c4aQMxYECLlpWfCn9Raliyj6qBzUxZ9s&sig=Cg0ArKJSzBL90vQsoGxZEAE&id=lidar2&mcvt=1199&p=691,1005,941,1305&mtos=1199,1199,1199,1199,1199&tos=1199,0,0,0,0&v=20230118&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=841315098&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674473777232&rpt=241&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6959 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvEqOJyUMXqndpTquVln3a8WVPgHek6P7Mom8vH_j9EkP4cG-CuZncqswrRytgzHy2LXC1CrCHisHn9XGez3O4VjoKPXYJdbPpysJIbVPQthW8nSGf0&sig=Cg0ArKJSzCRTZxYJ5M3LEAE&id=lidar2&mcvt=1126&p=80,315,330,1285&mtos=1126,1126,1126,1126,1126&tos=1126,0,0,0,0&v=20230118&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=217630568&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674473777212&rpt=289&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 4217 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15491136727519701655/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 18:58:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
59881
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2551
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 23 Jan 2023 18:58:17 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4217 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15491136727519701655/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 09:40:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
6920
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 24 Jan 2023 09:40:58 GMT
tweenmax_2.1.2_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 4217 		113 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.1.2_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15491136727519701655/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39910
x-xss-protection
0
last-modified
Mon, 11 Mar 2019 14:29:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 Jan 2023 11:36:18 GMT
main.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15491136727519701655/ Frame 4217 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15491136727519701655/main.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15491136727519701655/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62f2fe1bb3e183ac7a337e04c4abaefb3ac5c3523260152657caa73326a9be02
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 22 Jan 2023 22:36:38 GMT
age
46780
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2611
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 13:58:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 22 Jan 2024 22:36:38 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame E4C4 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 18:58:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
59881
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2551
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 23 Jan 2023 18:58:17 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame E4C4 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 09:40:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
6920
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 24 Jan 2023 09:40:58 GMT
tweenmax_2.1.2_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame E4C4 		113 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.1.2_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39910
x-xss-protection
0
last-modified
Mon, 11 Mar 2019 14:29:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 Jan 2023 11:36:18 GMT
main.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/ Frame E4C4 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/main.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
339c431dbbfcf7b370b678aee1588f0543c767da987e8af97f5df6b907cfcf76
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 18 Jan 2023 09:02:01 GMT
age
441257
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2619
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 13:55:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 18 Jan 2024 09:02:01 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame EC53 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 18:58:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
59881
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2551
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 23 Jan 2023 18:58:17 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame EC53 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 09:40:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
6920
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 24 Jan 2023 09:40:58 GMT
tweenmax_2.1.2_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame EC53 		113 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.1.2_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39910
x-xss-protection
0
last-modified
Mon, 11 Mar 2019 14:29:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 Jan 2023 11:36:18 GMT
main.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/ Frame EC53 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/main.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43ea858dc40003ac8d46371ae15982f7c73c789baf54845c0b46f537eea5335e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 22 Jan 2023 23:00:03 GMT
age
45375
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2617
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 14:46:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 22 Jan 2024 23:00:03 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 9AAB 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15491136727519701655/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 18:58:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
59881
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2551
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 23 Jan 2023 18:58:17 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9AAB 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15491136727519701655/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 09:40:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
6920
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 24 Jan 2023 09:40:58 GMT
tweenmax_2.1.2_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 9AAB 		113 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.1.2_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15491136727519701655/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39910
x-xss-protection
0
last-modified
Mon, 11 Mar 2019 14:29:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 Jan 2023 11:36:18 GMT
main.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15491136727519701655/ Frame 9AAB 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15491136727519701655/main.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15491136727519701655/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62f2fe1bb3e183ac7a337e04c4abaefb3ac5c3523260152657caa73326a9be02
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 22 Jan 2023 22:36:38 GMT
age
46780
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2611
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 13:58:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 22 Jan 2024 22:36:38 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame CE72 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15813443360502220291/draft-4-1/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 18:58:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
59881
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2551
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 23 Jan 2023 18:58:17 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame CE72 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15813443360502220291/draft-4-1/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 09:40:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
6920
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 24 Jan 2023 09:40:58 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame CE72 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15813443360502220291/draft-4-1/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 Jan 2023 11:36:18 GMT
script.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15813443360502220291/draft-4-1/ Frame CE72 		57 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15813443360502220291/draft-4-1/script.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15813443360502220291/draft-4-1/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3fe0592142f06693290215d57a53b9e40c0a22544bbd32cbb337a872ab866eb6
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 23 Jan 2023 07:33:05 GMT
age
14593
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13776
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 13:05:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 23 Jan 2024 07:33:05 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 4E0A 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2680
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 10:51:38 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame F479 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:19:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
1011
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 11:19:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame F479 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:18:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
11897
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7515
x-xss-protection
0
server
cafe
etag
5914713042212191929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:18:01 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 39F1 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2680
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 10:51:38 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 29E8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:19:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
1011
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 11:19:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 29E8 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:18:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
11897
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7515
x-xss-protection
0
server
cafe
etag
5914713042212191929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:18:01 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame A021 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2680
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 10:51:38 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 4410 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:19:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
1011
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 11:19:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 4410 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:18:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
11897
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7515
x-xss-protection
0
server
cafe
etag
5914713042212191929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:18:01 GMT
AGSKWxWIMiTLyu244r2RABqtsBwhTqZ4piziEMscuoicAjwbbTnUGzulINtBpsNOGDoFlHiU-RoIk8LeCOMLWoVKI3GANEKqE0SXDZWizHfBPExg6h-JSQCaShxNlSLwiyoT9h8mdHCwXQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWIMiTLyu244r2RABqtsBwhTqZ4piziEMscuoicAjwbbTnUGzulINtBpsNOGDoFlHiU-RoIk8LeCOMLWoVKI3GANEKqE0SXDZWizHfBPExg6h-JSQCaShxNlSLwiyoT9h8mdHCwXQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.VQZpONNKa5s.es5.O/d=1/rs=AJlcJMwAqzGD-EFp9fED4A54ILKgchR0Vw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-gYkgsKnnm4IS_U_AlB7cvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 23 Jan 2023 11:36:18 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-gYkgsKnnm4IS_U_AlB7cvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.myjoyonline.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 32DC 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2680
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 10:51:38 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 8920 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:19:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
1011
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 11:19:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 8920 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:18:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
11897
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7515
x-xss-protection
0
server
cafe
etag
5914713042212191929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:18:01 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2B68 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuEJLR2Tzt3Yp61uXSxWzQgyqFQa_Vmqq9audU6m4jRKnQ4k6bHhhaRXCEbGQnBPJ6YyWBGCKPhN4ZhRxOhaY46T1cNTyeyrC-XTU7dQQLmB7Wj2uETeKbdsGHwN-kDQZT7A0YwZIM4UIjMihiGHM0mkf-GpZSgdyV0LNf3BuwiVz9-iDHShmJX59t1sWlxXwKGiVliMP6UZryhWgpf1qegv3M4O6_LNdhlzJZZBDVAyzDzMVMvy6Q0h4wVFPtCLZ6LnvzXecgDudgRpGVQPP9GKonm_LaNqOcYLWZ25BFA9fafSfMQnXHWJuSy8H_vAX4ROwcSe8YoJjD--erU2U4LezNf41Dr9BDqtN54xPv1Nh2kejQ&sai=AMfl-YQd28eMTvhGkEU_ST1RT17iL_1QTOPebhPDF_QSTARK5OuH5Z7QCcgLuNCIhAvm5MGuANdVLBwdqg9QylCjnDk69MKiwoW4vuwk0svGJbEh8RlONHNd6Qsnjwm5iULI&sig=Cg0ArKJSzD6rcQJbbDd4EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 23 Jan 2023 11:36:19 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame DA3B 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2680
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 10:51:38 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame A551 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:19:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
1011
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 11:19:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame A551 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:18:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
11897
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7515
x-xss-protection
0
server
cafe
etag
5914713042212191929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:18:01 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2F49 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss5clVPXNXnLVkjLqU5uwYwwYfKrD2s-VIoqkL2g-o9FVEkMWjEsg9u93p0TsEmNb-gbQp_dELNKrXOGuxNMDM0cJ91n11fpOhzO2N_e-QSKQcP3PVkNQcZ4f6RCD_8i4dkLuGDEIzfjRIbcei2DUYl5sGxCn3IDKe2HEMUPyOFjkx__2e6D3Enm3bfLgV7jGJ0SIHMBBgP6KAaR0vtXTFRlYPcdyRP7j_6zRQo2sfnU-YfCSREFKvUAyz-j_Hivrq8KZdLBlsOwPPqfyqgG9hDXIvbmNKphxKE2jobPqaT7bmMuTczKBby4WiyVTZeQvCN6QLANtRwpnl4k1-NHu5HGe4wGDoIAANr29fLJBbJ_vBy&sai=AMfl-YTmucil72yZrzQJ7HH5SelttCBB37XowzdTbSBSstqKwKJPKt_icsTI3AhJLyo6ke7vZMu9233qLbj7Bqjj4CG61bi9nb8Kr60Tv-Gg1vyaCLUBxPDpcoTy3hY5g4u_&sig=Cg0ArKJSzHnoi5ZLmQDTEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 8F7E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst1b2RCNZruDqI4UIXgwOoG5bgq9QBEBtEHrzCGgarmN-z0mrhy5iTnOvVPoiL7kucaL85GZc8JnXQCRTSsurHxLY5gYvH1hpW8u-CR8rwk4s61it2fKi-zNNXjax6OrdGRmDZqbsQVUt4mlcGbEhs5Qf_v_H415H39PFEFCcSEqgjkFTWfHS3lt75-3eUjfM2azFR2ndnBwDTDJf6MXgKk2i3WdaM63I1SP6nlh-Q69LaOR3GfPYMPA0TNdl_NYAqOjhdeGqMwCBY5VT6kQ8Yrl5OQe_miUYduXBLyM20YnKGi_ma2PeUaAw42Nv3uJF6FQxamkm1EkwDvnId1YFQA7XE8XQuwrbJ7O4uyMydsyySAzdE&sai=AMfl-YSvKblhJ3tIGgu1R5yVq6OjI1andM8XqmxW9VLS8LyJThknORsY4iXVm_X3uYCAWEaW9pp7cfynP7e9UnLiMrgBI6QKaUwh4Z6nAEdGrPI7O34PVV2CtPtXIRs8T0jW&sig=Cg0ArKJSzMKmoxe1CDYIEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 23 Jan 2023 11:36:19 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 2B68 		219 B
467 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.myjoyonline.com&callback=_gfp_s_&client=ca-pub-2500680891621702&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55e17a640c1d6b2a717f66e95875f02d3f10e0d662f68a76e73ecaf82a74a994
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
204
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 2B68 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.myjoyonline.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 2B68 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.myjoyonline.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2B68 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&tn=DIV&id=smart-nav&cls=container-fluid%20menu-gradient%20desktop-menu&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame C286 		15 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&adk=1812271804&adf=2751417948&lmt=1674473779&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=260x810_l%7C260x810_r&format=0x0&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778341&bpp=5&bdt=1117&idt=557&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&nras=1&correlator=3625127086750&frm=23&ife=4&pv=2&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=1490278158&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=250&ifk=858287017&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44779794&oid=2&pvsid=3853091257772320&tmod=1247563705&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.n8ngm5nucivn&btvi=1&fsb=1&dtd=735
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02c2d41188e6fa43df6a6e273453b280775270f1db9199e770fa4d1ab8d73813
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
1095
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:36:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2B68 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230118&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
660734f36dd44b558b708434978e545ab0dd469f471c5945565f6c06709cbd0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10834
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F713 		101 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186306&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778341&bpp=3&bdt=1117&idt=627&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=1490278158&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=1684&biw=1600&bih=1200&isw=300&ish=250&ifk=858287017&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44779794&oid=2&pvsid=3853091257772320&tmod=1247563705&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.s8kstpwl2ll0&btvi=2&fsb=1&dtd=747
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7464d925cfd07b396fe25055a0b4e75c62dc23a67e6568ccd215e57b28a17c18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
34467
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:36:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 2F49 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac6798d3186da6cd48aff27610247d5dbf41f5f7cbded906a88aa0cb9164c489

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301040101/ Frame 2F49 		358 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com&bust=31071641
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2500680891621702
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
81664ea42a9afdea7b505900d973364025bdf4b75dcd966214c6c73c27703e50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120414
x-xss-protection
0
server
cafe
etag
11381676042605228983
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 23 Jan 2023 11:36:19 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 8F7E 		219 B
228 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.myjoyonline.com&callback=_gfp_s_&client=ca-pub-2500680891621702&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
484299b75326261e6a29e6dd854cb313a3a30a4aca0d785dae5e5adf2dc63251
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
206
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8F7E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&tn=DIV&id=smart-nav&cls=container-fluid%20menu-gradient%20desktop-menu&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ Frame 8F7E 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.myjoyonline.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 8F7E 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.myjoyonline.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C95C 		15 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&adk=1812271804&adf=2751418289&lmt=1674473779&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=260x810_l%7C260x810_r&format=0x0&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778487&bpp=6&bdt=1194&idt=453&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=1074429281&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=250&ifk=2025311624&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779793&oid=2&pvsid=3433357123333383&tmod=822283858&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.jyt7k7nra854&btvi=1&fsb=1&dtd=685
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02c2d41188e6fa43df6a6e273453b280775270f1db9199e770fa4d1ab8d73813
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
1095
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:36:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8F7E 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230118&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fd382c567944a352c9db4e41ac44aa97e72cb771ad7bcc63dcfb5e03f4544f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10964
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 888E 		102 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189485&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778487&bpp=6&bdt=1195&idt=528&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=1074429281&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=2609&biw=1600&bih=1200&isw=300&ish=250&ifk=2025311624&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779793&oid=2&pvsid=3433357123333383&tmod=822283858&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.sxkrvsofq1if&btvi=2&fsb=1&dtd=692
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ebfde080ee7801b89643c3c3bdaeb25cbaf6546b3a9ce1e8c4f662fcd64eaa41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
35154
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:36:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
commerzbank_affluent_mut_300x600_v3_js.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15491136727519701655/ Frame 4217 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15491136727519701655/commerzbank_affluent_mut_300x600_v3_js.png
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
811a0e66ec464a02e5ffd50ac152ed2c50502c19bac722b30a2562f0abd614a5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Tue, 17 Jan 2023 07:09:08 GMT
x-content-type-options
nosniff
age
534431
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
85706
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 13:58:11 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 17 Jan 2024 07:09:08 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D0AA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuIbzo_ms7Oq_ZY3Zk1bn2Sa6e6-RyxtIbfEWBdFB7V9hvj0zP5yN7w-4kMPfHKYFP2Yb2SbB8OkcUe_lo4MK96LY251tKXISX-ygIkw3ckcL0VVBRFGC9km-aXzPLwYXYPhF4uwXg9s2iaVNOmTxprI38hcJ0y76wBiXZhVGL7K3DPKZvOPmWo0cdH2wnOICZmzVHPBNlae6L5F2Vx0Wp5TPwxE7Q4QFFG3zOT40hPstGqVhgesu96kDAbe-KomD8Ph62B3n7n53AMMGyyd_1a_iDmvqoMDmcWk48oWUy3Y6rqgyOHa7J8n0bOlnd-qP0mu8cuF4aYjoZLUksUFWjbf2hI0bXPQHUh-qbEnDKe9fkVGW0r&sai=AMfl-YSI-X_OMFh3vAkm17PHKeenw69ASn9v8SODRibiOpEELd6Q28FM0jYX_rml3o60rz_yk5jY3yJBWwVqvvpeqp9N7LUzzvNebioxrZhxpdqgqgb1EABjPijkAk38pm1J&sig=Cg0ArKJSzAA2pxu9FLnuEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 23 Jan 2023 11:36:19 GMT
commerzbank_affluent_perspektive_300x600_v3_js.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/ Frame E4C4 		116 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/commerzbank_affluent_perspektive_300x600_v3_js.png
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1acf66d71a58cce9c392b41311d0b1a72298ebf1cd1f0712ec5555e431935da5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Tue, 17 Jan 2023 04:44:20 GMT
x-content-type-options
nosniff
age
543119
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119271
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 13:55:24 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 17 Jan 2024 04:44:20 GMT
commerzbank_affluent_passion_300x250_v3_js.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/ Frame EC53 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/commerzbank_affluent_passion_300x250_v3_js.png
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b5a2bb689f35dee671ce481c1a4eef5ca841fbffe7cad9c6518862d174054eb
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Tue, 17 Jan 2023 05:20:41 GMT
x-content-type-options
nosniff
age
540938
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59456
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 14:46:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 17 Jan 2024 05:20:41 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame D0AA 		219 B
227 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.myjoyonline.com&callback=_gfp_s_&client=ca-pub-2500680891621702&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b35d10a750154a877e5c4fc85c859339aba29c9abbffd5513073c82fd343a6ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame D0AA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&tn=DIV&id=smart-nav&cls=container-fluid%20menu-gradient%20desktop-menu&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ Frame D0AA 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.myjoyonline.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame D0AA 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.myjoyonline.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 75D5 		15 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&adk=1812271804&adf=2751418303&lmt=1674473779&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=260x810_l%7C260x810_r&format=0x0&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778530&bpp=4&bdt=1223&idt=498&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=922389160&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=250&ifk=3599634041&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C21065724&oid=2&pvsid=3315224857906237&tmod=319316707&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.a8fofeu5lbif&btvi=1&fsb=1&dtd=724
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02c2d41188e6fa43df6a6e273453b280775270f1db9199e770fa4d1ab8d73813
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
1095
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:36:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame D0AA 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230118&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a96029779bfc67565a3c5b0fc58e6eb3485c0544289e6675802334c6385d6cc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10897
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7D03 		123 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189475&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778530&bpp=2&bdt=1223&idt=677&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=922389160&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=4857&biw=1600&bih=1200&isw=300&ish=250&ifk=3599634041&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C21065724&oid=2&pvsid=3315224857906237&tmod=319316707&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.btevnckfk7cn&btvi=2&fsb=1&dtd=729
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab289cd24d6b3062511d670d7286b436f484f4bafced35101b87ef6ce730749e
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COWwtPbM3fwCFUZfGQodsxILXg&gqi=M3HOY7TUEMzPxgKHuaSQAw&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
44519
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COWwtPbM3fwCFUZfGQodsxILXg&gqi=M3HOY7TUEMzPxgKHuaSQAw&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:36:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
commerzbank_affluent_mut_300x600_v3_js.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15491136727519701655/ Frame 9AAB 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15491136727519701655/commerzbank_affluent_mut_300x600_v3_js.png
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
811a0e66ec464a02e5ffd50ac152ed2c50502c19bac722b30a2562f0abd614a5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Tue, 17 Jan 2023 07:09:08 GMT
x-content-type-options
nosniff
age
534431
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
85706
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 13:58:11 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 17 Jan 2024 07:09:08 GMT
artwork.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15813443360502220291/draft-4-1/images/ Frame CE72 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15813443360502220291/draft-4-1/images/artwork.jpg
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52ce4438d62664bd1663efc27cb1417d3f93a0d8083161d89518656f4de546b1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 20 Jan 2023 06:09:15 GMT
x-content-type-options
nosniff
age
278824
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37351
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 13:05:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 20 Jan 2024 06:09:15 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8F7E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 11:36:19 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4E0A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:36:19 GMT
expires
Mon, 23 Jan 2023 11:36:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:36:19 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2B68 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 11:36:19 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 39F1
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:36:19 GMT
expires
Mon, 23 Jan 2023 11:36:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:36:19 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
l
www.google.com/ads/measurement/ Frame F479 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS0F31oOSZKiWpjJSZcwAjaI9CyL7z7PcNh1N_xpbPhWTexIJe6OqKL-TPW07b0mdm4vGOQ
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F479 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 11:36:19 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame A021
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:36:19 GMT
expires
Mon, 23 Jan 2023 11:36:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:36:19 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 32DC
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:36:19 GMT
expires
Mon, 23 Jan 2023 11:36:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:36:19 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
l
www.google.com/ads/measurement/ Frame 29E8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS2WIXgc90JL1nzA4z58zhlJ8xFJKVfURrXRNgiXeq-oo7jYhPBWnK2GzWYbyslFolcF70x
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 29E8 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 11:36:19 GMT
l
www.google.com/ads/measurement/ Frame 4410 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRB2l_Yorgzxn6I1OIaal3Rm7r3QQSS8Ne83iXk8kEerwiR7eadYLb944affR1jY0Fh2lAv
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4410 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 11:36:19 GMT
truncated
/ Frame 4217 		25 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4282eeaebc14841ca183ace034238036f06fe91ecfd07ccbc04a9b4a32d60a6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 4217 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
18ccf09d133870cc2b93a87e75da4b1e3ea8429f1c8759d8a4f51b6c9b80519c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4217 		38 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad934ad20c1854d2f78f9a30bd38d90cf32336d953f2fa31b510ebe954c435ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4217 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb63ea01905ce48550a69f026781efea4d406b3b0e99be21e1609f4c96bc09d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4217 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e527ed2aef39f2b9e64ae9ba09929961f15d93e35c16dcee8759f55214a982a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4217 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ed67d00b03ac454d09fe8823fd48765227f93e6b8a8a5e47a7ee6001f090ce8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4217 		24 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02e35fe3331082c58fac80f0b6fe2b319bbb6643d02d283f7a27985c02d16def

