pt.jojoy.io Open in urlscan Pro
2606:4700:20::681a:2ee Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pt.jojoy.io/
Submission: On November 27 via manual (November 27th 2023, 12:12:58 pm UTC) from BR — Scanned from DE

Summary HTTP 127 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 31 IPs in 6 countries across 25 domains to perform 127 HTTP transactions. The main IP is 2606:4700:20::681a:2ee, located in United States and belongs to CLOUDFLARENET, US. The main domain is pt.jojoy.io.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 25th 2023. Valid for: a year.

This is the only time pt.jojoy.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	2606:4700:20:... 2606:4700:20::681a:2ee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:6ea0:c70... 2a02:6ea0:c700::17	60068 (CDN77 ^_^) (CDN77 ^_^)
6	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
5	23.37.226.99 23.37.226.99	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
4 8	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	142.91.159.80 142.91.159.80	7979 (SERVERS-COM) (SERVERS-COM)
1 2	54.207.134.111 54.207.134.111	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	54.94.186.21 54.94.186.21	16509 (AMAZON-02) (AMAZON-02)
2 2	2606:4700:303... 2606:4700:3036::6815:38b4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:6ea0:c70... 2a02:6ea0:c700::21	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:4001:82b::2016	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
8	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
6 8	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
3 7	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	185.89.210.20 185.89.210.20	29990 (ASN-APPNEX) (ASN-APPNEX)
3	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
1	130.211.12.42 130.211.12.42	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
127	31

17 2606:4700:20::681a:2ee (United States)

ASN13335 (CLOUDFLARENET, US)

pt.jojoy.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
etpweb.jojoy.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

1558334541.rsc.cdn77.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.37.226.99 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-37-226-99.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.91.159.80 (Netherlands)

ASN7979 (SERVERS-COM, US)

ou.samogonmarvy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.207.134.111 (São Paulo, Brazil) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-207-134-111.sa-east-1.compute.amazonaws.com

api-ad-admin.jojoy.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jojoy-app-files.ezjojoy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

jojoy-app-files.acelitchi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.94.186.21 (São Paulo, Brazil) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-94-186-21.sa-east-1.compute.amazonaws.com

cdn.ezjojoy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::6815:38b4 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

upy.happymod.cool	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::21 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.topmongo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.66 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.36.155 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.210.20 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.12.42 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 42.12.211.130.bc.googleusercontent.com

ag.yieldoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	googlesyndication.com 4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	250 KB
22	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 ad.doubleclick.net — Cisco Umbrella Rank: 154	298 KB
18	jojoy.io pt.jojoy.io etpweb.jojoy.io api-ad-admin.jojoy.io — Cisco Umbrella Rank: 470390	731 KB
8	ad4m.at ad4m.at — Cisco Umbrella Rank: 12394 as.ad4m.at — Cisco Umbrella Rank: 33424 assets.ad4m.at — Cisco Umbrella Rank: 45800	55 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	5 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 246	5 KB
6	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2462 www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
5	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 8755	3 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 742	148 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	298 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	47 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	191 KB
3	ezjojoy.com 3 redirects jojoy-app-files.ezjojoy.com cdn.ezjojoy.com — Cisco Umbrella Rank: 499927	365 B
3	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 4034	71 KB
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	2 KB
2	topmongo.com cdn.topmongo.com — Cisco Umbrella Rank: 478870	102 KB
2	happymod.cool 2 redirects upy.happymod.cool — Cisco Umbrella Rank: 501036	832 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	104 KB
1	yieldoptimizer.com ag.yieldoptimizer.com — Cisco Umbrella Rank: 27201	477 B
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 87	168 KB
1	acelitchi.com jojoy-app-files.acelitchi.com — Cisco Umbrella Rank: 969713	44 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 899	7 KB
1	samogonmarvy.com ou.samogonmarvy.com	1 KB
1	cdn77.org 1558334541.rsc.cdn77.org — Cisco Umbrella Rank: 443437	48 KB
127	25