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4217 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0e017de0b96508b616df4a4f200585fee7df1100ebfcf06a2d77acbf63b81bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame DA3B
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:36:19 GMT
expires
Mon, 23 Jan 2023 11:36:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:36:19 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F479 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
260fb4ce8b2d242c72a92d027476ba08bef10e000298cbbeb2ba3f68b58c070e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 29E8 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b79388fc7fe8a5ccac8bd340825eda3651509d6e6df49300df50d04a9634abe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4410 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
442c0cd3cddd63457d7c7fceae4d0317a8cf6b912764a7c9a5ddca5e955612a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E4C4 		38 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad934ad20c1854d2f78f9a30bd38d90cf32336d953f2fa31b510ebe954c435ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E4C4 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e527ed2aef39f2b9e64ae9ba09929961f15d93e35c16dcee8759f55214a982a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E4C4 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ed67d00b03ac454d09fe8823fd48765227f93e6b8a8a5e47a7ee6001f090ce8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E4C4 		24 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02e35fe3331082c58fac80f0b6fe2b319bbb6643d02d283f7a27985c02d16def

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E4C4 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0e017de0b96508b616df4a4f200585fee7df1100ebfcf06a2d77acbf63b81bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E4C4 		30 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e2d0edad81d1e80cf1281c0bfd22761d1af8e9e7fe72bf0026ced4326cc94f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame E4C4 		33 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95b3452ac86e83ba6a6beb3fb8541ba6611eed09ade37fa630d1a936129edebc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E4C4 		26 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44e61cc406c936f5800d26fef8f75795624a8b2855929034b9cfb6cab6790a8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame EC53 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c93dc84049ced06257c79f0b114862380a1964936f843f7c962076b4e107d58c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame EC53 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dcfd81c9426baeb3821d227a40cd765d3df097fbb0df64913f7bdd414bf4a3a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame EC53 		992 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
650da9e6f05c29b40c5cf21e4ce0a863c81e6ea5234b23f4d9b93b51dc6cfc56

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame EC53 		852 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e5ec9d53f8d82f9d59a8e9157c213b7b9cf49ef83d6e068e22f63238f195aa15

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame EC53 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea19606333339c1f788ee53fde82a94ed6d164673abe2e5939fd3aa081ab53eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame EC53 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44b34578989a08119535b5c54623cab8c70a3ed38106e766784108ea3bd06949

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame EC53 		34 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81cc7fd7df22e0e62e9fe6cc340361b2287a93752604e162440708e12712e39f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame EC53 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48041bcb6dafadb3ecb47aacfec7f5e0e43262f9c6046c28460a38c51caeb8c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
l
www.google.com/ads/measurement/ Frame 8920 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQyrfgqSgKIzLtWw1wZtTP2ugz_D4SASQen8EyGy6PVVCJnPV2ycwECz3zQnyPWsYGiST2o
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8920 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 11:36:19 GMT
l
www.google.com/ads/measurement/ Frame A551 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTCpNtyY8NggbrLqmZmZTXOhIaxchAEqBA4J-hryNPMbzDJzDNl0o5dxbtdswGhhhLE6gkL
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A551 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 11:36:19 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D0AA 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 11:36:19 GMT
truncated
/ Frame 4217 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
562105a33342805e87028bec888c44120ffc55cae3c584422397e4df3772825f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4217 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65bf6052f97e8208258bb63b2e7369a44ee622a2890e96da168cc240108b7700

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4217 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f2fc2f33e773c6b741ca3aca6a48cadee3d64689c42a42d3682df076811aa0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4217 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9550654409f5e615f24c4f16d0323ac364e0ff1072f20eb18da70f146d53547c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4217 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ef93d501cce74569911272792bf7836af546536d914ca1b87de59e4aecf63ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4217 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a29cf168c7fed359190bde8541bc52ce4d3713e72b482a65ee882dce6a225374

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4217 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5af49e8a4b70e3c46dab9564cd55efc07ddbe8247e1bf8646d6b1c79f5e2b211

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4217 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23aa272969efe7620a7945e78d0de698004ec06b8882fb500cfacac8a6d76810

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8920 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7cb5b531e8d371fc2de9b7d024b422804d7c2e3123e7c70ff9c7122ad65f55c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame A551 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dbf617647ba51c6feaffa1d981e24fa476c392f54f2ee54b5c86fc049c62258b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4217 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ff1fd08b88f47dbb00f5a47a4686025700574019e591f2237a4b1a64a78aeb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4217 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d32658fc01cb3bf428d18cf7912eb29f7f6e2902674775c65c9411f6cb2e9e57

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
pagead2.googlesyndication.com/bg/ Frame 4217 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 07:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
185832
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Jan 2024 07:59:07 GMT
truncated
/ Frame 9AAB 		25 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4282eeaebc14841ca183ace034238036f06fe91ecfd07ccbc04a9b4a32d60a6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 9AAB 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
18ccf09d133870cc2b93a87e75da4b1e3ea8429f1c8759d8a4f51b6c9b80519c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9AAB 		38 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad934ad20c1854d2f78f9a30bd38d90cf32336d953f2fa31b510ebe954c435ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9AAB 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb63ea01905ce48550a69f026781efea4d406b3b0e99be21e1609f4c96bc09d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9AAB 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e527ed2aef39f2b9e64ae9ba09929961f15d93e35c16dcee8759f55214a982a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9AAB 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ed67d00b03ac454d09fe8823fd48765227f93e6b8a8a5e47a7ee6001f090ce8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9AAB 		24 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02e35fe3331082c58fac80f0b6fe2b319bbb6643d02d283f7a27985c02d16def

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9AAB 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0e017de0b96508b616df4a4f200585fee7df1100ebfcf06a2d77acbf63b81bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E4C4 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9550654409f5e615f24c4f16d0323ac364e0ff1072f20eb18da70f146d53547c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E4C4 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ef93d501cce74569911272792bf7836af546536d914ca1b87de59e4aecf63ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E4C4 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a29cf168c7fed359190bde8541bc52ce4d3713e72b482a65ee882dce6a225374

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E4C4 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ff1fd08b88f47dbb00f5a47a4686025700574019e591f2237a4b1a64a78aeb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E4C4 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d32658fc01cb3bf428d18cf7912eb29f7f6e2902674775c65c9411f6cb2e9e57

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E4C4 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b38e47a0754cf33284eff286bd4a4b4e42bb75a1acebd2dd5a7589ca1d952ab5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E4C4 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e35bc74cf7e4af128e2bb83ed004693fd139abbb97c13f4b86b763802627965c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E4C4 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
347d077a1c34270efa6d6f8ef73ebc1fede681e42cff5cc392a88f573bb3b4eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E4C4 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee0358b12d512e90cd120c27f96a4ff913c23c5a4f810ea5f9258ce03dadfac4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E4C4 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dbe5bdc0102e824f9f2a8b804a696f4b9b68459ed1a4f15516ff90d78c5f6fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
1712629239672927850
tpc.googlesyndication.com/simgad/ Frame 888E 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1712629239672927850?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkaKcEiQ6mw7aXxnUIvCsSGTt_Z5w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189485&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778487&bpp=6&bdt=1195&idt=528&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=1074429281&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=2609&biw=1600&bih=1200&isw=300&ish=250&ifk=2025311624&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779793&oid=2&pvsid=3433357123333383&tmod=822283858&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.sxkrvsofq1if&btvi=2&fsb=1&dtd=692
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a95cb3081595ac8bb593fab22af2971d38b89619d889226c10ebf79e4d0cd3d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 10:13:25 GMT
x-content-type-options
nosniff
age
436974
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40629
x-xss-protection
0
last-modified
Wed, 16 Nov 2022 13:52:33 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 18 Jan 2024 10:13:25 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/ Frame 888E 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189485&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778487&bpp=6&bdt=1195&idt=528&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=1074429281&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=2609&biw=1600&bih=1200&isw=300&ish=250&ifk=2025311624&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779793&oid=2&pvsid=3433357123333383&tmod=822283858&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.sxkrvsofq1if&btvi=2&fsb=1&dtd=692
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:18:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
11898
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8872
x-xss-protection
0
server
cafe
etag
4731094640903799552
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:18:01 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 888E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189485&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778487&bpp=6&bdt=1195&idt=528&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=1074429281&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=2609&biw=1600&bih=1200&isw=300&ish=250&ifk=2025311624&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779793&oid=2&pvsid=3433357123333383&tmod=822283858&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.sxkrvsofq1if&btvi=2&fsb=1&dtd=692
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:19:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
1013
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 11:19:27 GMT
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 888E 		67 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189485&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778487&bpp=6&bdt=1195&idt=528&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=1074429281&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=2609&biw=1600&bih=1200&isw=300&ish=250&ifk=2025311624&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779793&oid=2&pvsid=3433357123333383&tmod=822283858&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.sxkrvsofq1if&btvi=2&fsb=1&dtd=692
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 06:08:41 GMT
x-content-type-options
nosniff
server
cafe
age
19659
etag
2462972746714251406
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
expires
Tue, 24 Jan 2023 06:08:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 888E 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189485&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778487&bpp=6&bdt=1195&idt=528&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=1074429281&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=2609&biw=1600&bih=1200&isw=300&ish=250&ifk=2025311624&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779793&oid=2&pvsid=3433357123333383&tmod=822283858&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.sxkrvsofq1if&btvi=2&fsb=1&dtd=692
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:18:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
11899
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7515
x-xss-protection
0
server
cafe
etag
5914713042212191929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:18:01 GMT
l
www.google.com/ads/measurement/ Frame 888E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ9hAvtBqDylSSvhxoXqbww-OdRZlhKZVNrNYjkP7GqPzxksDQS1oWSN9arCE99fmPyuWQZgxw6AnXRpXaqlE-b1yQzLw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189485&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778487&bpp=6&bdt=1195&idt=528&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=1074429281&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=2609&biw=1600&bih=1200&isw=300&ish=250&ifk=2025311624&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779793&oid=2&pvsid=3433357123333383&tmod=822283858&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.sxkrvsofq1if&btvi=2&fsb=1&dtd=692
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 888E 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189485&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778487&bpp=6&bdt=1195&idt=528&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=1074429281&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=2609&biw=1600&bih=1200&isw=300&ish=250&ifk=2025311624&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779793&oid=2&pvsid=3433357123333383&tmod=822283858&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.sxkrvsofq1if&btvi=2&fsb=1&dtd=692
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 11:36:20 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 888E 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189485&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778487&bpp=6&bdt=1195&idt=528&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=1074429281&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=2609&biw=1600&bih=1200&isw=300&ish=250&ifk=2025311624&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779793&oid=2&pvsid=3433357123333383&tmod=822283858&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.sxkrvsofq1if&btvi=2&fsb=1&dtd=692
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8651a1012bb35c2683162251b75438c3710bb12cf07288ef9322c271c44826af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 17:08:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
66468
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13507
x-xss-protection
0
server
cafe
etag
2920471824528828230
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Feb 2023 17:08:32 GMT
10117369996813561359
tpc.googlesyndication.com/simgad/ Frame F713 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10117369996813561359?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnBfWdktLEUxUc_XsMwZ4RtBgW-gA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186306&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778341&bpp=3&bdt=1117&idt=627&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=1490278158&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=1684&biw=1600&bih=1200&isw=300&ish=250&ifk=858287017&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44779794&oid=2&pvsid=3853091257772320&tmod=1247563705&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.s8kstpwl2ll0&btvi=2&fsb=1&dtd=747
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0f09df56f7aabf366be449dae49c8c86124a42b71177240307820a41c7a1a18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 10:05:46 GMT
x-content-type-options
nosniff
age
264633
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50836
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 10:29:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 20 Jan 2024 10:05:46 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/ Frame F713 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186306&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778341&bpp=3&bdt=1117&idt=627&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=1490278158&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=1684&biw=1600&bih=1200&isw=300&ish=250&ifk=858287017&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44779794&oid=2&pvsid=3853091257772320&tmod=1247563705&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.s8kstpwl2ll0&btvi=2&fsb=1&dtd=747
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:18:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
11898
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8872
x-xss-protection
0
server
cafe
etag
4731094640903799552
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:18:01 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame F713 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186306&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778341&bpp=3&bdt=1117&idt=627&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=1490278158&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=1684&biw=1600&bih=1200&isw=300&ish=250&ifk=858287017&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44779794&oid=2&pvsid=3853091257772320&tmod=1247563705&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.s8kstpwl2ll0&btvi=2&fsb=1&dtd=747
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:19:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
1013
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 11:19:27 GMT
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame F713 		67 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186306&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778341&bpp=3&bdt=1117&idt=627&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=1490278158&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=1684&biw=1600&bih=1200&isw=300&ish=250&ifk=858287017&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44779794&oid=2&pvsid=3853091257772320&tmod=1247563705&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.s8kstpwl2ll0&btvi=2&fsb=1&dtd=747
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 06:08:41 GMT
x-content-type-options
nosniff
server
cafe
age
19659
etag
2462972746714251406
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
expires
Tue, 24 Jan 2023 06:08:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame F713 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186306&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778341&bpp=3&bdt=1117&idt=627&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=1490278158&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=1684&biw=1600&bih=1200&isw=300&ish=250&ifk=858287017&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44779794&oid=2&pvsid=3853091257772320&tmod=1247563705&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.s8kstpwl2ll0&btvi=2&fsb=1&dtd=747
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:18:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
11899
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7515
x-xss-protection
0
server
cafe
etag
5914713042212191929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:18:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F713 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186306&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778341&bpp=3&bdt=1117&idt=627&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=1490278158&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=1684&biw=1600&bih=1200&isw=300&ish=250&ifk=858287017&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44779794&oid=2&pvsid=3853091257772320&tmod=1247563705&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.s8kstpwl2ll0&btvi=2&fsb=1&dtd=747
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 11:36:20 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame F713 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186306&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778341&bpp=3&bdt=1117&idt=627&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=1490278158&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=1684&biw=1600&bih=1200&isw=300&ish=250&ifk=858287017&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44779794&oid=2&pvsid=3853091257772320&tmod=1247563705&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.s8kstpwl2ll0&btvi=2&fsb=1&dtd=747
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8651a1012bb35c2683162251b75438c3710bb12cf07288ef9322c271c44826af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 17:08:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
66468
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13507
x-xss-protection
0
server
cafe
etag
2920471824528828230
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Feb 2023 17:08:32 GMT
truncated
/ Frame EC53 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c35829b27cab8baa43d3fcab2264640c80df89151eee9391708049c39ddd368c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame EC53 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93cb5925a330630f84012b5d56afe97a04dfed609ccf3c73203ef570624ce821

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame EC53 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f18c40a3fd1a75d239b3598c66016b18faa6b559aafccc5aba1870fef6fb146

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame EC53 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c0916f65ed64f655a33783c1340f634d26cd954009c0fbf5162784e68c529c33

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame EC53 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87a26ed5fd2ef06513a60d162c6d4f0ddf062686222533f7321794343f0b5da0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame EC53 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1fa693d2cd4a5db2635ceb147f1aa0b5d4d75691c093bd8848e1e4a7b8449e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame EC53 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3fc838e727e61e0527c90ca35a033aab703e75e9c6d04046702210d6bd18745e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame EC53 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2263589ed89b297a57ab885c817e8c13cb0d3d36a581314298a39aafe2369c88