	Domain	Requested by
21	pagead2.googlesyndication.com	4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com pt.jojoy.io securepubads.g.doubleclick.net www.googletagservices.com
16	tpc.googlesyndication.com	4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com pt.jojoy.io securepubads.g.doubleclick.net
15	pt.jojoy.io	pt.jojoy.io static.cloudflareinsights.com
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
6	securepubads.g.doubleclick.net	pt.jojoy.io securepubads.g.doubleclick.net
5	ad4m.at	4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com ad4m.at
5	googleads.g.doubleclick.net	4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com pagead2.googlesyndication.com pt.jojoy.io
5	mc.yandex.com	3 redirects pt.jojoy.io
5	analytics.tiktok.com	pt.jojoy.io analytics.tiktok.com
4	region1.google-analytics.com	www.googletagmanager.com
4	www.googletagmanager.com	pt.jojoy.io www.googletagmanager.com
4	4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	www.gstatic.com	pt.jojoy.io 4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com
3	ad.doubleclick.net	4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com pt.jojoy.io
3	www.googletagservices.com	4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com pt.jojoy.io
3	mc.yandex.ru	1 redirects pt.jojoy.io
2	www.google.com	1 redirects tpc.googlesyndication.com
2	fonts.googleapis.com	4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com pt.jojoy.io
2	as.ad4m.at	ad4m.at as.ad4m.at
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cdn.topmongo.com	pt.jojoy.io
2	upy.happymod.cool	2 redirects
2	cdn.ezjojoy.com	2 redirects
2	etpweb.jojoy.io	1558334541.rsc.cdn77.org
1	assets.ad4m.at	as.ad4m.at
1	s0.2mdn.net	4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com
1	ag.yieldoptimizer.com	4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com
1	i.ytimg.com	pt.jojoy.io
1	jojoy-app-files.acelitchi.com	pt.jojoy.io
1	jojoy-app-files.ezjojoy.com	1 redirects
1	static.cloudflareinsights.com	pt.jojoy.io
1	api-ad-admin.jojoy.io	pt.jojoy.io
1	ou.samogonmarvy.com	pt.jojoy.io
1	fonts.gstatic.com	pt.jojoy.io
1	1558334541.rsc.cdn77.org	pt.jojoy.io
127	37

This site contains links to these domains. Also see Links.

Domain
worker.happymod.cool
en.jojoy.io
es.jojoy.io
id.jojoy.io
ru.jojoy.io
ar.jojoy.io
tr.jojoy.io
de.jojoy.io
fr.jojoy.io
it.jojoy.io
jojoy.app
www.tiktok.com
t.me
discord.gg
twitter.com
www.reddit.com
doodoo.love
answerai.pro
jojoy.io
cloudgame.jojoy.io
happymod.games
www.whatsmod.app
spoti.plus

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-25` - `2024-03-24`	a year	crt.sh
www.cdn77.com R3	`2023-11-06` - `2024-02-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-08-14` - `2024-01-24`	5 months	crt.sh
ou.samogonmarvy.com R3	`2023-09-22` - `2023-12-21`	3 months	crt.sh
*.jojoy.io Amazon RSA 2048 M03	`2023-11-01` - `2024-11-30`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.yieldoptimizer.com Go Daddy Secure Certificate Authority - G2	`2022-12-14` - `2024-01-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://pt.jojoy.io/
Frame ID: D3E0AB39A67C4C76F34BD038D1F93BD4
Requests: 55 HTTP requests in this frame

Frame: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0CB6310138522368AED78D1127A4FEA8
Requests: 1 HTTP requests in this frame

Frame: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 406A838D92A8D4F0F058F53646C46AF5
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhDb4oYCGOLxlIABMAE&v=APEucNXphju-6hvZpVThA_rDQ50XSA_cgv6U_r5g6AlHyBkfZPktU8tXVdFWwuW8Yc6-35Zy8l5qGwu1xqxWczxEkl11kLRGCNVRhNttbZVGVocDvDm_eMQTHArDFh5-ddf2szUzOk1IJagq9NeXUhE4Uk1eL5ObNE8rwnt8WNWANjMPqHijXm0
Frame ID: D746153299164E2523E7496F254B80F4
Requests: 5 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 9342AD609FAA81D20EBC82135DCBED23
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: ECB09F800BB312EE2960F51DC6BC38A1
Requests: 3 HTTP requests in this frame