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
pagead2.googlesyndication.com/bg/ Frame E4C4 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 07:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
185832
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Jan 2024 07:59:07 GMT
QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
pagead2.googlesyndication.com/bg/ Frame EC53 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 07:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
185833
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Jan 2024 07:59:07 GMT
truncated
/ Frame 9AAB 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
562105a33342805e87028bec888c44120ffc55cae3c584422397e4df3772825f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9AAB 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65bf6052f97e8208258bb63b2e7369a44ee622a2890e96da168cc240108b7700

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9AAB 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f2fc2f33e773c6b741ca3aca6a48cadee3d64689c42a42d3682df076811aa0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9AAB 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9550654409f5e615f24c4f16d0323ac364e0ff1072f20eb18da70f146d53547c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9AAB 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ef93d501cce74569911272792bf7836af546536d914ca1b87de59e4aecf63ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9AAB 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a29cf168c7fed359190bde8541bc52ce4d3713e72b482a65ee882dce6a225374

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9AAB 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5af49e8a4b70e3c46dab9564cd55efc07ddbe8247e1bf8646d6b1c79f5e2b211

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9AAB 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23aa272969efe7620a7945e78d0de698004ec06b8882fb500cfacac8a6d76810

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9AAB 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ff1fd08b88f47dbb00f5a47a4686025700574019e591f2237a4b1a64a78aeb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9AAB 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d32658fc01cb3bf428d18cf7912eb29f7f6e2902674775c65c9411f6cb2e9e57