Frame: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C58A772A22AE55A3D12368DEF2A52D47
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=36039&b=xEgtQfEK78Sm8rcPHWtrHQt3WXtJT6TM2uA&f=YxqtrfzXWdsQKWtVH8t3HgC1e2TAT1TXqar&c=320&d=50&e=&g=9fa3d957b6dd57bd688dc4e4f38ee74a%2F16842225229900069245&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=dbmPros&r=1701087173282&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCOY8FxIdkZb3LHeqB1fAP3t2QmAKw7MyzdI6TrvOVDPAuEAEg_7zILGCV4pCCoAegAdyokOUCyAEJqQIHxDQrk1qyPqgDAcgDmwSqBPIBT9AnnSjt06NT0zqEezTJB1jyZaBAQZQ1BsQSfCZWPVrf3ZYOLc3PqWJ3eeLOo_adABdZsHVdj9lBRS1biEItc3jo9UegKHwd-4mqK5EdRzA5kQ0SP5v9ZYtI1ZrV4rtxGVqUh_Gmo6AI8y4bJEAA-GLD3pnQ7uvaJlyNBT-MiRLGqyZROB2FrX48Apfx3jgTxawJKyJxkk4uim9Uf3y1kpBx_sSX2xhhs19OUbpVUp65-ocZdDbbtqjO8QXvuOYwyncms5oTbdM0bpt85JQxsTpICz9940jIBmV3ulGpJQQHn-iyQqlegzbPzuHtx0i2NIvABOr-mfamAuAEA4gF4v2k2AeQBgGgBk2AB4zX75oBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CREXiDRMIkLuWxZPkggMV6kAVCB3eLgQjsBOjwPcU0BMA2BMK2BQB0BUB-BYBgBcB6BcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSTgDICaaNn_Lsnu2IA7B-tuH_46DC8P9bhxVI-PlBzrHI0nsckEr4RNaVUDbtqQRwaW0068lGbue3j455xTAmpMFz3kAQAI_X_dfAQnv3_BgB%2526sig%253DAOD64_2JZPx5L6IvFdkKlHbxkGQvPiNF1Q%2526client%253Dca-pub-1318661272776558%2526dbm_c%253DAKAmf-AJtUn2Ci5UC8uZhBM_xEQerjsN4CytwzJVRNxqLHVZFsy3JVosCJ3LVrlZyFgcgBgs5mWv0EbGS5cF9BWei1hR4qNBPN-3zqSRQGiC5rYohUhoelW30YePR5g1OMBsqx9BaTb4FWij0SW1A59wZQ-5t8R-XX-9xpDi_HhYD0UAXHA2LjQ%2526cry%253D1%2526dbm_d%253DAKAmf-B2k6EF1cx9HEUhk3yTHaAUtUj5gMLFindT-Xe5TrE0WXMKZk2SPB-H1OUGvKIAS5IoDUMpG4Q4SxqjN-ido-Xww2eVqoenoK8SGJ9CjuI3fMeMKiepD6qkyZkBRqFAOZD7Z7rWN2uA05oJirp7NVApwMKf7o93HIc_UqqnDzIdg9p9_V1sZcDjABb7Q2kC3i_lAU0OH2g074zMPvWo1SAsN0WyaXUiXbUTYI1qrXmUX38hezu1l51j3si_1ikwXNDkat4B3X6ksJ4Ij8wtWv3Mu4Z_VZVGc2LtU8bsjWQYgqK-hUxsFsLP44UBZQzE5NTxpNAcXm8lHC8feSFB42kj5Ac61Y4zmS4-N5Bbnk-6AuGoS-VWBwSNO3BqxDbttp6e71pUkNHKuRrg9cd5QBZ_W-3gcw2kwAGAbTdzLEQ3ilTmgQ7rE7niMhTwZAtaDE3EmOWbbfrA5azUonM3MwIbGYpahzGAFHJse1dtgkwBGXC-a87VoXO7fqkC-pUaG7yYI_oipHhXoc2y_RjlEsGlDJMQC-QuG5-q979Q45jl_jmYVF8%2526adurl%253D&y=1&s=&z=0
Frame ID: 74E569AC20F976979ED9950370860E03
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-JahC708UBGK6v7PsBMAE&v=APEucNUgj4aZvOL26OvSVG0Hg3Fp8JlnV2xZacsfNtjuitMARcCbU3Wv_-CBNWZxghCJVAWYGUOghZfPyGJQcOgWWZpCk02eC58aD9vnVCUeIdanzb94IJ9bvHjO4Dr6Sdr5vevGDALIQ_XyjO_zdFEcGS3K4SUJxrGUoZvBPk3Ie3pYbBXinRs
Frame ID: 1F5B36DDCED784C29ED9296E6CC42A35
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B6C1492E9DBAAE03F649C77A859B0533
Requests: 3 HTTP requests in this frame

Frame: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0D39B3B7B27F46EC6954A4EED4E53A86
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 22A8CB06DE9F992C8E427195652024BE
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5D0E239114AD572093AB14B5D51F79D3
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Frame ID: 7A045F825874C5992A6486DA8D933909
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3B12F563D2EA779282C7680FADE10058
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 060FC9CDEA3B00D4A6ACDF3B3D712F46
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Jojoy - Free Download MOD APK Games & Apps for Android637C59BF-2215-4F67-B895-7D49FE18842C

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Sensors Data (Analytics) Expand