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
pagead2.googlesyndication.com/bg/ Frame 9AAB 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 07:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
185833
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Jan 2024 07:59:07 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 888E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CPTnFM3HOY_3SDae_iQbBgKCIBuu0yvdd25qaweIQv-_FprQqEAEg3oifK2CV4pCCoAegAa-tz_4DyAECqQLv4GmdP02yPqgDAcgDyQSqBKICT9CHfXlDovp5JTIh19Z7YyJB7weQCnSGoP3kM9e26FAmaWL1e5JeH9yiGcUnhnnHEddda2_WOWDbIlD3ZpIINZJ-3SqVghvtMbflloTJe_qWRVB2bGch2_66SkrFFGrUP4qwl0FxVbqH885Op95KnPTfTXYFlvdct4CcTwnwilj6pW6cPSELv4WCKZwdNvOKXvnvuZRhxmMIdvbXfcfBrMTwWHhXbXZx5MtcgchpkmlMAklYoBArCQup_H3TNmqlgGKSwRBEc3ZUHwURWXrvogXZtI5W8bDeTIehEsJ3BQndxBIbV7gC9wfWXwMy0hmuM4E6zNTHNwVv-PSR_fbq-OB1IerYO40o2xdHFC0F4RweRnCVLB34m7h0GYiB6xUPSjrABM6fzZaiApIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAe50rABqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQmMEE0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItMjUwMDY4MDg5MTYyMTcwMhgA&sigh=RUzNkEYnmQw&uach_m=[UACH]&cid=CAQSOwDq26N99kkPJeaQ85Sc9DXuPp8kVXqS2EfAZvo5SY-XHPSfBh_TZYadWcIeeaK3Qo_GP216xnb0xs2nGAEgEw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189485&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778487&bpp=6&bdt=1195&idt=528&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=1074429281&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=2609&biw=1600&bih=1200&isw=300&ish=250&ifk=2025311624&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779793&oid=2&pvsid=3433357123333383&tmod=822283858&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.sxkrvsofq1if&btvi=2&fsb=1&dtd=692
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189485&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778487&bpp=6&bdt=1195&idt=528&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=1074429281&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=2609&biw=1600&bih=1200&isw=300&ish=250&ifk=2025311624&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779793&oid=2&pvsid=3433357123333383&tmod=822283858&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.sxkrvsofq1if&btvi=2&fsb=1&dtd=692
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 23 Jan 2023 11:36:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame F713 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CpFxQM3HOY7GaCJ6gZYXCl9gO0bKvym7NzZbesA_b2R4QASDeiJ8rYJXikIKgB6ABlZjpxwLIAQKoAwHIA8kEqgSlAk_Qhx3OaUzbQiSHXt9fZftghYxnVhIxL8f0CrwVhPSJIk24VGzMNxJXpcZq-CqvvsxP9LUp4z5S-JnAQS25cBS7lRKdKj5TucYKaBRuqTCkoPSDtaxk3TK3YHJ-xwp_5G4s1UJiCIj_DpHneF6QOJXN8ybHhK-qnaubNqj8uqq7ArmlCAu0aSslH2-gnOv6b2a-d6U_1OfzY96ekgnFpFpM9xQ3oDFMiEsqPVOsye7Sf8TVb8swL2RFwtg4H_HcDIWC-Tju49uLudv9Tlp1gHXqfQYNQ3rAM5dGyyfOrdrjYuWpw8MSdy1TM36CxHeG43337UWhcMR-hskg9hup3J-7exGRnunbGlgHGFtT7fm60xnYRlnPu_ghuHIKsCeHEM0slwWNwASc1f3M-AOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAH18bptQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCz5AHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi0yNTAwNjgwODkxNjIxNzAyGAA&sigh=P1dhI_y3lkU&uach_m=[UACH]&cid=CAQSOwDq26N9o2BfUdquQj79wmhR6OwoUUqFXzAkXvVrey_3QoXgt9E2bvZd-QWcIQq6hwkyQqds3c1GqbH2GAEgEw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186306&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778341&bpp=3&bdt=1117&idt=627&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=1490278158&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=1684&biw=1600&bih=1200&isw=300&ish=250&ifk=858287017&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44779794&oid=2&pvsid=3853091257772320&tmod=1247563705&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.s8kstpwl2ll0&btvi=2&fsb=1&dtd=747
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186306&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778341&bpp=3&bdt=1117&idt=627&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=1490278158&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=1684&biw=1600&bih=1200&isw=300&ish=250&ifk=858287017&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44779794&oid=2&pvsid=3853091257772320&tmod=1247563705&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.s8kstpwl2ll0&btvi=2&fsb=1&dtd=747
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 23 Jan 2023 11:36:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
pagead2.googlesyndication.com/bg/ Frame CE72 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 07:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
185833
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Jan 2024 07:59:07 GMT
Responsive_listing.html
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame CCE6 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189475&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778530&bpp=2&bdt=1223&idt=677&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=922389160&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=4857&biw=1600&bih=1200&isw=300&ish=250&ifk=3599634041&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C21065724&oid=2&pvsid=3315224857906237&tmod=319316707&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.btevnckfk7cn&btvi=2&fsb=1&dtd=729
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0f380fdee43a0103d5cd9bee42e3822ac60512f918a7ed2f805cdaefc5beadc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
68504
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
1016
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 22 Jan 2023 16:34:36 GMT
etag
11900953634711111692
expires
Mon, 23 Jan 2023 16:34:36 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 7D03 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CTvkJM3HOY6XLEsa-ZbOlrPAFmOPXzW6Xw-7syBC88rm8wzUQASDeiJ8rYJXikIKgB6AB_tbF1gPIAQmpAodBREydNrI-qAMByAPLBKoEpAJP0G5QPtW9JYrwoWGa8N_5WOQOHTT7FMITY0L7EEyZZA4rZVivp2txdvRLRDEv7BlcCg_Uv4G7zUv2nYG3qHw0l50lqJXAFycNEl4E878rLRJmI5QukNGCUtoUqmrzqGixpxWzwzXgwc5BJv3dKg4cSVbn5kh1IrYL25eeyENGKTmPlO45uffX7wRyPZAlA4g7k0D3JI1iinTUlWqQxt3RnIEQrVOR25jD8vJ86EXb8G804dZ-i0t1c70_LgPmn_7slvEIaTMH75fyy7Msn0d6mua37YTmyug62w9A1M6AIp4DVZIbYdsvN_wIjzXW3rD9_tuzH2shIg0MaVfZwMFymKh-SK2bWaC5QU0T5f_uZj2N0lN2bBWOlC6h4JnVdTcLrFCzwASg9v2hpwSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHydPWHagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBCanQLSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTC9AVAYAXAbIXHAoaCAASFHB1Yi0yNTAwNjgwODkxNjIxNzAyGAA&sigh=V2wQZx46saQ&uach_m=[UACH]&cid=CAQSOwDq26N9Crj0zddU8Qjang9XIsDFNioeilV354jBrDQumVvEhjYuASIUJg9U8VipZLWgSiyn4eMgA5d4GAEgEw&template_id=494
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189475&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778530&bpp=2&bdt=1223&idt=677&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=922389160&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=4857&biw=1600&bih=1200&isw=300&ish=250&ifk=3599634041&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C21065724&oid=2&pvsid=3315224857906237&tmod=319316707&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.btevnckfk7cn&btvi=2&fsb=1&dtd=729
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189475&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778530&bpp=2&bdt=1223&idt=677&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=922389160&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=4857&biw=1600&bih=1200&isw=300&ish=250&ifk=3599634041&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C21065724&oid=2&pvsid=3315224857906237&tmod=319316707&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.btevnckfk7cn&btvi=2&fsb=1&dtd=729
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 23 Jan 2023 11:36:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/ Frame 7D03 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189475&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778530&bpp=2&bdt=1223&idt=677&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=922389160&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=4857&biw=1600&bih=1200&isw=300&ish=250&ifk=3599634041&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C21065724&oid=2&pvsid=3315224857906237&tmod=319316707&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.btevnckfk7cn&btvi=2&fsb=1&dtd=729
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:18:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
11899
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8872
x-xss-protection
0
server
cafe
etag
4731094640903799552
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:18:01 GMT
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-VVPMTF49Z0&gtm=2oe1i0&_p=2059873228&cid=1501366706.1674473774&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1674473774&sct=1&seg=0&dl=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&dt=BoG%20directs%20banks%20to%20unilaterally%20roll%20over%20COCOBOD%20investors%27%20bonds%20-%20MyJoyOnline.com&en=audio_article_loaded&_ee=1&ep.event_category=Audio%20Article&ep.event_label=Audio%20Article%20Player&_et=540
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VVPMTF49Z0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.myjoyonline.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 02CD 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
910
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:21:10 GMT
expires
Tue, 23 Jan 2024 11:21:10 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DF43 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2d65605296c3f34c96cf4638c0adbd0b9397a3ae108986448a24d61a3e389d11
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-z3AN-8EfwQdtplvz3saeDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-z3AN-8EfwQdtplvz3saeDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:36:20 GMT
expires
Mon, 23 Jan 2023 11:36:20 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 426A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
910
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:21:10 GMT
expires
Tue, 23 Jan 2024 11:21:10 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6B7E 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e4b4d5155a2b007e32c7c2d0d6cd933d5f0b3272ba6692ce71c66f34e2a2ddce
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qKSw7zVOHml5oEObH5aCDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-qKSw7zVOHml5oEObH5aCDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:36:20 GMT
expires
Mon, 23 Jan 2023 11:36:20 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
view
securepubads.g.doubleclick.net/pcs/ Frame 2F49 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstE_gqBtW7F2wScP_TfMAApKP4ot2hTFPyM3ARDJBEm5yhFoR2KjH-Cl1KZx6cmHmQi5KFuRQDdt923ldaaaziwKbu_NxE18c--GEfddyuoSxW2w96QMznT8BQCpvHy-SnWzvswTyLQfHBMZr5dz2EWfIx88EdlP9WwGoq0R8XhvDs4cUNQYmmdLfo75gMKxaDyErH8mpcj2uLeZ5gHz8hxbFjaj1kkGjw_Q1dnaBIl0yCxxqXZ6e0Xi5JNZoEa8Nw5c95LoU8ZiqvyN1LlvZmBQBaa5fX68yopvHElyifrCDqeGPeEz-OGMLhONQ-YN0g2Ca2auv4SIvrZB4VYYmu0JpjmfHVEJVzNVx8g_VJHlyGH2KU&sai=AMfl-YTt6k4a7vYXdrNXHIX2r41cdamhK-BgNfIuUvqSm2PZKTRn75jl1DwH0kKlKxmWTcQ5pfs4WqiPbjEGkcWjwZbpYHaLoMlkdIK9t5DrzIN1ZLwOoHX82hJt3ys8jgfU&sig=Cg0ArKJSzLoheE1W1PWuEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 23 Jan 2023 11:36:20 GMT
Configurable_01_122.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame CCE6 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Configurable_01_122.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ef7e00750f06efee8a0074f2984b78a62c1a0f8cb971f01197532d57a78a836
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 01:49:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
35206
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25356
x-xss-protection
0
server
cafe
etag
15511454539072389427
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 24 Jan 2023 01:49:34 GMT
Responsive_listing.js
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame CCE6 		199 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a96924ddd5fb2ea84242905ab60d5ba262bb28e91fd6f097a077db0a63728dec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:28:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11262
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69148
x-xss-protection
0
server
cafe
etag
5199203132765013944
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 24 Jan 2023 08:28:38 GMT
Responsive_listing.css
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame CCE6 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.css
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c2b09643e58ded9316fb73dfab3ffca42772599008066cf599bfc7fb40766c1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 17:13:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
66142
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1758
x-xss-protection
0
server
cafe
etag
15825927903621683888
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 23 Jan 2023 17:13:58 GMT
me
api-widget.soundcloud.com/ Frame BC9F 		0
855 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-widget.soundcloud.com/me?client_id=Iy5e1Ri4GTNgrafaXe4mLpmJLXbXEfBR
Requested by
Host: widget.sndcdn.com
URL: https://widget.sndcdn.com/widget-9-c1e8ae630fae.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.14.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-14-48.vie50.r.cloudfront.net
Software
am/2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://w.soundcloud.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 23 Jan 2023 11:36:20 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
Via
1.1 4f41a6860ab116e6fd0a110c5ba1420a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
VIE50-P1
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
0
x-px-score
30
referrer-policy
no-referrer
server
am/2
vary
Origin
x-frame-options
DENY
Content-Type
application/json; charset=utf-8
access-control-max-age
1728000
access-control-allow-origin
https://w.soundcloud.com
access-control-expose-headers
Date
access-control-allow-methods
DELETE, GET, PATCH, POST, PUT
access-control-allow-credentials
true
x-robots-tag
noindex
access-control-allow-headers
Authorization, Content-Type, Device-Locale, X-CSRF-Token
X-Amz-Cf-Id
djrYJbjC29mYWcotNIQTZZwsgh_ySqtKZ4jMSxrB4qShv6f6LyBOiw==
integrator.js
adservice.google.de/adsid/ Frame 2F49 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com&bust=31071641
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 2F49 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com&bust=31071641
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 62A8 		15 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&adk=1812271804&adf=2751418288&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.myjoyonline.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473779149&bpp=3&bdt=694&idt=997&shv=r20230118&mjsv=m202301040101&ptt=9&saldr=aa&nras=1&correlator=1879458723352&frm=24&ife=3&pv=2&ga_vid=2127825850.1674473781&ga_sid=1674473781&ga_hid=48854750&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3824908445&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44773809%2C31071641%2C21065725&oid=2&pvsid=3526288478051640&tmod=624967619&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.b3oi87f9cnd2&fsb=1&dtd=1359
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com&bust=31071641
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02c2d41188e6fa43df6a6e273453b280775270f1db9199e770fa4d1ab8d73813
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
1095
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:36:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2F49 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230118&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com&bust=31071641
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ebafc6ca8fa7b89f01365ed70bfbb1f866acda63c880947bc49eebde84ccd1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11098
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 271A 		74 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189474&pi=t.ma~as.7074810865&w=300&fwrn=16&fwrnh=100&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473779149&bpp=2&bdt=695&idt=1223&shv=r20230118&mjsv=m202301040101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1879458723352&frm=24&ife=3&pv=1&ga_vid=2127825850.1674473781&ga_sid=1674473781&ga_hid=48854750&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3824908445&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44773809%2C31071641%2C21065725&oid=2&pvsid=3526288478051640&tmod=624967619&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.2lhdd9r4re6x&fsb=1&dtd=1367
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com&bust=31071641
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b52592691c7afe6a6bbf6e8f0fb6495c96d8542cf7ed1d9f48fa0e45e7f07589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
31152
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:36:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 65BD 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
910
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:21:10 GMT
expires
Tue, 23 Jan 2024 11:21:10 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2DE9 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9fc1a27c79e284eea5520d0541a5f8ee0a9cc3f897e6665c7026aade58f68a00
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-D7skw_EH60sKwazygIabgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-D7skw_EH60sKwazygIabgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:36:20 GMT
expires
Mon, 23 Jan 2023 11:36:20 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame EE9E 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189485&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778487&bpp=6&bdt=1195&idt=528&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=1074429281&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=2609&biw=1600&bih=1200&isw=300&ish=250&ifk=2025311624&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779793&oid=2&pvsid=3433357123333383&tmod=822283858&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.sxkrvsofq1if&btvi=2&fsb=1&dtd=692
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
13139
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 07:57:21 GMT
etag
48472445140208031
expires
Tue, 24 Jan 2023 07:57:21 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E21F 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186306&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778341&bpp=3&bdt=1117&idt=627&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=1490278158&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=1684&biw=1600&bih=1200&isw=300&ish=250&ifk=858287017&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44779794&oid=2&pvsid=3853091257772320&tmod=1247563705&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.s8kstpwl2ll0&btvi=2&fsb=1&dtd=747
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
13139
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 07:57:21 GMT
etag
48472445140208031
expires
Tue, 24 Jan 2023 07:57:21 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F713 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
418b6a26a224d345228ea70ac0c5c627602c193b8b79f36b0d8a6161b1c1b34b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 888E 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b1d23007a2051dc5bed8645e7e0b05d902a08fb29563dacd5eeafa533f7731d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 7D03 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189475&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778530&bpp=2&bdt=1223&idt=677&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=922389160&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=4857&biw=1600&bih=1200&isw=300&ish=250&ifk=3599634041&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C21065724&oid=2&pvsid=3315224857906237&tmod=319316707&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.btevnckfk7cn&btvi=2&fsb=1&dtd=729
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:19:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
1013
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 11:19:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 7D03 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189475&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778530&bpp=2&bdt=1223&idt=677&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=922389160&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=4857&biw=1600&bih=1200&isw=300&ish=250&ifk=3599634041&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C21065724&oid=2&pvsid=3315224857906237&tmod=319316707&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.btevnckfk7cn&btvi=2&fsb=1&dtd=729
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:18:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
11899
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7515
x-xss-protection
0
server
cafe
etag
5914713042212191929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:18:01 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame CCE6 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/Configurable_01_122.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 09:40:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
6922
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 24 Jan 2023 09:40:58 GMT
gen_csp
pagead2.googlesyndication.com/pagead/ Frame 7D03 		0
20 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COWwtPbM3fwCFUZfGQodsxILXg&gqi=M3HOY7TUEMzPxgKHuaSQAw&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189475&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778530&bpp=2&bdt=1223&idt=677&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=922389160&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=4857&biw=1600&bih=1200&isw=300&ish=250&ifk=3599634041&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C21065724&oid=2&pvsid=3315224857906237&tmod=319316707&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.btevnckfk7cn&btvi=2&fsb=1&dtd=729
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2F49 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com&bust=31071641
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 11:36:20 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DF43 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230118&jk=3433357123333383&rc=
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
i.match
s.tribalfusion.com/z/ Frame EE9E
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEIG8RdaoHdMBsK8GsR1KAjk&google_cver=1&google_push=AavPq0MzhwJ7FU6V2KuWcLj_a0amRYMNdzjfcwsbOhRhD0A4ONgGjO8wBM9QNs8ykuwaV5o1L4Tj9lN5fOPQIz2xNf42L22HZ5trv...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIG8RdaoHdMBsK8GsR1KAjk&google_cver=1&google_push=AavPq0MzhwJ7FU6V2KuWcLj_a0amRYMNdzjfcwsbOhRhD0A4ONgGjO8wBM9QNs8ykuwaV5o1L4Tj9lN5fOPQIz2xNf42L22HZ5t...
43 B
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIG8RdaoHdMBsK8GsR1KAjk&google_cver=1&google_push=AavPq0MzhwJ7FU6V2KuWcLj_a0amRYMNdzjfcwsbOhRhD0A4ONgGjO8wBM9QNs8ykuwaV5o1L4Tj9lN5fOPQIz2xNf42L22HZ5trvlc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0MzhwJ7FU6V2KuWcLj_a0amRYMNdzjfcwsbOhRhD0A4ONgGjO8wBM9QNs8ykuwaV5o1L4Tj9lN5fOPQIz2xNf42L22HZ5trvlc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:21 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
78e03b2c9dc92c6b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:21 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
177
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIG8RdaoHdMBsK8GsR1KAjk&google_cver=1&google_push=AavPq0MzhwJ7FU6V2KuWcLj_a0amRYMNdzjfcwsbOhRhD0A4ONgGjO8wBM9QNs8ykuwaV5o1L4Tj9lN5fOPQIz2xNf42L22HZ5trvlc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0MzhwJ7FU6V2KuWcLj_a0amRYMNdzjfcwsbOhRhD0A4ONgGjO8wBM9QNs8ykuwaV5o1L4Tj9lN5fOPQIz2xNf42L22HZ5trvlc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
78e03b2b3ba82c6b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EE9E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAydD6PQWST-s-0maO35u3U&google_push=AavPq0ODbHSkVrYr7Tb5-1zZtLE3Y-6aG6mT8QCwrAlCySJsgQy7SVZJdT...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAydD6PQWST-s-0maO35u3U&google_push=AavPq0ODbHSkVrYr7Tb5-1zZtLE3Y-6aG6mT8QCwrAlCySJsgQy7SVZJdTpUWvBMQzRS4yXRyJig1OHeHICpuWjDjE04XuGhakSChKk
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-hhn-etou8220056-HHN
pragma
no-cache
date
Mon, 23 Jan 2023 11:36:21 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1674473781.047031,VS0,VE90
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAydD6PQWST-s-0maO35u3U&google_push=AavPq0ODbHSkVrYr7Tb5-1zZtLE3Y-6aG6mT8QCwrAlCySJsgQy7SVZJdTpUWvBMQzRS4yXRyJig1OHeHICpuWjDjE04XuGhakSChKk
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame EE9E
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENBL2IsQpqHNdpPvxu0AMpE&google_cver=1&google_push=AavPq0OyH_ksjBNq87pJMXfXsvi93Cj_RldW7gjQkr6ihHX3oL9k3U1w6KPdClsU60UCl2W0olKllqDGh6n...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0OyH_ksjBNq87pJMXfXsvi93Cj_RldW7gjQkr6ihHX3oL9k3U1w6KPdClsU60UCl2W0olKllqDGh6nXf2pw8ZLURL_01iQO6ao&google_hm=7bz_eGXPRR6PmlC72...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0OyH_ksjBNq87pJMXfXsvi93Cj_RldW7gjQkr6ihHX3oL9k3U1w6KPdClsU60UCl2W0olKllqDGh6nXf2pw8ZLURL_01iQO6ao&google_hm=7bz_eGXPRR6PmlC72vrroaU
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:20 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0OyH_ksjBNq87pJMXfXsvi93Cj_RldW7gjQkr6ihHX3oL9k3U1w6KPdClsU60UCl2W0olKllqDGh6nXf2pw8ZLURL_01iQO6ao&google_hm=7bz_eGXPRR6PmlC72vrroaU
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EE9E
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MxdQLmyZTZOx6NwzeTKdHw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MxdQLmyZTZOx6NwzeTKdHw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0N_45-mnNA67_pUWVAixzjExCwZcYYLALxXrluQRUSniH5sLDe0MqN0qybnitfyhriW7D-ALCAf3ySDx_qHpQN34eNwNtuPCdQ
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MxdQLmyZTZOx6NwzeTKdHw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0N_45-mnNA67_pUWVAixzjExCwZcYYLALxXrluQRUSniH5sLDe0MqN0qybnitfyhriW7D-ALCAf3ySDx_qHpQN34eNwNtuPCdQ
date
Mon, 23 Jan 2023 11:36:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame EE9E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBubmweoldLRh2vFkcYrRKY&google_cver=1&google_push=AavPq0NuiaOVVGU7yak5o6wlPWAECH4O4KDx9RI-Etxf3y8FoGofM794ordJOcCKvMuYpQaSUgV...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQ4UUdFRzgtMjUtMTE4Qg==&google_push=AavPq0NuiaOVVGU7yak5o6wlPWAECH4O4KDx9RI-Etxf3y8FoGofM794ordJOcCKvMuYpQaSUgVIKanaKL5NMYVFZN6gkA9MUvtu5og
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQ4UUdFRzgtMjUtMTE4Qg==&google_push=AavPq0NuiaOVVGU7yak5o6wlPWAECH4O4KDx9RI-Etxf3y8FoGofM794ordJOcCKvMuYpQaSUgVIKanaKL5NMYVFZN6gkA9MUvtu5og
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQ4UUdFRzgtMjUtMTE4Qg==&google_push=AavPq0NuiaOVVGU7yak5o6wlPWAECH4O4KDx9RI-Etxf3y8FoGofM794ordJOcCKvMuYpQaSUgVIKanaKL5NMYVFZN6gkA9MUvtu5og
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Expires
0
pixel
cm.g.doubleclick.net/ Frame EE9E
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECx4Mr3l9jwgmXzB7hwu-JI&google_cver=1&google_push=AavPq0MHljkCmFfr4BhdAZcFqyvRvWqej4S2nFT9H5Si2ZZ5HGFxjZEHB42RgtCQy3FLkHppxwj1NxWKn5FZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0MHljkCmFfr4BhdAZcFqyvRvWqej4S2nFT9H5Si2ZZ5HGFxjZEHB42RgtCQy3FLkHppxwj1NxWKn5FZHcrRSyFKZ3t6J_VOgQ
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0MHljkCmFfr4BhdAZcFqyvRvWqej4S2nFT9H5Si2ZZ5HGFxjZEHB42RgtCQy3FLkHppxwj1NxWKn5FZHcrRSyFKZ3t6J_VOgQ
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0MHljkCmFfr4BhdAZcFqyvRvWqej4S2nFT9H5Si2ZZ5HGFxjZEHB42RgtCQy3FLkHppxwj1NxWKn5FZHcrRSyFKZ3t6J_VOgQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame EE9E
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEG...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0MIfN9moQeak4CsXbdusBu8bHaJKm0IvqFX2hTjE82rkG6VxlEU50NF7YnYNVzJaG_ph_3UCdS-omwXTpoArJlamByATb1JwvE&redir=https%3A%2F%2Fcm.g.do...
  • https://sync.targeting.unrulymedia.com/csync/RX-b48242d7-792d-4dd5-8680-7cbc73c32152-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0MIfN9moQeak4CsXbdus...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0MIfN9moQeak4CsXbdusBu8bHaJKm0IvqFX2hTjE82rkG6VxlEU50NF7YnYNVzJaG_ph_3UCdS-omwXTpoArJlamByATb1JwvE&google_hm=A7SCQtd5LU3VhoB8vHPDIVI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0MIfN9moQeak4CsXbdusBu8bHaJKm0IvqFX2hTjE82rkG6VxlEU50NF7YnYNVzJaG_ph_3UCdS-omwXTpoArJlamByATb1JwvE&google_hm=A7SCQtd5LU3VhoB8vHPDIVI
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0MIfN9moQeak4CsXbdusBu8bHaJKm0IvqFX2hTjE82rkG6VxlEU50NF7YnYNVzJaG_ph_3UCdS-omwXTpoArJlamByATb1JwvE&google_hm=A7SCQtd5LU3VhoB8vHPDIVI
date
Mon, 23 Jan 2023 11:36:21 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXb48242d7792d4dd586807cbc73c32152003
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame EE9E 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KqbZsw0G5-zIDRHsYp1hGHiyzHJlCzjHHgTnm8Mb3MpVZP0NevLplTyXVtny8Iv-wfZ44U
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189485&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778487&bpp=6&bdt=1195&idt=528&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=1074429281&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=2609&biw=1600&bih=1200&isw=300&ish=250&ifk=2025311624&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779793&oid=2&pvsid=3433357123333383&tmod=822283858&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.sxkrvsofq1if&btvi=2&fsb=1&dtd=692
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:21 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
current
dclk-match.dotomi.com/match/bounce/ Frame E21F 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESELQWr8SfqZ2eg5EKv0Dylug&google_cver=1&google_push=AavPq0Ox7HpLj5P0IsusczbkxZ-9-JDkSVfKJ0mm8i49zA0WKc7F5BOrlgaa70OQ8OMgLT94ezjq2kEBSRbH4QD2D7LyiiHzj0ZeFx8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186306&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778341&bpp=3&bdt=1117&idt=627&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=1490278158&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=1684&biw=1600&bih=1200&isw=300&ish=250&ifk=858287017&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44779794&oid=2&pvsid=3853091257772320&tmod=1247563705&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.s8kstpwl2ll0&btvi=2&fsb=1&dtd=747
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:21 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame E21F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOWFjiDtcx2ME4QvUrQeOfc&google_cver=1&google_push=AavPq0OhKWxqMPwLIWthecsTjqKNxgBsp9jFMLxDzyZ3YtleNH45ldEK59YXlNEtLZ-iFoE8mz3OopsW0Epd8hxh16hw...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEOWFjiDtcx2ME4QvUrQeOfc&google_cver=1&google_push=AavPq0OhKWxqMPwLIWthecsTjqKNxgBsp9jFMLxDzyZ3YtleNH45ldEK59YXlNEtLZ-iFoE8mz3OopsW0Epd8h...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0OhKWxqMPwLIWthecsTjqKNxgBsp9jFMLxDzyZ3YtleNH45ldEK59YXlNEtLZ-iFoE8mz3OopsW0Epd8hxh16hw621J53QrRkg&google_hm=R-PlVrnBSNOY0IzLVoxe...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0OhKWxqMPwLIWthecsTjqKNxgBsp9jFMLxDzyZ3YtleNH45ldEK59YXlNEtLZ-iFoE8mz3OopsW0Epd8hxh16hw621J53QrRkg&google_hm=R-PlVrnBSNOY0IzLVoxeng==
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0OhKWxqMPwLIWthecsTjqKNxgBsp9jFMLxDzyZ3YtleNH45ldEK59YXlNEtLZ-iFoE8mz3OopsW0Epd8hxh16hw621J53QrRkg&google_hm=R-PlVrnBSNOY0IzLVoxeng==
date
Mon, 23 Jan 2023 11:36:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
dds
rtb.openx.net/sync/ Frame E21F 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESED9lpC2H4-uQMoBMa9qp1PM&google_cver=1&google_push=AavPq0NnSJnpV65KPWNc3jinBAbvHcvPy_y79CBsuqzUTNMmWFAfvlu0ZkmFDFDEuDkUGRwkgw975GwOSULMnAe12osrHDyhGzE8Hg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186306&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778341&bpp=3&bdt=1117&idt=627&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=1490278158&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=1684&biw=1600&bih=1200&isw=300&ish=250&ifk=858287017&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44779794&oid=2&pvsid=3853091257772320&tmod=1247563705&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.s8kstpwl2ll0&btvi=2&fsb=1&dtd=747
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:20 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
2mvpp9rffp1jlkol44icmcr5vmqp6q8f
pixel
cm.g.doubleclick.net/ Frame E21F
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEC3c89GY0regDw4gMFrgqNI&google_cver=1&google_push=AavPq0PAmuj9EvbTxiYBe3frtrf-ryDTmSX_7aatD4NaPhAzQipwO_3kKAa4Ld1y0KVC9DPOaPeFKeskDf8vJbDtXj9bTkwY29V...
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AavPq0PAmuj9EvbTxiYBe3frtrf-ryDTmSX_7aatD4NaPhAzQipwO_3kKAa4Ld1y0KVC9DPOaPeFKeskDf8vJbDtXj9bTkwY29VC03o&google_hm=ZzU4MDAxOWQ5NGMzZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AavPq0PAmuj9EvbTxiYBe3frtrf-ryDTmSX_7aatD4NaPhAzQipwO_3kKAa4Ld1y0KVC9DPOaPeFKeskDf8vJbDtXj9bTkwY29VC03o&google_hm=ZzU4MDAxOWQ5NGMzZWY4YjE5MzQ=
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:21 GMT
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AavPq0PAmuj9EvbTxiYBe3frtrf-ryDTmSX_7aatD4NaPhAzQipwO_3kKAa4Ld1y0KVC9DPOaPeFKeskDf8vJbDtXj9bTkwY29VC03o&google_hm=ZzU4MDAxOWQ5NGMzZWY4YjE5MzQ=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame E21F
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEBUU326is6nbCrZWhOA92aw&google_cver=1&google_push=AavPq0OGzPdUhmI2pL80ROxnlhul_0rjZKF9_JHjyOI1F-v6aIgNxZjgexb1vSV6O0FayZ5XbfCwXxqMR6dIEXfW63uJHf...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEBUU326is6nbCrZWhOA92aw&google_cver=1&google_push=AavPq0OGzPdUhmI2pL80ROxnlhul_0rjZKF9_JHjyOI1F-v6aIgNxZjgexb1vSV6O0FayZ5XbfCwXxqMR6dIEXfW...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=PJODCgPnRAKezw9V-WKUTQ&google_push=AavPq0OGzPdUhmI2pL80ROxnlhul_0rjZKF9_JHjyOI1F-v6aIgNxZjgexb1vSV6O0FayZ5XbfCwXxqMR6dIEXf...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=PJODCgPnRAKezw9V-WKUTQ&google_push=AavPq0OGzPdUhmI2pL80ROxnlhul_0rjZKF9_JHjyOI1F-v6aIgNxZjgexb1vSV6O0FayZ5XbfCwXxqMR6dIEXfW63uJHfvg3Sfh-yc
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=PJODCgPnRAKezw9V-WKUTQ&google_push=AavPq0OGzPdUhmI2pL80ROxnlhul_0rjZKF9_JHjyOI1F-v6aIgNxZjgexb1vSV6O0FayZ5XbfCwXxqMR6dIEXfW63uJHfvg3Sfh-yc
access-control-allow-origin
*
date
Mon, 23 Jan 2023 11:36:21 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame E21F
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEJO8EtTEWSeNXU-LblHLbuU&google_cver=1&google_push=AavPq0MzvvcEfy4dmo0qJBHu_qAXgVmJN5SBkvVqEJmwFUqh0nw8LVdnZAJiCImMBfo8ET-kkbSGMQNYtcvAq8lZIyWwqfhNz...
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE3NDc1MzgxODM5NzM3MDAwMFYxMA%3d%3d&mn_hm=MzE3NDc1MzgxODM5NzM3MDAwMFYxMA%3d%3d&google_sc=1&google_push=AavPq0MzvvcEfy4dmo0qJBHu_qAXgVm...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE3NDc1MzgxODM5NzM3MDAwMFYxMA%3d%3d&mn_hm=MzE3NDc1MzgxODM5NzM3MDAwMFYxMA%3d%3d&google_sc=1&google_push=AavPq0MzvvcEfy4dmo0qJBHu_qAXgVmJN5SBkvVqEJmwFUqh0nw8LVdnZAJiCImMBfo8ET-kkbSGMQNYtcvAq8lZIyWwqfhNzRv9znI&gdpr=&gdpr_consent=
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 11:36:21 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE3NDc1MzgxODM5NzM3MDAwMFYxMA%3d%3d&mn_hm=MzE3NDc1MzgxODM5NzM3MDAwMFYxMA%3d%3d&google_sc=1&google_push=AavPq0MzvvcEfy4dmo0qJBHu_qAXgVmJN5SBkvVqEJmwFUqh0nw8LVdnZAJiCImMBfo8ET-kkbSGMQNYtcvAq8lZIyWwqfhNzRv9znI&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
X-MNET-HL2
E
Expires
Mon, 23 Jan 2023 11:36:21 GMT
pixel
cm.g.doubleclick.net/ Frame E21F
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEBGijt2Gd...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEBG...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=47e3e556-b9c1-48d3-98d0-8ccb568c5e9e&%%GOOGLE_PUSH_PAIR%%
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=47e3e556-b9c1-48d3-98d0-8ccb568c5e9e&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=47e3e556-b9c1-48d3-98d0-8ccb568c5e9e&%%GOOGLE_PUSH_PAIR%%
date
Mon, 23 Jan 2023 11:36:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame E21F 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I3m0PAWsZTeIqO-w__S8QIWUwr11I3VSmDvILE8Uf32Xnh0d9s53GfENfhzjAxuuyGgSan2w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186306&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778341&bpp=3&bdt=1117&idt=627&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=1490278158&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=1684&biw=1600&bih=1200&isw=300&ish=250&ifk=858287017&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44779794&oid=2&pvsid=3853091257772320&tmod=1247563705&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.s8kstpwl2ll0&btvi=2&fsb=1&dtd=747
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:21 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/pagead/ Frame 6B7E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230118&jk=3853091257772320&rc=
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 2DE9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230118&jk=3315224857906237&rc=
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
pagead2.googlesyndication.com/bg/ Frame 02CD 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 07:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
185834
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Jan 2024 07:59:07 GMT
QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
pagead2.googlesyndication.com/bg/ Frame 0A27 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189485&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778487&bpp=6&bdt=1195&idt=528&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=1074429281&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=2609&biw=1600&bih=1200&isw=300&ish=250&ifk=2025311624&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44779793&oid=2&pvsid=3433357123333383&tmod=822283858&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.sxkrvsofq1if&btvi=2&fsb=1&dtd=692
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 07:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
185834
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Jan 2024 07:59:07 GMT
QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
pagead2.googlesyndication.com/bg/ Frame BC35 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186306&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778341&bpp=3&bdt=1117&idt=627&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=1490278158&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=1684&biw=1600&bih=1200&isw=300&ish=250&ifk=858287017&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44774292%2C44779794&oid=2&pvsid=3853091257772320&tmod=1247563705&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.s8kstpwl2ll0&btvi=2&fsb=1&dtd=747
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 07:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
185834
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Jan 2024 07:59:07 GMT
QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
pagead2.googlesyndication.com/bg/ Frame 426A 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 07:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
185834
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Jan 2024 07:59:07 GMT
QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
pagead2.googlesyndication.com/bg/ Frame 65BD 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 07:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
185834
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Jan 2024 07:59:07 GMT
l
www.google.com/ads/measurement/ Frame 7D03 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRGs9pbSBvzm9UqI2oy_MtOUMpb6WJwcl7oiGf2CDjvRcfzwuiZfTbpLi0d-1hVjnGLczymEnDTkvmDugNysMFkawePfw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189475&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778530&bpp=2&bdt=1223&idt=677&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=922389160&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=4857&biw=1600&bih=1200&isw=300&ish=250&ifk=3599634041&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C21065724&oid=2&pvsid=3315224857906237&tmod=319316707&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.btevnckfk7cn&btvi=2&fsb=1&dtd=729
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7D03 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189475&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778530&bpp=2&bdt=1223&idt=677&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=922389160&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=4857&biw=1600&bih=1200&isw=300&ish=250&ifk=3599634041&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C21065724&oid=2&pvsid=3315224857906237&tmod=319316707&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.btevnckfk7cn&btvi=2&fsb=1&dtd=729
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 11:36:21 GMT
truncated
/ Frame 7D03 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8384ee82bd6e7a93cd65225d3fca5aa6b18e812dc7ccca0fc49d94c982e4ca86