Overall confidence: 100%
Detected patterns

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

127
Requests

90 %
HTTPS

72 %
IPv6

25
Domains

37
Subdomains

31
IPs

6
Countries

2593 kB
Transfer

5980 kB
Size

44
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://worker.happymod.cool/releases/Jojoy-latest.apk

Search URL Search Domain Scan URL

URL: https://en.jojoy.io/
Title: English

Search URL Search Domain Scan URL

URL: https://es.jojoy.io/
Title: Español

Search URL Search Domain Scan URL

URL: https://id.jojoy.io/
Title: Bahasa Indonesia

Search URL Search Domain Scan URL

URL: https://ru.jojoy.io/
Title: Русский

Search URL Search Domain Scan URL

URL: https://ar.jojoy.io/
Title: العربية

Search URL Search Domain Scan URL

URL: https://tr.jojoy.io/
Title: Türkçe

Search URL Search Domain Scan URL

URL: https://de.jojoy.io/
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://fr.jojoy.io/
Title: Français

Search URL Search Domain Scan URL

URL: https://it.jojoy.io/
Title: Italiano

Search URL Search Domain Scan URL

URL: https://jojoy.app/
Title: Teste o Jojoy Web App

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@jojoy.io

Search URL Search Domain Scan URL

URL: https://t.me/jojoygames

Search URL Search Domain Scan URL

URL: https://discord.gg/dq97fABeQR

Search URL Search Domain Scan URL

URL: https://twitter.com/jojoy_io?s=21&t=P0daNqt9ZsA_zcUJLbbd_g

Search URL Search Domain Scan URL

URL: https://www.reddit.com/u/Jojoy_offical/?utm_source=share&utm_medium=ios_app&utm_name=iossmf

Search URL Search Domain Scan URL

URL: https://doodoo.love/?utm_source=allweb&utm_medium=banner

Search URL Search Domain Scan URL

URL: https://answerai.pro/

Search URL Search Domain Scan URL

URL: https://jojoy.io/
Title: https://jojoy.io/

Search URL Search Domain Scan URL

URL: https://cloudgame.jojoy.io/
Title: https://cloudgame.jojoy.io/

Search URL Search Domain Scan URL

URL: https://happymod.games/
Title: Happymod

Search URL Search Domain Scan URL

URL: https://doodoo.love/
Title: Doodoo Love

Search URL Search Domain Scan URL

URL: https://www.whatsmod.app/
Title: WhatsMod

Search URL Search Domain Scan URL

URL: https://spoti.plus/
Title: Spotify Premium Mod APK

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://jojoy-app-files.ezjojoy.com/com.kitkagames.fallbuddies/358250275375644672 HTTP 301
https://jojoy-app-files.acelitchi.com/com.kitkagames.fallbuddies/358250275375644672

Request Chain 33

https://cdn.ezjojoy.com/packages/com.kitkagames.fallbuddies/icon_de844a.png HTTP 301
https://upy.happymod.cool/packages/com.kitkagames.fallbuddies/icon_de844a.png HTTP 301
https://cdn.topmongo.com/packages/com.kitkagames.fallbuddies/icon_de844a.png

Request Chain 35

https://cdn.ezjojoy.com/packages/com.kiloo.subwaysurf/icon_9a3ca6.png HTTP 301
https://upy.happymod.cool/packages/com.kiloo.subwaysurf/icon_9a3ca6.png HTTP 301
https://cdn.topmongo.com/packages/com.kiloo.subwaysurf/icon_9a3ca6.png

Request Chain 45

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10200.pYSe-jSVO0dm-EDV2OpkyfuN3r1s2ic8GUtn3cnOd26nM7_E3pF0yIWyVTPcrI4T.UURQgYY2gpUecWGw9CFeq-CxL_E%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10200.Ya84fAEj8Zb8YxmNBxH1o7dqBLD4oaJPCBreVhZJV58yXFGuD4VC3rGuEQkn47AmoyVsbf-OF-tZTnQoCXeZ699jp5K20_2aejiXqJ0xVI1IgRybS7efWwiQCRCBH7BpTvSNOuX0rc-FI3V4yog9I2E6avPghjDyCfxg_pBPQHEhqzq39fveM1U7U3d41m4I6eaNNJZGxXNvL8jisrdX2YKm4ko1j0bapwJZecwF4R8%2C.eMdYPgIyvUVD-jXS5-SAdKEf56I%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10200.Ls3L3d5-MjbRE5--5BL6Yd66vqy3dz2jpJIO7Pbx8_VjC5QY6hv2VFTm6-Nf7kFj73ZpxiNUx9HGnT9TQO5TJ4FxW2n1YRrLILm7OPEEpxdZudImcrCXjmy6mIFdAB7yVHiFaPZENwyUImkSJvu8yvrdKqfjwfC4wlUAga7nppVWdMT7_dyk9CFy-ZyipDOvCyca433O5JiEPBLPNs4Lgg%2C%2C.txc7SAJ6HuSSdZer7bn7smOIiUk%2C