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5C47 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
911
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:21:10 GMT
expires
Tue, 23 Jan 2024 11:21:10 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3ACF 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f85bb4cd78058f61d75c245a35dc84d7c1867aae5e90fb910bfb0eb0ec82d782
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-97YRkSLiCJo_-2T1LQv9Ig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-97YRkSLiCJo_-2T1LQv9Ig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:36:21 GMT
expires
Mon, 23 Jan 2023 11:36:21 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ Frame CCE6 		6 KB
672 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 23 Jan 2023 11:36:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 23 Jan 2023 10:58:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 23 Jan 2023 11:36:21 GMT
QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
pagead2.googlesyndication.com/bg/ Frame CCE6 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 07:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
185834
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Jan 2024 07:59:07 GMT
11136232885258361822
tpc.googlesyndication.com/simgad/ Frame 271A 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11136232885258361822?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkbNpIfbBzSVhtBecu9R7kPxQfCvQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189474&pi=t.ma~as.7074810865&w=300&fwrn=16&fwrnh=100&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473779149&bpp=2&bdt=695&idt=1223&shv=r20230118&mjsv=m202301040101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1879458723352&frm=24&ife=3&pv=1&ga_vid=2127825850.1674473781&ga_sid=1674473781&ga_hid=48854750&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3824908445&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44773809%2C31071641%2C21065725&oid=2&pvsid=3526288478051640&tmod=624967619&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.2lhdd9r4re6x&fsb=1&dtd=1367
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c30ebef8622781f744afe92f1d1cc8678eede9f0dc43a2abdfb351474659f12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 18:50:27 GMT
x-content-type-options
nosniff
age
405954
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59271
x-xss-protection
0
last-modified
Sat, 18 Sep 2021 08:24:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 18 Jan 2024 18:50:27 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/ Frame 271A 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189474&pi=t.ma~as.7074810865&w=300&fwrn=16&fwrnh=100&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473779149&bpp=2&bdt=695&idt=1223&shv=r20230118&mjsv=m202301040101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1879458723352&frm=24&ife=3&pv=1&ga_vid=2127825850.1674473781&ga_sid=1674473781&ga_hid=48854750&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3824908445&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44773809%2C31071641%2C21065725&oid=2&pvsid=3526288478051640&tmod=624967619&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.2lhdd9r4re6x&fsb=1&dtd=1367
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:18:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
11900
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8872
x-xss-protection
0
server
cafe
etag
4731094640903799552
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:18:01 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 271A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189474&pi=t.ma~as.7074810865&w=300&fwrn=16&fwrnh=100&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473779149&bpp=2&bdt=695&idt=1223&shv=r20230118&mjsv=m202301040101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1879458723352&frm=24&ife=3&pv=1&ga_vid=2127825850.1674473781&ga_sid=1674473781&ga_hid=48854750&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3824908445&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44773809%2C31071641%2C21065725&oid=2&pvsid=3526288478051640&tmod=624967619&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.2lhdd9r4re6x&fsb=1&dtd=1367
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:19:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
1014
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 11:19:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 271A 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189474&pi=t.ma~as.7074810865&w=300&fwrn=16&fwrnh=100&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473779149&bpp=2&bdt=695&idt=1223&shv=r20230118&mjsv=m202301040101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1879458723352&frm=24&ife=3&pv=1&ga_vid=2127825850.1674473781&ga_sid=1674473781&ga_hid=48854750&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3824908445&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44773809%2C31071641%2C21065725&oid=2&pvsid=3526288478051640&tmod=624967619&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.2lhdd9r4re6x&fsb=1&dtd=1367
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:18:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
11900
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7515
x-xss-protection
0
server
cafe
etag
5914713042212191929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:18:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 271A 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189474&pi=t.ma~as.7074810865&w=300&fwrn=16&fwrnh=100&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473779149&bpp=2&bdt=695&idt=1223&shv=r20230118&mjsv=m202301040101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1879458723352&frm=24&ife=3&pv=1&ga_vid=2127825850.1674473781&ga_sid=1674473781&ga_hid=48854750&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3824908445&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44773809%2C31071641%2C21065725&oid=2&pvsid=3526288478051640&tmod=624967619&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.2lhdd9r4re6x&fsb=1&dtd=1367
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 11:36:21 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 271A 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189474&pi=t.ma~as.7074810865&w=300&fwrn=16&fwrnh=100&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473779149&bpp=2&bdt=695&idt=1223&shv=r20230118&mjsv=m202301040101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1879458723352&frm=24&ife=3&pv=1&ga_vid=2127825850.1674473781&ga_sid=1674473781&ga_hid=48854750&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3824908445&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44773809%2C31071641%2C21065725&oid=2&pvsid=3526288478051640&tmod=624967619&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.2lhdd9r4re6x&fsb=1&dtd=1367
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8651a1012bb35c2683162251b75438c3710bb12cf07288ef9322c271c44826af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 17:08:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
66469
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13507
x-xss-protection
0
server
cafe
etag
2920471824528828230
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Feb 2023 17:08:32 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 271A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CiOy2NHHOY6egIsCS78EP4_SV2A3k7a3gbYrWk4fjDtvZHhABIN6InytgleKQgqAHoAHnn9O3AsgBAqgDAcgDyQSqBPoBT9BWKxxhxpqqieHJpuY7Hnxx8rh90oy3KUwvdf-glyxvZlCtUKrIHdczIPgmVymlP9jwQOyj5F3svndl7X9KPWa_0Br2zghnjMPggi7tzcA2RuxZlKjSSNXwA7OY-KkhwCaiTJfcG7PoPmXRHz93v70thy1Kd9YbNEtpHYyHmZESClzde3jcFPX4dj26j74dtd9U5nqqDv1nf9-31xLzUUsdQ4Gx8o0gXxx6FMxVnraAYV5ZeRFJsDrmhuwtl49hhQtcvfBtWhPKjYEzwr8fQIhTH7CWObutwZ2V9jTSjjwZprLu6qiDSX4x_ZtbVK6AzCRpq6IUdVGkq8AE9Kqm8voDkgUECAQYAZIFBAgFGASgBgKAB63t98gBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQq-UF0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItMjUwMDY4MDg5MTYyMTcwMhgA&sigh=laS9ugjkxGU&uach_m=[UACH]&cid=CAQSKQDq26N9vfbfX8lqjN-yoNdgH7PdGB9nIUVJ5i19S67HerwsocAAIA5gGAEgEw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189474&pi=t.ma~as.7074810865&w=300&fwrn=16&fwrnh=100&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473779149&bpp=2&bdt=695&idt=1223&shv=r20230118&mjsv=m202301040101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1879458723352&frm=24&ife=3&pv=1&ga_vid=2127825850.1674473781&ga_sid=1674473781&ga_hid=48854750&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3824908445&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44773809%2C31071641%2C21065725&oid=2&pvsid=3526288478051640&tmod=624967619&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.2lhdd9r4re6x&fsb=1&dtd=1367
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189474&pi=t.ma~as.7074810865&w=300&fwrn=16&fwrnh=100&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473779149&bpp=2&bdt=695&idt=1223&shv=r20230118&mjsv=m202301040101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1879458723352&frm=24&ife=3&pv=1&ga_vid=2127825850.1674473781&ga_sid=1674473781&ga_hid=48854750&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3824908445&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44773809%2C31071641%2C21065725&oid=2&pvsid=3526288478051640&tmod=624967619&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.2lhdd9r4re6x&fsb=1&dtd=1367
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 23 Jan 2023 11:36:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
16037908009176458854
tpc.googlesyndication.com/simgad/ Frame CCE6 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16037908009176458854
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a07bdf966e62dfadecb403a3eabc81af7ce9f01c8420fa47e3968eedd77a6e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 10:06:11 GMT
x-content-type-options
nosniff
age
437410
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
90145
x-xss-protection
0
last-modified
Tue, 28 Jul 2020 07:00:50 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 18 Jan 2024 10:06:11 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CCE6 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 19:42:15 GMT
x-content-type-options
nosniff
age
316446
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Jan 2024 19:42:15 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0206 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189474&pi=t.ma~as.7074810865&w=300&fwrn=16&fwrnh=100&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473779149&bpp=2&bdt=695&idt=1223&shv=r20230118&mjsv=m202301040101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1879458723352&frm=24&ife=3&pv=1&ga_vid=2127825850.1674473781&ga_sid=1674473781&ga_hid=48854750&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3824908445&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44773809%2C31071641%2C21065725&oid=2&pvsid=3526288478051640&tmod=624967619&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.2lhdd9r4re6x&fsb=1&dtd=1367
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
13140
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 07:57:21 GMT
etag
48472445140208031
expires
Tue, 24 Jan 2023 07:57:21 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 271A 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
321e79473f5f2f05225c7e194da84d69a8bc20ef64f19fe9c87d7cd15b0133ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CCE6 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 16:44:52 GMT
x-content-type-options
nosniff
age
586289
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Jan 2024 16:44:52 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CCE6 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 20:40:44 GMT
x-content-type-options
nosniff
age
226537
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 Jan 2024 20:40:44 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3ACF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230118&jk=3526288478051640&rc=
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
pagead2.googlesyndication.com/bg/ Frame 5C47 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 07:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
185834
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Jan 2024 07:59:07 GMT
dpixel
cms.quantserve.com/ Frame 0206 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOh8GDuESxGvH49v4S53byU&google_cver=1&google_push=AavPq0OlAkLWBuK-KUYhZY2jN21wGAx28KWjpjPuidaTwQxCrMTWpfVLwFIB9o0dgty-jSGupJNPG7An6SXO6argn41PXGAcb4KcHds
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189474&pi=t.ma~as.7074810865&w=300&fwrn=16&fwrnh=100&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473779149&bpp=2&bdt=695&idt=1223&shv=r20230118&mjsv=m202301040101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1879458723352&frm=24&ife=3&pv=1&ga_vid=2127825850.1674473781&ga_sid=1674473781&ga_hid=48854750&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3824908445&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44773809%2C31071641%2C21065725&oid=2&pvsid=3526288478051640&tmod=624967619&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.2lhdd9r4re6x&fsb=1&dtd=1367
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:21 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0206
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEG_ZnjmfLhZiz9Jh6s6d9xE&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEG_ZnjmfLhZiz9Jh6s6d9xE&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S2E0SURSeFMxUGpWN0Q1&google_gid=CAESEG_ZnjmfLhZiz9Jh6s6d9xE&google_cver=1&google_push=AavPq0MjvQ428sGjt2gEsZrfyEAPg_TCUU7Y5qIzPcopwUM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S2E0SURSeFMxUGpWN0Q1&google_gid=CAESEG_ZnjmfLhZiz9Jh6s6d9xE&google_cver=1&google_push=AavPq0MjvQ428sGjt2gEsZrfyEAPg_TCUU7Y5qIzPcopwUMU_sdVesWmNv1TXR_26AwLfks2AMQ3HicsCfQEHF202olyVoiBxG4iygE
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 11:36:21 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0616fc39f147daae8@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=S2E0SURSeFMxUGpWN0Q1&google_gid=CAESEG_ZnjmfLhZiz9Jh6s6d9xE&google_cver=1&google_push=AavPq0MjvQ428sGjt2gEsZrfyEAPg_TCUU7Y5qIzPcopwUMU_sdVesWmNv1TXR_26AwLfks2AMQ3HicsCfQEHF202olyVoiBxG4iygE
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0206
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEG6T56T6IpYwiqtinOL2f6Q&google_cver=1&google_push=AavPq0PVXLWjBi35ctZ6ZYtU5nQPONPZ4a5o3y6uvUMA268YQjjG-fpapLSUYm2FWybjOoQ9cgbBJYXWw6UxdzQD5pNhTyanajefCg
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=23C9ED2999A94265B03679AC42E78E13&google_push=AavPq0PVXLWjBi35ctZ6ZYtU5nQPONPZ4a5o3y6uvUMA268YQjjG-fpapLSUYm2FWybjOoQ9cgbBJYXWw6UxdzQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=23C9ED2999A94265B03679AC42E78E13&google_push=AavPq0PVXLWjBi35ctZ6ZYtU5nQPONPZ4a5o3y6uvUMA268YQjjG-fpapLSUYm2FWybjOoQ9cgbBJYXWw6UxdzQD5pNhTyanajefCg
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 23 Jan 2023 11:36:21 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=23C9ED2999A94265B03679AC42E78E13&google_push=AavPq0PVXLWjBi35ctZ6ZYtU5nQPONPZ4a5o3y6uvUMA268YQjjG-fpapLSUYm2FWybjOoQ9cgbBJYXWw6UxdzQD5pNhTyanajefCg
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 22 Jan 2023 11:36:21 GMT
google
match.adsrvr.org/track/cmf/ Frame 0206 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEGEMPA_n-TONFS8ThrPo0UQ&google_cver=1&google_push=AavPq0N0ewgl8t3Zuu4lP6eyouRcfCpgClb4N8D9YNtuZuWUhrGgr_elG-NSH86XBplcfcb8tjg9F-arUXi2sffaE1SkR6XV15jGFZE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189474&pi=t.ma~as.7074810865&w=300&fwrn=16&fwrnh=100&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473779149&bpp=2&bdt=695&idt=1223&shv=r20230118&mjsv=m202301040101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1879458723352&frm=24&ife=3&pv=1&ga_vid=2127825850.1674473781&ga_sid=1674473781&ga_hid=48854750&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3824908445&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44773809%2C31071641%2C21065725&oid=2&pvsid=3526288478051640&tmod=624967619&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.2lhdd9r4re6x&fsb=1&dtd=1367
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 23 Jan 2023 11:36:21 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 0206
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEL0umSLdjD4QQs8Hs3iYZPE&google_cver=1&google_push=AavPq0MHtENfT_klrD61XkyXKTRBL5ba-o3Kl8lbq63w7CaVFMc2Wy4KMjwGq30oDly-h1f67XdsINKfIhhTh9...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5MTgxMDEyNzQyNzIwNTI1OQ%3D%3D&google_push=AavPq0MHtENfT_klrD61XkyXKTRBL5ba-o3Kl8lbq63w7CaVFMc2Wy4KMjwGq30oDly-h1f67XdsINKfIhhTh9v8qU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5MTgxMDEyNzQyNzIwNTI1OQ%3D%3D&google_push=AavPq0MHtENfT_klrD61XkyXKTRBL5ba-o3Kl8lbq63w7CaVFMc2Wy4KMjwGq30oDly-h1f67XdsINKfIhhTh9v8qUtIkx_GsKovQOM
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5MTgxMDEyNzQyNzIwNTI1OQ%3D%3D&google_push=AavPq0MHtENfT_klrD61XkyXKTRBL5ba-o3Kl8lbq63w7CaVFMc2Wy4KMjwGq30oDly-h1f67XdsINKfIhhTh9v8qUtIkx_GsKovQOM
Date
Mon, 23 Jan 2023 11:36:21 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 0206
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOWFjiDtcx2ME4QvUrQeOfc&google_cver=1&google_push=AavPq0NFFbNvA9IWIwuEHymKwEvRtin3jMcKpslLA6znH-AiyMSGCVJpRtLGHIUY2zSv_TX2XrCO8cvMR-xWRXkDp_1D...
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=47e3e556-b9c1-48d3-98d0-8ccb568c5e9e
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=47e3e556-b9c1-48d3-98d0-8ccb568c5e9e
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=a29bb37c-bc1b-4702-b439-549ca01286c9&ssp=google&expires=30&user_group=5&bsw_param=47e3e556-b9c1-48d3-98d0-8ccb568c5e9e
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0NFFbNvA9IWIwuEHymKwEvRtin3jMcKpslLA6znH-AiyMSGCVJpRtLGHIUY2zSv_TX2XrCO8cvMR-xWRXkDp_1DO-dNTf9Y58w&google_hm=R-PlVrnBSNOY0IzLVoxe...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0NFFbNvA9IWIwuEHymKwEvRtin3jMcKpslLA6znH-AiyMSGCVJpRtLGHIUY2zSv_TX2XrCO8cvMR-xWRXkDp_1DO-dNTf9Y58w&google_hm=R-PlVrnBSNOY0IzLVoxeng==
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0NFFbNvA9IWIwuEHymKwEvRtin3jMcKpslLA6znH-AiyMSGCVJpRtLGHIUY2zSv_TX2XrCO8cvMR-xWRXkDp_1DO-dNTf9Y58w&google_hm=R-PlVrnBSNOY0IzLVoxeng==
date
Mon, 23 Jan 2023 11:36:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 0206
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEAKB2NrkrX7bZ34H1KzNlM8&google_cver=1&google_push=AavPq0PbFvJEs3hR_LLQioYnm_nzDtVE0g8lVwPR4SXi0MUesPkQ8waNFyEuUGl0RhQBMNixWMsD2wQV0dX1t71MPVKLFxr...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEAKB2NrkrX7bZ34H1KzNlM8&google_cver=1&google_push=AavPq0PbFvJEs3hR_LLQioYnm_nzDtVE0g8lVwPR4SXi0MUesPkQ8waNFyEuUGl0RhQBMNixWMsD2wQV0dX1t71MPVKLF...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0PbFvJEs3hR_LLQioYnm_nzDtVE0g8lVwPR4SXi0MUesPkQ8waNFyEuUGl0RhQBMNixWMsD2wQV0dX1t71MPVKLFxrYL8n04cs
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0PbFvJEs3hR_LLQioYnm_nzDtVE0g8lVwPR4SXi0MUesPkQ8waNFyEuUGl0RhQBMNixWMsD2wQV0dX1t71MPVKLFxrYL8n04cs
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 11:36:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0PbFvJEs3hR_LLQioYnm_nzDtVE0g8lVwPR4SXi0MUesPkQ8waNFyEuUGl0RhQBMNixWMsD2wQV0dX1t71MPVKLFxrYL8n04cs
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 0206 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K0boFh8Gr2YYGZatjLOmaD6KLzbkDTg849IbMq02GBMXvxLKqz26PS47QzaXDiBgFMEfcS
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189474&pi=t.ma~as.7074810865&w=300&fwrn=16&fwrnh=100&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473779149&bpp=2&bdt=695&idt=1223&shv=r20230118&mjsv=m202301040101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1879458723352&frm=24&ife=3&pv=1&ga_vid=2127825850.1674473781&ga_sid=1674473781&ga_hid=48854750&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3824908445&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44773809%2C31071641%2C21065725&oid=2&pvsid=3526288478051640&tmod=624967619&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.2lhdd9r4re6x&fsb=1&dtd=1367
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:21 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023011101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c1c38045dd67dd63d11e6d8b94d68485701cdfaba41e2aec5ff49fc70c02475b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10942
x-xss-protection
0
QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
pagead2.googlesyndication.com/bg/ Frame 5158 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189474&pi=t.ma~as.7074810865&w=300&fwrn=16&fwrnh=100&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473779149&bpp=2&bdt=695&idt=1223&shv=r20230118&mjsv=m202301040101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1879458723352&frm=24&ife=3&pv=1&ga_vid=2127825850.1674473781&ga_sid=1674473781&ga_hid=48854750&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3824908445&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44773809%2C31071641%2C21065725&oid=2&pvsid=3526288478051640&tmod=624967619&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.2lhdd9r4re6x&fsb=1&dtd=1367
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 07:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
185834
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Jan 2024 07:59:07 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:36:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 11:36:21 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4710 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
911
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:21:10 GMT
expires
Tue, 23 Jan 2024 11:21:10 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E732 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
48d304d71061563fea61e3c4737adf0d174ec48f74c6a4c22e8ac5c34843b8aa
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--5gNuR0IVIUCXbnX07ye8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce--5gNuR0IVIUCXbnX07ye8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 11:36:21 GMT
expires
Mon, 23 Jan 2023 11:36:21 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
pagead2.googlesyndication.com/bg/ Frame 4710 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 07:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
185834
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Jan 2024 07:59:07 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E732 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023011101&jk=3316763044018593&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 8F7E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230118&jk=3433357123333383&bg=!oqGloeXNAAYDMoyoIzI7ACkAdvg8WjpXBViyZyBbcPKUOi5yXwSR6ZrbJts_XwC3RTeMcBPGH5lzSQIAAAH0UgAAAAJoAQeZArjJTETfjHr2NsusRGyLSEZu9a28WV4IlZurqKen3NzaO1OJTijhv5C5S1nzPjHgICRsTnQZAT7ETkn80YBGDOWpA9AObVodbP0oNth7B3o9qF59cAKsRInpS2SfcxyjS7Ahbq3oK5-HyTN2W65v9D6f54cdEMXkH74UhPXdJdhiy7hUhsm5ziYjiOypsM-vGQsn062ziWCEAXTRCy2IUWMaPpGd7G6NHjasmEmp0IBFMll5_-xJ9Ftjg7cyv99qJZbxZGfHRm5rkMjQ55A8tzpb8m6WMk04-Lkzj_xYIvwyqZyw0jHXjIf5Mau4eZLwDKa884toNfX8I07H8rN4ck3Vrl3eLc5eYCwwz5YcF2XJzugMU09QwMqOo-lAlKEk8Wlh6kNeCFaMVIL0OfaBcwIcZDZh9RCAgxtOtGcmvPXdkVA1R_4NG2LyXTmfT7CaYFgzY6Q_qdD1cKP6O-k44BFa5GjkhMjC-_sFA18VAmQ3rxdxsdorJUx_QdKgqYgPG3Fe2mxzZuq7P99DgIyyZwhg5xm7kenpMzUr5jiTE2Mpdchd2GnyTXZhKgqeN1zk57eXe1IRskocmf4mJupAMs8k7GwgWFjX_2yvWaO4-CkQM9itAHta-VMHod-cdthu0Gd_u0lOCNefh1Pt3c-eeaUkun8tTb9qnN1MBB-m9dllpcHcfsIiGxwa4ESbpBv6mB5b59zogFMCsIoCdHi0Q5ovb4uPleIEmk1AYddHSnb3TL3rLSU3wR84_hBHKPJyoaXeiis823s070V2vgcCHAepujzEQgnGabS3F9u04tILCRZ9XTi6AVGok38RF2-pcUpcgkk0dLVifOatHUSA6f45ZzskdZgl16SYXHS0BzcBT7cWSbvMqxXdt0UvO3At7F5Qtt6TfAUWlTJJDbupfg6eltFphymHIOE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 2B68 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230118&jk=3853091257772320&bg=!CgmlCU3NAAYDMoyoIzI7ACkAdvg8WuizW100fZn8RTHlW-V1e3FQzq4OjHJuUgPYVWIbZFCEAq4AUwIAAAFwUgAAAANoAQeZAs9ov5jUdx_78Ihmx3Wj5WYNVEomXInlSrd9zcELKEIXawAfAGDwsoBZmDquVfpMUZ_ruXUuEslAXCOMkoRXwFtL599UJJxiKwygKfQX4any4NsK2jrZtfgNrDkw3dK7Ud5sfEGGpkZ39kK9GIM5kVzZSD8UVJp89Qllwo-T7YSmQrRwYLaeRad5DoAvSJJKtYIi6WuueIHn_2MZehxUCQ22XSMaGSjwOLjR9zuZSoOLwQW_tPF8h6NE1HzADDbAIbADFcD-fzH-O5xtmlfZeXy8refWARmW64UvEMq3tTfJ1t-eGvQbjpMo8m5Pwy_O1abGz9fY1RYwtcAjayTNt_hJH9T5jt7x_xQuEhKGHvaDmabBkjnNhQc5oaLkCB1CWIMJ6O1tJw6WiMtNjYzFm-9Iiuz1YXsZOu6XJWi_qjvKoO6BqgbASoVpdIBVsbC-2394TBBN37S0xqFsBPsGOdOCZR2e8K6UM3LV_iwTiGJn0myXvWvJdlcNVwOrM9z32L5ZHf8OuhmJ1NoDv_SUwSfP1Nz5B8tvGVUjNs9QcFYgyyFZFgYgxepgoENosp7m-rNe75tGifjK8J-QqgWkxNaatY5iVrvxWfeHYjUg4B_cEOE2omEWLG_ynddNAA1v0RQD2jagFGgs3K8qT41dpBoTdnN3X4FWLr1cpEKM0z-rYz93Uw73RCMOSmWpzHuwTUPdUApu6dXVY29SyI8LdSK1-r8BTqKarNj8k09s7ZEM2_v3pJGaMeEaS6t-ZEfe-KruR95eyqb-dksvdYwQ2iG3zRFIjB7yb9FV59sQSBuOobAM0KAXSe8uxRQogvhAPZstGC-OB1q0NCQn1O_KYZNgAZv9JwiC3KxXr0X90i0vcNQjLSgxueXtJVkqpVnU7E2jk4O6-JjOYRTINPeRMQ-BCWw4N8ByO6cFW9UQro5JodQ-RGR86wYEKacDtQb44A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame D0AA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230118&jk=3315224857906237&bg=!dHeldzPNAAYDMoyoIzI7ACkAdvg8WuhcgqV-3kEMPQJ1r1frqT0C8XPrBJs-sAFeEYxsg9aEy-7n-gIAAAF0UgAAAAJoAQeZAtUMUZV7nAe4eM-5F3-uAvrFe-SONtjkbWI3vLS1gjVDvNVmbkviviWTWXIQmUd1Adgd2SHJgwDqS92XnTRD7WjztSwB_TLjt1rBytxBCn0aMJwDlnv89LNq-42jbqEOsaLJgHJud1sra7DGSEZEI-Pen5VRLjbqC1z9RzJBYMk_-ivh3f06y28IMsZOK0vdl3d2XTR2BVFEzMAHZSHTa8nb9N3JCGmpHLXs13e0MYyQLjSsmzq7aqpZK6_5LrM_yx-w3hDJeYa4hXmtRLCo7YhbWO1_454tfPNtk9PhfcyT585XUvWLisSaxdQ8p9u7MMchCGPc414fsm6oTMH9Inflh2s3JQY4uDAQAgsdkGNRtmuZ7Y6AjsOU7Ljt8BvseKcqL0jxI9u2UwdSioBhUACDxkvS_dKcJkNOEkDCkN38fR_vLGaCuaINvOpNXnTWeOFMLXgIOb93B1bTzPqstd96hB5CPLPr5U62WgixA9VOA8w4N1y2x5JfGKSXJ9duFrq5WVHt8CLs5asqImzWXezaNXTKjAOYgjHQqonEcoT1ttnMaGuaTvzyxXMQfnQiWfFr2xbg3YyBzqdyuj2qPll2jkdVn46Hwyzo1Va-hoTBfQKgHujxpPYrl3l0nWIOycpQhLiXg0tqhG6Jcc03iqEe4AeEpbjfuJNYZ4zE6dqpOXW3x2BPgGNWr5WmoAlWFXl8RIvMVSlAXWODyWWyoG-oIFMNJALBZUCjt0edKTII__L7NOPK7U8EGVvVInjFfe_jyVFF8TQ3OC2ZP7phGbNWAO-DJAG9u3e_nRup9aYwlBE-XXT_lYT7hzYb_MA173mB9gDDLKTI8Coaggej5HnWCpQ3g5QSWM3YWQTqSF713DJMKT3vi-6_oXG50SM9PDIxXmABnSoZqD9w2Yyue9Tu4VOTTEf1McWvvVx6Q1yGAKi45HJGqQO0hjXzCUGrJu-HIpUguQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 2F49 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230118&jk=3526288478051640&bg=!ubqluv7NAAYDMoyoIzI7ACkAdvg8WnqrkFdfpR5aP_7Pgf2jARpRHf7emKPZDTEKAcdYp973RzPKZQIAAAC_UgAAAAJoAQcKAAEAmQLv8bAfbQ0EEy7h-3zNJV7l-H1eNr5WgAbSX2GA1BQbs4BhHWHye73wjNtmUJj64dhk0IfiPAHHjN1iNxfbQmEtQtHZ4t1se0D8sWcXNhTUUyyYv8Oh4E3RuLY0Hz2cip0nHqOqJI24jRxDtIrbIdIh62OcP1FgsJdW-Sw0LHxQYEWyoqSy2XPdDkWiZOj4UrMpVlSXMtLboBfpdhmUiZw6oZU2cYtYBaeVlj9jZ2ZTLRcsDX7O7rbvh6QJ3TS8XMHLELIv1suPDT4DoQjR0DAnmvyXMk-IMGbNeFpJnOoD0PuTXuZoVrs9FbhHQHfsBprG9XxwR0XQi8Zw8d54h4BK2Olux-HzUoD9i5v5_jH_v84hvHelBo-DFtSiqmIeSRCZw6QG6ZcJ5ctsm5csu-qzBWgQxl-xd_t9bGiwl7tLU9VG9e146e9YarnouNNHH29o7Q0s6Qq9fWxYYwIly4fajvXLiGvVk0IVYefV4nrlEDpfprpIXCZzzvV8Ztt6KRNAfe6v__9JEt9XUceCRy_qbztp0M7exdwMRq9TSwNB2rs6Qh2mJpwNxCmNwgiihmyjdV1HrjqKvXWRaU4bVpZDVI3YU7SIuARZVD3LHkb5Jg-zyZKTQBdlsmr1KZxZVznyEmGxDTlHTxeNmqZj8abEH6bmY2XhgjvPjFr-MIeT_C5-pK7HTqCpyM2-FMt_OWejLDo4zzGJbOF_hJiErQMKDg9yl3u8LoiC1BtdKH37FvI6M8q5Lmkq5FA_jUeVYWmyhxeyOBJ_bRPaUh5XQSnYQPSc9soHrjcIkIEq-es62ieBwzgtO9Yqg9OT4A2pWznafq6EiLY8Oojh8ajvoAXPqlHG80iDaPmEeC5449hxBgtJIAIELR5c7cTUsvtSJXaVirx1-gq_wJo9aIsd6_ygslO8tClpFNv7S2vy5_RghCIJs_XQicDG5KJ26vK29zcj6-i3u4JGP8d4HeLxVrD32iL8fF7XI2UxOCAmlp83iQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023011101&jk=3316763044018593&bg=!tbaltvLNAAYDMoyoIzI7ACkAdvg8WqubMg3hLXYyaKm7F7je4UfZsr4rpmYgRvL-6IW-MwbNp3q4KwIAAABfUgAAAANoAQcKAOJKD5riPLaPTD_6rBdgmSuY15ydZtyVkmgjvvzr0NIVFnVuH2PE4gBuWzrhxgKJF2DPZd3EFIGHt1fYu8zrbWHVGtnXy-gv1dcgS6aXSsgUg7nM-sqGU-a5LgOPnBJ3TWuXNRu2FsR_wFbFQt9ddFbcau4ftN96arpk-j_5dpTYYVv3FXWeLOVac6mwb-XVlTGw166nej6LTCq9UNb3OPVQTo3exU8YWlQR5b-EqsnFT4NmpueEtUCZQeY0Jhu4ZTSfdTw5TJaksvT5m1sE2pgiz5YUrdioxFtMkrtx1WBRTmjzmQKvlaeqHpABQih1KM_DECdXpntakXBmmpK9PDB31D7ShZfubPHlGJcy47QlYioVQYAfCyQOv4VtRHqOfaEVOjpIUdb85xFnIQgEHKldAbdYNzA2RYQGG055UHVD5czBRUYAKcxgG_2prX3QCuapxtarD1wEkXx6gBNl5Hff-LOxoImqt4AUZcCmQ20ZRHC9AnlsCiS0z1G2f_TWeSz1SlHBtbIGRnbFoC8ivQFwe1LK27TDcUA-dYnO64zHDjqTJA2oLFP34WUfB8BfEzzWalgXQ6srLZtsZIrwwVQ7jtbEBKwxEslU0QS4MC15TvEBJ-YhB8ckVfub5f0jRh9gdLJu6oF_26FO8PNw2PR64F3sFZDgOLTaca32s7etTVGPPNTCUqWWzXoq-a_5eTeSyUUYrLZ6_q4V0bkvqNGmkZ3r2oXikNeO9WZ6U8kaNuR0E1sXlMJBhJMq8MQ5Zswg_gMQdJvVqaSVczrbDH49pZHDhaZ1_eVBwRUw12gtxoF1SKsWVPF9RCHDAAIERIaN7s4-321xWVoq-SCvyLRtEP7fn5JOYCKBeM_QJQE6g85O9pLgNSyAmNPuC6fF6aH9mzGy4flPPRh97I9GItFkFnCjdEtuukGXrGdzBIPGoh-J1cHotcUDlSp6VnKJT58crpPoBNJjThS0kiGy8yz7KloTzzflgx2zf9S6-3JjWGDLzgp2CGCwBJWeoc3lKbRsv7n8xWe8cAc3aCvdgcMMJl9--LNXK_NwbIAkQTQTtQiSUhsjZBDWGpWCimT5FhGrB19yK8iW3Ui65zPWSSc0LAIFfzyZhPLgcnsPXCagMFnIpo0SbtM2a74yXe7G3mCuPgqN89DtMksXrFO0v-yB8eT25kGOPjmEbSKvhPCVaDBWMT622cMKS7F70MlWxFdflHq9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssaU5eO9glVteZmLADGUchOcPZfVS-YzBtnqCDMMOJW-4N7P5mtQOPoixwn_mjdse8VM3mPVlfU4Tk5mACeYDbcLHA&sig=Cg0ArKJSzDYdVCQXCq67EAE&id=lidartos&mcvt=0&p=3580,333,3980,913&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230118&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=20&adk=109319723&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=3&r=b&rst=1674473775768&rpt=506&isd=0&lsd=0&ec=1&met=ie&wmsd=0&pbe=0&spb=0

Verdicts & Comments Add Verdict or Comment

274 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| oncontentvisibilityautostatechange object| _wpemojiSettings object| twemoji object| wp object| wpnmObject object| FOOBOX function| gtag object| dataLayer string| REFRESH_KEY string| REFRESH_VALUE object| apstag object| googletag object| _sf_async_config number| chks number| chkc object| chkin object| chkra function| validatemsisdn function| validatecategory function| validatefreq function| check_data object| VUUKLE_CONFIG function| clswindow function| setCookie function| getCookie undefined| url function| w3tc_load_js function| watch_vid string| animation undefined| herog number| w3tc_lazyload object| lazyLoadOptions object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| wpp_params object| WordPressPopularPosts object| _cbm object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater boolean| apstagLOADED function| $lvpl function| vuukleLogin function| newVuukleWidgets object| webpackChunk function| changeVuukleWidgetsTheme number| VUUKLE_PLATFORM function| removeVuukleWidgets function| generateVuukleAds function| vuukleAuthUser object| _rmxd function| $ function| jQuery object| _vuukleGeo function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _extends function| _typeof function| LazyLoad object| ggeac object| google_tag_data object| google_js_reporting_queue object| FooBox object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal string| GoogleAnalyticsObject function| ga function| vuukleLoader object| vuuklehbChunk object| vuuklehb object| _pbjsGlobals object| vuukleConsole object| vuukleSlots boolean| _VuukleDebug object| vuuklePlayerComponent number| vuukleLoaded function| getLoadVuukleSettings function| setImmediate function| clearImmediate object| ID5 object| _vuukleConfig object| __ctcg_65349_0_exec function| isInViewport function| lazyLoad function| cleanLazy function| loadMore number| ld function| LoadComments function| registerListener function| scroller function| requestPage function| horseShoearc function| fill_parliamentary_seats function| rectangulardisplay function| Glider object| bootstrap undefined| google_measure_js_timing object| gaplugins object| gaData object| confiant number| _nonPersonalizedAds object| default_ContributorServingResponseClientJs object| __googlefc object| googlefc string| __fcInvoked string| __fcexpdef string| OTNlOTkwNjBmNTNlOGNhN2xvYWRlcl9qcw== string| OTNlOTkwNjBmNTNlOGNhN2NhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| pbjs object| signal_decrypted object| regeneratorRuntime object| ox_esp object| __uid2SecureSignalProvider object| __uid2 function| lotameIsCompatible function| sync16589_ba function| sync16589_b undefined| sync16589_c undefined| sync16589_ca undefined| sync16589_d function| sync16589_e object| sync16589_g function| sync16589_da function| sync16589_ea object| sync16589_ object| sync16589_ha object| sync16589_o object| sync16589_ta object| sync16589_K function| sync16589_aa function| sync16589_a function| sync16589_f function| sync16589_h function| sync16589_i function| sync16589_j function| sync16589_k function| sync16589_ga function| sync16589_fa function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_p function| sync16589_ia function| sync16589_ja function| sync16589_r function| sync16589_ka function| sync16589_s function| sync16589_t function| sync16589_q function| sync16589_u function| sync16589_la function| sync16589_v function| sync16589_w function| sync16589_x function| sync16589_y function| sync16589_z function| sync16589_A function| sync16589_B function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_C function| sync16589_ma function| sync16589_G function| sync16589_H function| sync16589_na function| sync16589_oa function| sync16589_I function| sync16589_J function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_L function| sync16589_M function| sync16589_N function| sync16589_O function| sync16589_P function| sync16589_Q function| sync16589_R function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_Z function| sync16589_X function| sync16589__ function| sync16589_Y function| sync16589_0 function| sync16589_1 function| sync16589_2 function| sync16589_3 function| sync16589_8 function| sync16589_ua function| sync16589_4 function| sync16589_6 function| sync16589_va function| sync16589_wa function| sync16589_9 function| sync16589_7 function| sync16589_5 function| sync16589_xa function| sync16589_ya function| sync16589_za function| sync16589_Aa function| sync16589_$ function| sync16589_Ba function| sync16589_Ca function| sync16589_Da function| sync16589_Ea object| lotame_sync_16589 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_134 object| Criteo object| Criteo_identitytag_134 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager boolean| 92837dc8-db4e-400d-beec-0a8bc5c23a32 number| google_srt function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| GoogleGcLKhOms object| google_image_requests

46 Cookies

Domain/Path Name / Value
.myjoyonline.com/ Name: _cb
Value: F6sa_DUPE0MBLqUIP
.myjoyonline.com/ Name: _chartbeat2
Value: .1674473774081.1674473774081.1.Dt9mh6B-b7sbDDlqFmBhcFnNChH1Aq.1
.myjoyonline.com/ Name: _cb_svref
Value: null
www.myjoyonline.com/ Name: w3tc_referrer
Value: https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F
.myjoyonline.com/ Name: _ga_VVPMTF49Z0
Value: GS1.1.1674473774.1.0.1674473775.0.0.0
.myjoyonline.com/ Name: _ga
Value: GA1.2.1501366706.1674473774
.myjoyonline.com/ Name: _gid
Value: GA1.2.1980510038.1674473775
.myjoyonline.com/ Name: _gat_gtag_UA_76317721_1
Value: 1
www.myjoyonline.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.myjoyonline.com/ Name: __gpi
Value: UID=00000bc9510df5ef:T=1674473775:RT=1674473775:S=ALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g
.doubleclick.net/ Name: IDE
Value: AHWqTUkImLWaYcYZnC43tICnvktNfpGW6lOUOMcFvaMa3JT_aV8f5Xawvm9duNVAbpM
.criteo.com/ Name: uid
Value: 58c74244-0993-4e3f-8c2f-7c5587fc7066
.openx.net/ Name: i
Value: 43db77c0-7813-4bfd-977a-7aaf9fe2dab4|1674473776
m.exactag.com/ Name: exactag_new_gk
Value: 7a345910e01d4ffc91d2dfd62ed94912%7c24.03.2023+11%3a36%3a15
m.exactag.com/ Name: exactag_new_uk
Value: 4b2726a486aa41ada1e0736fa1008081%7c
m.exactag.com/ Name: session_session
Value: a6b8bc1af080466bb60cef60
.myjoyonline.com/ Name: cto_bundle
Value: uBZgSF9EVUVuQmg2OFo4VUw5OTRnREVRUVRaV1lLY2JDckZIMTVUM2FiQjl4VEd4UGUzN3BQWGVtYTZMRmlHUmpCY2d4M2FaRXhpTmFSWkk4emVaeWhTYnV5cHZWJTJGWFVyemhYQmxPTUhwU3o1T3ZFZSUyRkpjQmhwNEZTMFJ3OWlQdG5UVlNlZDlDOGhnUjdwYXhnM1YlMkJQMzV0JTJCdyUzRCUzRA
.doubleclick.net/ Name: DSID
Value: NO_DATA
.myjoyonline.com/ Name: FCNEC
Value: %5B%5B%22AKsRol85zvQSmbLfu50pG-VEjyCKqmZxoP7dX6ZTD1zROe2cm3c8VLdipwuO77GIrP7EUe9wqmvxESus-YHW0AoNm8w7-d0HmieJOh7L-GmcC_L2Pty8EBamRIAYNvNozdXW7-ukeK1vaW-TfXyZ83PtLFncOsZkZA%3D%3D%22%5D%2Cnull%2C%5B%5D%5D
.myjoyonline.com/ Name: __gads
Value: ID=087ee17237812830-220721915edb0075:T=1674473775:RT=1674473779:S=ALNI_MbFy8tkCxPfyX4Qw7HGmoNtIzNtMQ
.bidswitch.net/ Name: c
Value: 1674473781
.bidswitch.net/ Name: tuuid_lu
Value: 1674473781
.bidswitch.net/ Name: tuuid
Value: 47e3e556-b9c1-48d3-98d0-8ccb568c5e9e
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.media.net/ Name: visitor-id
Value: 3174753818397370000V10
.media.net/ Name: data-g
Value: CAESEJO8EtTEWSeNXU-LblHLbuU~~3
.ctnsnet.com/ Name: cid_edbcff7865cf451e8f9a50bbdafaeba1
Value: 1
.ctnsnet.com/ Name: gid_CAESENBL2IsQpqHNdpPvxu0AMpE
Value: 1
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b48242d7-792d-4dd5-8680-7cbc73c32152-003%22%7D
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 3317502E-6C99-4D93-B1E8-DC3379329D1F
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y85xNQAAARriAAAb
.360yield.com/ Name: tuuid
Value: 3c93830a-03e7-4402-9ecf-0f55f962944d
.360yield.com/ Name: tuuid_lu
Value: 1674473781
.yieldmo.com/ Name: yieldmo_id
Value: g580019d94c3ef8b1934%7C1674473781168%7C0%7C
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b48242d7-792d-4dd5-8680-7cbc73c32152-003%22%7D
.tribalfusion.com/ Name: ANON_ID
Value: aunseFwl6h6bQQwbQQqZckpyXFIqc2ZdDKZdi4plKDEtYdhFbQY8nV8PZbs9AAW9GvS9jp44eu0dew5vvNoojCns
.w55c.net/ Name: wfivefivec
Value: Ka4IDRxS1PjV7D5
.quantserve.com/ Name: d
Value: ED8BCQGPKIEA
.quantserve.com/ Name: mc
Value: 63ce7135-9fdfe-af1a6-ce53a
.adfarm1.adition.com/ Name: UserID1
Value: 7191810127427205259
.simpli.fi/ Name: suid
Value: 23C9ED2999A94265B03679AC42E78E13
.de17a.com/ Name: guid
Value: 1.7527563845497791550
.w55c.net/ Name: matchgoogle
Value: 5
.creative-serving.com/ Name: tuuid
Value: a29bb37c-bc1b-4702-b439-549ca01286c9
.creative-serving.com/ Name: c
Value: 1674473781
.creative-serving.com/ Name: tuuid_lu
Value: 1674473781