Request Chain 56

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKFyzaUwPG-W7CSo1wRsAgc&google_cver=1

Request Chain 57

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWSHxMDfMnaaz6aw9FJwbQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKFyzaUwPG-W7CSo1wRsAgc&google_cver=1

Request Chain 58

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOt3qLdcquG-4Mi6KX1r9F8&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOt3qLdcquG-4Mi6KX1r9F8%26google_cver%3D1

Request Chain 59

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjczMTE5ODAzNTExOTkzMDAyNA%3D%3D

Request Chain 60

https://mc.yandex.com/watch/88487890?wmode=7&page-url=https%3A%2F%2Fpt.jojoy.io%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A20367%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1170%3Acn%3A1%3Adp%3A0%3Als%3A430776541035%3Ahid%3A747484444%3Az%3A60%3Ai%3A20231127131252%3Aet%3A1701087173%3Ac%3A1%3Arn%3A771626331%3Arqn%3A1%3Au%3A170108717339991639%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C17%2C19961%2C434%2C%2C0%2C%2C41%2C0%2C%2C%2C%2C20623%3Aco%3A0%3Acpf%3A1%3Ans%3A1701087151934%3Agi%3AR0ExLjEuMjA3NTM1ODg4NS4xNzAxMDg3MTcy%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1701087173%3At%3AJojoy%20-%20Free%20Download%20MOD%20APK%20Games%20%26%20Apps%20for%20Android&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
https://mc.yandex.com/watch/88487890/1?wmode=7&page-url=https%3A%2F%2Fpt.jojoy.io%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A20367%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1170%3Acn%3A1%3Adp%3A0%3Als%3A430776541035%3Ahid%3A747484444%3Az%3A60%3Ai%3A20231127131252%3Aet%3A1701087173%3Ac%3A1%3Arn%3A771626331%3Arqn%3A1%3Au%3A170108717339991639%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C17%2C19961%2C434%2C%2C0%2C%2C41%2C0%2C%2C%2C%2C20623%3Aco%3A0%3Acpf%3A1%3Ans%3A1701087151934%3Agi%3AR0ExLjEuMjA3NTM1ODg4NS4xNzAxMDg3MTcy%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1701087173%3At%3AJojoy%20-%20Free%20Download%20MOD%20APK%20Games%20%26%20Apps%20for%20Android&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29

Request Chain 94

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKFyzaUwPG-W7CSo1wRsAgc&google_cver=1

Request Chain 95

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWSHxMDfMnaaz6aw9FJwbQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKFyzaUwPG-W7CSo1wRsAgc&google_cver=1

Request Chain 96

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOt3qLdcquG-4Mi6KX1r9F8&google_cver=1

Request Chain 97

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQzNjAxNDA1NjkzOTA1ODM3Mw%3D%3D

Request Chain 111

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

127 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
pt.jojoy.io/ 686 KB
151 KB 20057ms
19961ms Document
text/html 2606:4700:20::681a:2ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.jojoy.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 84d42abffac688d78da37b59281944acc73f799909bfead3d70cdb5983f8ce70

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=14400, s-maxage=14400
cf-cache-status: MISS
cf-ray: 82ca47ac3e9d2c37-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 27 Nov 2023 12:12:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=soJNw5E69jOtWhjAg3iNa%2BiqRLNsUQesZvCXicmS8e%2FHjANgfpKxf147qPaQXKmVChoExbRdT8L1mfd96laYRzQH5%2BHTfOqo90vVKizDKjv7WYSGo72C5pO4Oli4YVcgtkkOO8yNtZJG"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 etpnoauid.min.js Show response
1558334541.rsc.cdn77.org/nfs/20221104/ 159 KB
48 KB 36ms
6ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1558334541.rsc.cdn77.org/nfs/20221104/etpnoauid.min.js
Requested by: Host: pt.jojoy.io
URL: https://pt.jojoy.io/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7fc3a1a7614e68c095ed0511980df26a21427ed1a898ca67023e368365b15c17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 27 Nov 2023 12:12:52 GMT
content-encoding: gzip
x-age-lb: 1015472
x-amz-request-id: VY9B5Z7BW9VEG07C
x-77-cache: HIT
x-accel-date: 1700071700
x-amz-id-2: NG8AeJNsWVONgBwuNsIwtoL/XvQZtHJKRBfdyrYui3JijpJ1grdKOsgGvGJw1nIfScyLIXFe/5c=
x-77-nzt: EQwBnJIhiAH3sH4PAA
x-accel-expires: @1701108500
x-77-age: 1015472
x-cache-lb: HIT
last-modified: Fri, 04 Nov 2022 09:45:46 GMT
server: CDN77-Turbo
etag: W/"9bd9eed7dba29fd058a244c768ce84bf"
x-77-nzt-ray: f6587a1d64702bf8c4876465c8be100e
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
30 KB 153ms
130ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: pt.jojoy.io
URL: https://pt.jojoy.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d51cc26647d74c56e338fdf38628e59e8fadbf326c6f01405f62747e6348a777