7 Console Messages

Source Level URL
Text
other warning URL: https://widget.sndcdn.com/widget-9-c1e8ae630fae.js(Line 31)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other warning URL: https://bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012301041800000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012301041800000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
security error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189475&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778530&bpp=2&bdt=1223&idt=677&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=922389160&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=4857&biw=1600&bih=1200&isw=300&ish=250&ifk=3599634041&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C21065724&oid=2&pvsid=3315224857906237&tmod=319316707&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.btevnckfk7cn&btvi=2&fsb=1&dtd=729
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html".
security error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189475&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674473779&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fmonies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674473778530&bpp=2&bdt=1223&idt=677&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D087ee17237812830%3AT%3D1674473775%3AS%3DALNI_MbOY-rSnfijIuR1QUbcPzzxBhfFtA&gpic=UID%3D00000bc9510df5ef%3AT%3D1674473775%3ART%3D1674473775%3AS%3DALNI_MYVeisgkMQ5G_ZS5n6iqGIDEVHJ2g&prev_fmts=0x0&nras=1&correlator=3625127086750&frm=23&ife=4&pv=1&ga_vid=1501366706.1674473774&ga_sid=1674473779&ga_hid=922389160&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=4857&biw=1600&bih=1200&isw=300&ish=250&ifk=3599634041&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C21065724&oid=2&pvsid=3315224857906237&tmod=319316707&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.btevnckfk7cn&btvi=2&fsb=1&dtd=729
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html".
javascript warning URL: https://www.myjoyonline.com/monies-paid-by-cocobod-to-investors-who-purchased-cocoa-bills-withdrawn/
Message:
The resource https://www.myjoyonline.com/wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
aax-dtb-cf.amazon-adsystem.com
ad.doubleclick.net
ads.creative-serving.com
ads.eu.criteo.com
ads.yieldmo.com
adservice.google.com
adservice.google.de
api-widget.soundcloud.com
api.vuukle.com
bbc1e9c46474127413fbca38cfafe10c.safeframe.googlesyndication.com
bcp.crwdcntrl.net
bidder.criteo.com
c.amazon-adsystem.com
cat.nl.eu.criteo.com
cdn.ampproject.org
cdn.confiant-integrations.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.jwplayer.com
cdn.prod.uidapi.com
cdn.vuukle.com
cf-hls-media.sndcdn.com
cm.g.doubleclick.net
cms.quantserve.com
cs.media.net
csm.eu.criteo.net
d5p.de17a.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
esp.rtbhouse.com
flint.defybrick.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gcm.ctnsnet.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
i1.sndcdn.com
id.a-mx.com
id5-sync.com
image6.pubmatic.com
invstatic101.creativecdn.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
log.outbrainimg.com
m.exactag.com
mab.chartbeat.com
match.360yield.com
match.adsrvr.org
mcdp-nydc1.outbrain.com
mug.criteo.com
mv.outbrain.com
oa.openxcdn.net
oajs.openx.net
odb.outbrain.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
ping.chartbeat.net
pix.eu.criteo.net
pixel.rubiconproject.com
player-files.remixd.com
pm.w55c.net
pubcast-files.remixd.com
publish.vuukle.com
region1.google-analytics.com
rock.defybrick.com
rtb.fr.eu.criteo.com
rtb.openx.net
s.tribalfusion.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.chartbeat.com
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.targeting.unrulymedia.com
tags.crwdcntrl.net
tags.remixd.com
tcheck.outbrainimg.com
tpc.googlesyndication.com
um.simpli.fi
use.fontawesome.com
vuukle.com
w.soundcloud.com
wave.sndcdn.com
widget-pixels.outbrain.com
widget.sndcdn.com
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.myjoyonline.com
x.bidswitch.net
pagead2.googlesyndication.com
104.111.216.21
104.196.130.246
108.138.17.10
13.32.99.41
142.250.180.198
142.250.185.130
146.75.118.132
151.101.130.49
162.19.138.118
162.19.138.82
176.34.217.189
178.250.2.146
178.250.2.148
18.66.122.52
18.66.14.48
185.64.190.78
2001:41d0:701:1000::96f
2001:4860:4802:32::178
2001:4860:4802:34::36
213.155.156.167
213.19.147.44
23.203.125.156
23.203.125.62
2600:1f18:e8a:cd04:9b88:a313:d24d:af44
2600:9000:214f:6e00:1:a3fa:7cc0:93a1
2600:9000:21c7:1000:1a:ba5c:3900:93a1
2600:9000:21c7:2800:18:1fcd:351:7bc1
2600:9000:2304:e000:a:e047:752:5701
2606:4700:10::6816:3556
2606:4700:10::6816:3ca8
2606:4700:10::ac43:1695
2606:4700::6810:5514
2606:4700::6812:106b
2606:4700::6812:18ad
2606:4700:e2::ac40:850f
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:800::2006
2a00:1450:4001:801::2002
2a00:1450:4001:802::2003
2a00:1450:4001:803::2002
2a00:1450:4001:803::200a
2a00:1450:4001:809::2001
2a00:1450:4001:812::2002
2a00:1450:4001:827::2001
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2001
2a00:1450:400d:804::2002
2a00:1450:400d:807::2004
2a00:1450:400d:808::2008
2a00:1450:400d:80d::2002
2a02:2638:1::13
2a02:2638:1::1a
2a02:2638:1::4
2a02:2638:1::8
2a02:2638::2
2a02:2638::21
2a02:2638::3
2a02:fa8:8806:16::1370
2a04:4e42:400::714
2a06:98c1:3121::3
3.126.58.16
3.67.59.246
3.74.180.196
34.102.146.192
34.120.135.53
34.232.231.107
34.91.62.186
34.96.70.87
34.98.64.218
35.186.193.173
35.186.253.211
35.190.38.143
35.190.39.111
35.71.131.137
51.89.9.254
52.222.139.127
52.222.139.7
52.222.139.93
52.30.8.210
54.192.85.4
63.33.255.124
65.9.66.8
69.173.144.138
70.42.32.159
85.114.159.118
85.14.248.72
99.86.3.236
016c6450ddb7c1e8e337ad0190d95079ae90fd5a2907e06c72906a431e202ce2
01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c
02c2d41188e6fa43df6a6e273453b280775270f1db9199e770fa4d1ab8d73813
02e35fe3331082c58fac80f0b6fe2b319bbb6643d02d283f7a27985c02d16def
0352a8b11babe6354d371e00d9c273412d9606f150f710bd738866ae5fa3399b
04ffd09228ab1b2b6a2c856284db8483ee807e1f56e245eca6e25ad64064427d
05ebcc01830f2d7b2d4654ed7ade8d4696cb5fbf2a0878f431b658e520fe40ff
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
09424cafb222cfc6d6eb2fb2a2dfca0a1600f96235d97ceff3a24effbf41c406
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e03a20d6832e6408f2a260d8ab5d3621d9ea64252e3a27cfe451be34064d23c
0ecdc6188a4b2ec48e2ebf84a2a6584e78473f1216d7119832b5dc109bec7492
0ef7e00750f06efee8a0074f2984b78a62c1a0f8cb971f01197532d57a78a836
0f380fdee43a0103d5cd9bee42e3822ac60512f918a7ed2f805cdaefc5beadc5
1000f7966970f9c1c67fcce622ee8ab386101d08f4b195012186b7aeec85ed06
162d35904e34b72b5b900f50aac75b5a52ed6a57e8d9af9a4e66ecf9e7d2d949
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18ccf09d133870cc2b93a87e75da4b1e3ea8429f1c8759d8a4f51b6c9b80519c
1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367
1aae6af796749b4e50dfb211439d3bad2c858ac0e744908cbf969d0281f6c6a3
1acf66d71a58cce9c392b41311d0b1a72298ebf1cd1f0712ec5555e431935da5
1b5a2bb689f35dee671ce481c1a4eef5ca841fbffe7cad9c6518862d174054eb
1b79388fc7fe8a5ccac8bd340825eda3651509d6e6df49300df50d04a9634abe
1baff9bf8d69c7de6ea553b53218dc5990e8a58d69200bab0c4763e70639fef4
1d4a78769df11981630c482bfe090ec752e4a7401e15e79abd8d351f6e034903
1fd382c567944a352c9db4e41ac44aa97e72cb771ad7bcc63dcfb5e03f4544f0
21967403074915c562efb5adf32c0b1322faa7823e45fb6076ee375972ead008
21a924ac651ba65e51a5c9b5ae4b51453eb9b957d5990001a85960df95603d13
2263589ed89b297a57ab885c817e8c13cb0d3d36a581314298a39aafe2369c88
23aa272969efe7620a7945e78d0de698004ec06b8882fb500cfacac8a6d76810
23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8
242afeb2e37b89565d37e36f17c901848b69b195d8b736c59d79060e51476cc0
260fb4ce8b2d242c72a92d027476ba08bef10e000298cbbeb2ba3f68b58c070e
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2c04c546b4efce9f6c9ff078f7b639e2e128eb9fbaf9e858184e1ad775f55099
2d02dc710b58a3c71bf068def9b26347613a4dac4315d6f1eda035b00fb77609
2d02f1e3c0ea583351f54ebddfac7a060ebc033d94fe688174d19e2c7e02f5ee
2d65605296c3f34c96cf4638c0adbd0b9397a3ae108986448a24d61a3e389d11
2dbe5bdc0102e824f9f2a8b804a696f4b9b68459ed1a4f15516ff90d78c5f6fc
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3062de421ab0dcb3f282bbbda8049e7aa250ef25eff9a9683e36c3108ee93d24
30a75d4a33c84b4b111e38de784ab2174f0744ea4ffadb57cfb779d102cd2f52
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
321e79473f5f2f05225c7e194da84d69a8bc20ef64f19fe9c87d7cd15b0133ef
336b0ab398ee7578f27446dd3140ff81aa3f91826ac35261fbacdbbc8e17b20c
3394fcc1aa6da5d93c2f52e131f4ee4193691d5797cafb35c7dbdabfab4cecde
339c431dbbfcf7b370b678aee1588f0543c767da987e8af97f5df6b907cfcf76
347d077a1c34270efa6d6f8ef73ebc1fede681e42cff5cc392a88f573bb3b4eb
34a9b11b2cdcaef45bc7c6834c7e48adf1e11207a4f4d8115df2072836c0423c
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37b9a627674745ecd071e8ec6c13a61a868d34579812be5ccfb4ede29f863396
389af64d78629d373fe78d04a5211cd124ccc8a85a5b7edb060de5d6630bc6df
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3b1d23007a2051dc5bed8645e7e0b05d902a08fb29563dacd5eeafa533f7731d
3c46b18a1ccba221be436881e1649ef1bfd1e656184fcd535e84bc77c77e8e5d
3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8
3ebafc6ca8fa7b89f01365ed70bfbb1f866acda63c880947bc49eebde84ccd1b
3fc838e727e61e0527c90ca35a033aab703e75e9c6d04046702210d6bd18745e
3fe0592142f06693290215d57a53b9e40c0a22544bbd32cbb337a872ab866eb6
417243696703ca6611fd5dd126cb363fec95fd2246247d44cba683d956f9ba67
418b6a26a224d345228ea70ac0c5c627602c193b8b79f36b0d8a6161b1c1b34b
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
4282eeaebc14841ca183ace034238036f06fe91ecfd07ccbc04a9b4a32d60a6a
43ea858dc40003ac8d46371ae15982f7c73c789baf54845c0b46f537eea5335e
442c0cd3cddd63457d7c7fceae4d0317a8cf6b912764a7c9a5ddca5e955612a6
44b34578989a08119535b5c54623cab8c70a3ed38106e766784108ea3bd06949
44e61cc406c936f5800d26fef8f75795624a8b2855929034b9cfb6cab6790a8e
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45fa01b9bf48281c8b7e8aed1e3240073804b9b24425361d55e02608b1fc0bf6
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46ea76ed91252c472d6abeeef1484a8704b49ef56533fcb90edef5bc2a9fc0be
48041bcb6dafadb3ecb47aacfec7f5e0e43262f9c6046c28460a38c51caeb8c0
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
484299b75326261e6a29e6dd854cb313a3a30a4aca0d785dae5e5adf2dc63251
48d304d71061563fea61e3c4737adf0d174ec48f74c6a4c22e8ac5c34843b8aa
4a26af5cc1bafec3821428137004d4fedc4ce3a04aeb320eeeb4fc62cdd56150
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4d34dbfa2a5e71fe0504f8ccca4cac791cdd5472c606b94cd87c2688b76fac09
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea737ac05e8ee5e490220d97b820834c18cd7c6f1da7d85007a51a5c64425df
4ef93d501cce74569911272792bf7836af546536d914ca1b87de59e4aecf63ac
50ea53aaa8de06f5f0f72f2ae806505bfb1de3488c28a442da5b315ca05afb30
52ce4438d62664bd1663efc27cb1417d3f93a0d8083161d89518656f4de546b1
5390e9facc0ddb3ebb2236c1c797ba47be28e4173b948f172d133e4f8ce5748e
53f98bb0b288d162a288ce2caf8406c00c1fd474f0c73a58b5893098271621a9
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e17a640c1d6b2a717f66e95875f02d3f10e0d662f68a76e73ecaf82a74a994
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
56088efa2308c496a3caa55c9d0eb98b415679ed793f0f5500df83185e5ae5a0
562105a33342805e87028bec888c44120ffc55cae3c584422397e4df3772825f
56913dc37967caedea5906092ab3399d27f038baf0d1671eb566dedd125df7dc
5941756843e528a29a7222fc10529ff3b2f406f2234cff25a28a2477de5b9137
5941bbcfc82fe73f86b9ae9564a319e9b39ece69f05473f767b85df011a208d7
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a2b39fd81d9e5dfa7cd19122d29aae241c7dbab8e178b7e87640d27557085d1
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5ae454ccb04e1208e158521cafe1379733770bd2e14c7e972ab46fa55282f3f4
5af49e8a4b70e3c46dab9564cd55efc07ddbe8247e1bf8646d6b1c79f5e2b211
5c0eb4511d6f5b763b5f31869d398c39865d81800cdd14dc574c53e7c3c22637
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
5f6b7bd800a4dea355d7119dec8eee8a8f2a3d2a95d1d0ad9e3cd6b269d7c6ca
5fb9344bf86f85a31d606c8c79ea79eadc775287a9f104756c48833b0b7b10b7
6180554d32fc60803090badcdc5539a54e3c84637e9b97a07cf0bc14ecab60d5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a
62f2fe1bb3e183ac7a337e04c4abaefb3ac5c3523260152657caa73326a9be02
64f9e98a68d94c6ee1bdaee26992bd796d293641ad202e3d311c146dabe3b67d
650da9e6f05c29b40c5cf21e4ce0a863c81e6ea5234b23f4d9b93b51dc6cfc56
65bf6052f97e8208258bb63b2e7369a44ee622a2890e96da168cc240108b7700
660734f36dd44b558b708434978e545ab0dd469f471c5945565f6c06709cbd0f
66b0ae298a524a79ee6d380a2b609fb15f180589e6b817b3ba2e140db0a795ed
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
69afca92e3ef536873ac787779a518a28b99924a59335ab5ffafea36a7b61a98
6b759c4ab19d3efbd9690a76f96a8905734e104aaa98104f91c3fd3cfa0b154d
6ed67d00b03ac454d09fe8823fd48765227f93e6b8a8a5e47a7ee6001f090ce8
6efad1e6bd5fdd0ba9e23498896aa5b19bee073f1a880b427260e4bac3658b94
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
702c7b4ba4ebf79c8e25e5d8ea1c6287e193caa175942c0f27ac2a98a68fd551
71d66521dfd4a8eea681f0b8be5ec675ed120466214c9507ffb2d48531d6796c
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
73bde07cf1f585990d0495c2d122e078446a058082698e43a43f9e11bf38ff5c
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7464d925cfd07b396fe25055a0b4e75c62dc23a67e6568ccd215e57b28a17c18
746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0
75fe206d45f477c30ab126dd570d52b795a690f8e0b34b2071b34ab8a9e11876
7b2a799b6550ce9540544ad8167eb69afca6b4478a996146262f63e077bc3d55
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7b8791800987b9daa27029db8bf4599bd773b3110a72a4f5d1ea664509a74e65
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
7cb5b531e8d371fc2de9b7d024b422804d7c2e3123e7c70ff9c7122ad65f55c7
7e2d0edad81d1e80cf1281c0bfd22761d1af8e9e7fe72bf0026ced4326cc94f1
7e61b98cfd48dd5fda2b67045ebc64812e2125be27b1b8f699672567ae2d9ed3
7ea9327b36f8ea3355ad8a33cf7bd5735cbf2e11ed96744279181a0fedd2401e
7f5d73c848836745a93ff7aa540a8f83f9899e3668628f42e9ba0cc6ef5e0b32
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7ff1fd08b88f47dbb00f5a47a4686025700574019e591f2237a4b1a64a78aeb6
811a0e66ec464a02e5ffd50ac152ed2c50502c19bac722b30a2562f0abd614a5
81664ea42a9afdea7b505900d973364025bdf4b75dcd966214c6c73c27703e50
81cc7fd7df22e0e62e9fe6cc340361b2287a93752604e162440708e12712e39f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8384ee82bd6e7a93cd65225d3fca5aa6b18e812dc7ccca0fc49d94c982e4ca86
8651a1012bb35c2683162251b75438c3710bb12cf07288ef9322c271c44826af
86fd506ffb52ebe0c517741410cb674fa74cd8b29ad175b591b4d020908b64a4
87a26ed5fd2ef06513a60d162c6d4f0ddf062686222533f7321794343f0b5da0
885cb07503e088de00e0b1502940db47d59817caf2a3e35e1f92432d48d6f8fe
8893201d22f593c535d23bc413757040c3c12bc17e54ac4aa8a8a386c9ef8f29
88b45b1b574945d5d914360068abd2e2c0225c98a443715015b15ce0666d3b9d
88c9d544b86bfe9622d5ff27db77308be057a5370e615e9b18f072246d366d88
8a90b3390e779e55dc8c1372fc0f62288b76cf4dfa1a691e9e9bc80e2d324ba7
8b8c6218040c027d2762ed6e7eab042ed294e60a1e9d706c15eda72be4f8045d
8c082bece010e3d7fb4120f165a47bb64f589a22abcef2935485c58eb544f246
8ca8a4feeb61ae9e7c5b6dc7a7918cf9c214c601be52f73231bb20cec8861c00
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e8add0c0316a42e776f9ceb5d9b6af087ae2e99f8474d45456e44aaff268597
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f18c40a3fd1a75d239b3598c66016b18faa6b559aafccc5aba1870fef6fb146
8f7d41310435064aa15d0620251c2a473a016576e68136531c0a7e959b621bf4
91bcc65a1a6bb4755e48576889ae27c2f620e49d126b8127dd16c1a99945b9d5
93cb5925a330630f84012b5d56afe97a04dfed609ccf3c73203ef570624ce821
9550654409f5e615f24c4f16d0323ac364e0ff1072f20eb18da70f146d53547c
95b3452ac86e83ba6a6beb3fb8541ba6611eed09ade37fa630d1a936129edebc
97fd90ef746f6ef3dd8fca95e7876067f0886e31fa657470635fdeb136845ee1
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a3d1f5824ad4bd991a67acab64088920e43d25545ca6b4cb78736dc35b696a3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9c30ebef8622781f744afe92f1d1cc8678eede9f0dc43a2abdfb351474659f12
9d17a78f4d9779ae7353e2f0eb56d6d3b57eaf1bc2d3e4beb482ae693b00b37b
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9f2fc2f33e773c6b741ca3aca6a48cadee3d64689c42a42d3682df076811aa0c
9fc1a27c79e284eea5520d0541a5f8ee0a9cc3f897e6665c7026aade58f68a00
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a07bdf966e62dfadecb403a3eabc81af7ce9f01c8420fa47e3968eedd77a6e99
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1a74eef6e94e2e8414e313d3dac9c34b11fccf52909e9eb833ce2cf70ced650
a29cf168c7fed359190bde8541bc52ce4d3713e72b482a65ee882dce6a225374
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a31851b890b6b4806c376c27fd988d946a29f8ebd9bde9edf0c01147a027db53
a329dd223f386b9f40064d7cc46df26baf6921105439bf8e3a995745e15f763b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
a8dabbe9a72646731da94581f6de8704d4a020deb7a456aa868583d2020385c4
a95cb3081595ac8bb593fab22af2971d38b89619d889226c10ebf79e4d0cd3d1
a96029779bfc67565a3c5b0fc58e6eb3485c0544289e6675802334c6385d6cc5
a96924ddd5fb2ea84242905ab60d5ba262bb28e91fd6f097a077db0a63728dec
a9e1faa9ff9341bf201a5d6a70a64c967dea929167a480a499d44e9d05edcef3
a9e23dcec7b7d492b11006586bea4e4fe7de01f647f89c6aa84e186567b9da50
a9ed6c0cdb54ddeb561369fa2f9748cd0dcba457ba2cd0cb1955cf48387bcf2a
ab289cd24d6b3062511d670d7286b436f484f4bafced35101b87ef6ce730749e
ac6798d3186da6cd48aff27610247d5dbf41f5f7cbded906a88aa0cb9164c489
ad934ad20c1854d2f78f9a30bd38d90cf32336d953f2fa31b510ebe954c435ca
addec199fcf7a538b4b38ab5464ee3c8f69c0af9bbd0485943029382338ace12
ae1663cbcdbdca7f194a1bb69d2176228b1562f3a88a7be212c3c3a474e0cafd
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1fa693d2cd4a5db2635ceb147f1aa0b5d4d75691c093bd8848e1e4a7b8449e9
b35d10a750154a877e5c4fc85c859339aba29c9abbffd5513073c82fd343a6ac
b38e47a0754cf33284eff286bd4a4b4e42bb75a1acebd2dd5a7589ca1d952ab5
b4d3be73592ea977806586f213211e9f21fcff7d5dad5043614ee519be37fb1d
b52592691c7afe6a6bbf6e8f0fb6495c96d8542cf7ed1d9f48fa0e45e7f07589
b59e31aeaca17f052e5e16fa1713cb48d45997454c26ae2876302420b77751c2
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b604b5779057ccd5007d7d872e9c8b2a2344c98fb13922686133973e42e8778b
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bd24bfe5129d1c9a47b7fb73b9b60bbda68b3d6ee394fef9eb13e17521528298
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
be26b6303ebfdff0716d97fb203fcbe8bade41f925107ae54077874c79015b19
be36fa26bd14e5a187afea733b8f8b23b7a52026d366d7bbe03738c03e6512bf
be3e74dbd9087c9f65fc9dd5ee31569b89224f667cab7edafd6ba15890201c2d
c0916f65ed64f655a33783c1340f634d26cd954009c0fbf5162784e68c529c33
c1c38045dd67dd63d11e6d8b94d68485701cdfaba41e2aec5ff49fc70c02475b
c2b09643e58ded9316fb73dfab3ffca42772599008066cf599bfc7fb40766c1d
c35829b27cab8baa43d3fcab2264640c80df89151eee9391708049c39ddd368c
c3d5052d92ada24a48667a3ae060bead82f286f3fec25c4a2bb558883fc5680b
c515abea3632e11f7febff0522cfc2632cbbe1d4aacc03a455571ee6d6e68e52
c5332142a2fbfe3cf57e287e51c2bb0d6e8df91932fc6a3051015a54d967cab0
c6629584f62feeb6b024b50fae7e99ed6bec9942ce434c8163e2d627f1253dbb
c93dc84049ced06257c79f0b114862380a1964936f843f7c962076b4e107d58c
c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763
cb124e502b5c41e197d70daf1372272b4f6c7ebe8ce427f6921db3345b0eaeae
cbec7579d8c2963f13b8ef90847bef861b534371bfd2dab99ebb09ff1528b0e9
cd6772baa401ce68f0a9cf3f086d73e8428008bb52164357d132d772ed062b59
ce9a77468145854567aacdd2566763baad0d40f143739a69080919805fc29310
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf6fbf15b384dc4de9a63b90731bde9bbf6c4133b27c90368ac9f014123ddd8d
cfcf65d9367265634451d5ea043d0f33e1fef98d8595a7e86085dde04b392cab
cfe869e50b9b346e9b128d60a63f479647e75060c39c8f5790cbc88796a54eed
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d32658fc01cb3bf428d18cf7912eb29f7f6e2902674775c65c9411f6cb2e9e57
d3c892e01af29ac871d6435b47601960d2692dfb570dcef54ba0c1f3747173f4
d4e6f8e323458aa8091482ac77b79e4fa6c3a75ee375ada0db8ebec6222f7588
d4e7f21914210e4d6da2b44cc05a554cdd1e538ee43e1d4dc5d6e6a1f1ee1282
d767cd5c10c702bf073c69dd55dbed1f35c9a584b8a8c516fe64609f7365f157
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dbf617647ba51c6feaffa1d981e24fa476c392f54f2ee54b5c86fc049c62258b
dcfd81c9426baeb3821d227a40cd765d3df097fbb0df64913f7bdd414bf4a3a4
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e0e017de0b96508b616df4a4f200585fee7df1100ebfcf06a2d77acbf63b81bf
e0f09df56f7aabf366be449dae49c8c86124a42b71177240307820a41c7a1a18
e27baa66e35f5d5adc061e7e1dde7ecc416a7ae08a15b8e0c6f36e7a2557e5a7
e35bc74cf7e4af128e2bb83ed004693fd139abbb97c13f4b86b763802627965c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b4d5155a2b007e32c7c2d0d6cd933d5f0b3272ba6692ce71c66f34e2a2ddce
e527ed2aef39f2b9e64ae9ba09929961f15d93e35c16dcee8759f55214a982a4
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
e5ec9d53f8d82f9d59a8e9157c213b7b9cf49ef83d6e068e22f63238f195aa15
e5f2f9d02bd1448626ba66bdff4cf213f9d8c0186351b76b13f3b6de8a2c2b2a
ea19606333339c1f788ee53fde82a94ed6d164673abe2e5939fd3aa081ab53eb
ea5b3b1976c12b43f1e432cbe0259f6ceede85fdf6c859f3addf2f9be2559a0e
eaa653af5e2a278672661f05d1af722339924fc64dc6d314f85a644e1d3e52a1
ebfde080ee7801b89643c3c3bdaeb25cbaf6546b3a9ce1e8c4f662fcd64eaa41
ed9afe72ae25dd8b41ac5605c97cfe49fe6e788966bac7ff1949b371371e3284
ee0358b12d512e90cd120c27f96a4ff913c23c5a4f810ea5f9258ce03dadfac4
ee54185d227b97546b9516a4930f7e72a810488ab8bf9c9ba7f897a782bd0437
eeb399f1789ed52132e5a180555cc0e24bf966b03cd0e97792bae7c637e4e229
eed474a49bdbf745c19e463f070e67977c1ab27835603eb749d9e5c249cf81f8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f239f3f5ba2fe8def7ffc52c0268cfb1cbd362214823676459daa279370a9cfa
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903
f4e3851c7d081b8fce608c800b52c9387e2412b96eda2a599d25badd7c212776
f5961a3178201a6de5f9b6eb4767ccf3efbd406e39a47285a33ee066a508d81d
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5ae5a08b30987e2efb3df7031ab8759a1b30f06d932412475c5778b217c41a5
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f62fd07dfa09c17b33bf5c23745a7e563edde4b0dded011e1d8e54cb133652b2
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f85bb4cd78058f61d75c245a35dc84d7c1867aae5e90fb910bfb0eb0ec82d782
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18
fb63ea01905ce48550a69f026781efea4d406b3b0e99be21e1609f4c96bc09d1
fba938b48470da3a351326f572c6da242c9bf9a79829c1d429cb8c5dff68f919
fbeefc618c29fd41bfef07437087f6ea3cee45a8a454c43763f82f01cb4b8750
fc871e89201aa44e7380e81e7f7846c4164e5a5d3374ba722a90e518ad48feae
fe1e61c7bf884642fc7ddaa06c70e37a6f1eaddfb86b775d832316bf568ce2b4
fea8098ef6414bd55168c6366e9c3f12bd7e3e62f0484c00629ff91140882fb0
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48