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:12:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30332
x-xss-protection: 0
server: cafe
etag: 138 / 19688 / 31079695 / config-hash: 16204867678510254442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 12:12:52 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 156ms
109ms Script
application/javascript 23.37.226.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCUPEBRC77U26HDI23BG&lib=ttq
Requested by: Host: pt.jojoy.io
URL: https://pt.jojoy.io/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.226.99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-37-226-99.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8717067bbb1fe0aac07273b800501d0cfb8f2463db1686e7148379dbb34310bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-akamai-request-id: f80ca750.1e007e3d
date: Mon, 27 Nov 2023 12:12:52 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-37-226-95.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 93,23.37.226.95
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=7, inner; dur=4
content-length: 1876
pragma: no-cache
server: nginx
x-tt-logid: 202311271212524D8E1C99750E12FFF523
x-cache-remote: TCP_MISS from a23-48-100-41.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.48.100.41
x-tt-trace-host: 01071338e576d3120912a2d25762897a4e2ae9e35b996512339ade9456a647bf1691d3e097b2d79bd888f55cb7d36fff59a68d8c20760c6dff009074ed11139007d28fe86dbd602396b1d8e187af19e9ccdbfdd2c7ee64df1cb84c322e55781c4466a89076bb3016ce0af3d051db630a9c
expires: Mon, 27 Nov 2023 12:12:52 GMT

POST
H2 200 web
etpweb.jojoy.io/event/report/ 0
0 644ms
634ms Ping
application/json 2606:4700:20::681a:2ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://etpweb.jojoy.io/event/report/web
Requested by: Host: 1558334541.rsc.cdn77.org
URL: https://1558334541.rsc.cdn77.org/nfs/20221104/etpnoauid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pt.jojoy.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 jojoy-icon.png
pt.jojoy.io/static/img/ 3 KB
3 KB 622ms
622ms Image
image/png 2606:4700:20::681a:2ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.jojoy.io/static/img/jojoy-icon.png
Requested by: Host: pt.jojoy.io
URL: https://pt.jojoy.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9782c9035a30b966ad1bbfbade6f0265fe05c4a3540c3506faa5956f70f814ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:12:52 GMT
cf-cache-status: EXPIRED
last-modified: Tue, 17 Oct 2023 17:23:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"c0b-18b3eaa0238"
x-powered-by: Express
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=19rsNzdEMALB%2F%2F%2ByVMMhx6ZpbARWiDQQ1SyPTj9mRNus8rumEh5PRFXrqITx18iROz1JCLqDi3vHp%2FzoWKwNburiMUfk2SQIFTMUhSfhW75N7qQrn1ZRu7DbzJvlGYMdFHyO96XrXB9e"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, s-maxage=14400
accept-ranges: bytes
cf-ray: 82ca482ad8222c37-FRA
content-length: 3083

GET
H2 200 ic-apicon-trans@3x.png
pt.jojoy.io/static/img/ 1 KB
1 KB 623ms
623ms Image
image/png 2606:4700:20::681a:2ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.jojoy.io/static/img/ic-apicon-trans@3x.png
Requested by: Host: pt.jojoy.io
URL: https://pt.jojoy.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9f677676f89690e84f326fd4ab70c3744eca725181c31c3026df78783a1bc321

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:12:52 GMT
cf-cache-status: EXPIRED
last-modified: Tue, 17 Oct 2023 17:23:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"491-18b3eaa0238"
x-powered-by: Express
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wep1d3cCwktLM%2BljB%2BKm24A%2FYeZun5bigfVpgNCqXvi5uFZBjvQa2EVIEZrz9UGUCICBCl%2FI4j4bDBKectke0ejMImgph7JR%2FvuzSvqasJ%2FFpukKco8qIT7%2BYSDQBpNDlQ%2FVMyNbI2Nw"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, s-maxage=14400
accept-ranges: bytes
cf-ray: 82ca482ad8232c37-FRA
content-length: 1169

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 41ms
20ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: pt.jojoy.io
URL: https://pt.jojoy.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7eeb99e9f0563d79a34bf9d13c260f0552269bbde05b145d331cdf1aae47c25a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.jojoy.io/
Origin: https://pt.jojoy.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 00:27:54 GMT
x-content-type-options: nosniff
age: 301498
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30856
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:56:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 00:27:54 GMT

GET
H2 200 twitter.png
pt.jojoy.io/static/img/shareIcon/ 8 KB
9 KB 626ms
626ms Image
image/png 2606:4700:20::681a:2ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.jojoy.io/static/img/shareIcon/twitter.png
Requested by: Host: pt.jojoy.io
URL: https://pt.jojoy.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 453b46da497d344121f50bd9b9bc4eb0664c1120d36377703fdbe23cb4515985

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:12:52 GMT
cf-cache-status: EXPIRED
last-modified: Tue, 17 Oct 2023 17:23:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2186-18b3eaa0238"
x-powered-by: Express
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pXDP5%2BSFC9EMgANrS0t02KLn58D4O%2Br1OnAp82Qev57GoRen%2FQ%2FG9wv8xbMrBMLjaY7YZF0rhXrYi5BPT6zVFCGH7aXV2OFOPjJQhCGDdaaM8NRb6DyZY2KDQGzmv4EvnJGE0yPiWJNB"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, s-maxage=14400
accept-ranges: bytes
cf-ray: 82ca482ad82f2c37-FRA
content-length: 8582

GET
H2 200 tumblr.svg
pt.jojoy.io/static/img/shareIcon/ 2 KB
1 KB 701ms
700ms Image
image/svg+xml 2606:4700:20::681a:2ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.jojoy.io/static/img/shareIcon/tumblr.svg
Requested by: Host: pt.jojoy.io
URL: https://pt.jojoy.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: cdf98ed996fa74c4ffb6aa06ec2ee40ca17c502a6c1c1fbfb84e1dd9477f972e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:12:52 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 17 Oct 2023 17:23:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"643-18b3eaa0238"
x-powered-by: Express
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KWklQKpbuzDe3oTs1wsPDrvl9C0R7A%2F8zGTtTtotqhbFS0L7YbCEodyyTwVcoqLQB9CUQ%2F66onFYqtJ%2BPEXgHVKfTOMJZAWpgjgi%2F4%2BeYRl5t7grnLZIuAki%2F2SEzdGUjemob2o%2FrfHa"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=14400, s-maxage=14400
cf-ray: 82ca482ad8302c37-FRA

GET
H2 200 reddit.svg
pt.jojoy.io/static/img/shareIcon/ 3 KB
2 KB 699ms
698ms Image
image/svg+xml 2606:4700:20::681a:2ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.jojoy.io/static/img/shareIcon/reddit.svg
Requested by: Host: pt.jojoy.io
URL: https://pt.jojoy.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c4f72fc56e5e0fdc96b0326360d1f279061b37bb56a178a974e5e85b33c64d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:12:52 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 17 Oct 2023 17:23:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"d41-18b3eaa0238"
x-powered-by: Express
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M0eEpJDZWfpzZQdNUMRRxhBOlgpIA%2FGaA7rLFxvV2BhxaMhtPK9j7yvcRPpz9x9YD27A7JPkuiBt6VSmckkJreHXHEB9EO4AdOiZ%2BObbKCMlrCxtpVuNcDcRRrmLTpnAeLS32cFKSar%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=14400, s-maxage=14400
cf-ray: 82ca482ad8312c37-FRA

GET
H2 200 quora.svg
pt.jojoy.io/static/img/shareIcon/ 1 KB
1 KB 621ms
621ms Image
image/svg+xml 2606:4700:20::681a:2ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.jojoy.io/static/img/shareIcon/quora.svg
Requested by: Host: pt.jojoy.io
URL: https://pt.jojoy.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 0ca6c3dc8486c1758db620358bf9c2201b83cf02ec75d40760db17bc7a81bf33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:12:52 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 17 Oct 2023 17:23:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5a1-18b3eaa0238"
x-powered-by: Express
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l3cURmOLhGVReGGFKzJOQANzunmyjafTwHxqopHY3HEsg8m7HZi6yuM6Pu5%2Bn%2BKUOfNxX2GKW5DKtDeonWdLKR4aDy%2FlmWMbDDv6ptq7O8%2Bje6QdXqzt%2FzUhO9CbBUo%2F6pkkcTldoYAn"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=14400, s-maxage=14400
cf-ray: 82ca482ae8322c37-FRA

GET
H2 200 medium.svg
pt.jojoy.io/static/img/shareIcon/ 3 KB
2 KB 700ms
700ms Image
image/svg+xml 2606:4700:20::681a:2ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.jojoy.io/static/img/shareIcon/medium.svg
Requested by: Host: pt.jojoy.io
URL: https://pt.jojoy.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 67acdb19dace362ed13b91b1ba34f35b0f3a73c937262c3cf1cc50218a4b1c81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:12:52 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 17 Oct 2023 17:23:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"c07-18b3eaa0238"
x-powered-by: Express
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AGLoAF%2FgYJAwb1GZKsxS2wyoeRrkOmuxTyj67Pb%2Bcc6DPtjYEsriD7quy1wg%2BBfPqsE6gGc7G3pNfCy34n9ey%2Fzq0Yx4PJkAppAMr4ZugTZ8qoFXiMUHcJ9hqQSORPmFDmU%2FtPxUlWe8"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=14400, s-maxage=14400
cf-ray: 82ca482ae8332c37-FRA

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/ 431 KB
135 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb7ae0f257f7da390f8c60998add4e543e1a56d4d5a22a1a494365b4fb8b5315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 20:54:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55106
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137994
x-xss-protection: 0
server: cafe
etag: 6213585212225905441
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 25 Nov 2024 20:54:26 GMT

GET
H2 200 jojoy-icon-384x216.webp
pt.jojoy.io/static/img/ 2 KB
3 KB 691ms
691ms Image
image/webp 2606:4700:20::681a:2ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.jojoy.io/static/img/jojoy-icon-384x216.webp
Requested by: Host: pt.jojoy.io
URL: https://pt.jojoy.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8a6257cf024c224974a56902c2f2f31f46fcb111cb6e94f1b5f89810f37b51fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:12:53 GMT
cf-cache-status: MISS
last-modified: Tue, 17 Oct 2023 17:23:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"922-18b3eaa0238"
x-powered-by: Express
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pJLv1p3UcIwg%2F4r3L50bZnEAFYF9grC7wI1QZ2UEL6rUl68hvhYJKrCgNkZ6LjUdl89Kg%2FMDTK2OWFihZNkpF6JYAPDoZsc2ERmQEIK63dDshism1eVvmL49OmVDS4RGhGibvTXEEiJU"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=14400, s-maxage=14400
accept-ranges: bytes
cf-ray: 82ca482b68d42c37-FRA
content-length: 2338

GET
H2 200 flags.png
pt.jojoy.io/static/img/ 26 KB
26 KB 647ms
647ms Image
image/png 2606:4700:20::681a:2ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.jojoy.io/static/img/flags.png
Requested by: Host: pt.jojoy.io
URL: https://pt.jojoy.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f9d15757f2a9f00eac64207b3e4042a4c791e8116dcc8e0ab9aa9fdb3a86dab7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:12:53 GMT
cf-cache-status: EXPIRED
last-modified: Tue, 17 Oct 2023 17:23:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6603-18b3eaa0238"
x-powered-by: Express
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0L1eBz8sw4x1QPnJiRbcHLkwub1xX7tQMPb90rDS0jsWrgOYA5ZnadgJofonN4eB8kwzYaUUtViQmRvs5VdtzdCtCSEZTyb%2FBeCSfNtu%2B2u5QSFaFWukBR18f9H0Lvvu4xpcvJlJTLGY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, s-maxage=14400
accept-ranges: bytes
cf-ray: 82ca482b68d82c37-FRA
content-length: 26115

GET
H2 200 doodoo-banner.webp
pt.jojoy.io/static/img/ 23 KB
23 KB 647ms
647ms Image
image/webp 2606:4700:20::681a:2ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.jojoy.io/static/img/doodoo-banner.webp
Requested by: Host: pt.jojoy.io
URL: https://pt.jojoy.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 4991714f172a661f71dc1ebb05fd7b5ac4d4cbe9f0bc41b12a3170165f1745ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:12:53 GMT
cf-cache-status: MISS
last-modified: Tue, 17 Oct 2023 17:23:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5a94-18b3eaa0238"
x-powered-by: Express
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mbK4aXSsKQyymCvdu7QzuerRydhhvgT0q8dfXbKESjQeCymSVzjqqFl5bYFR2l1NGSLN1JpqEaGkil28WJVjZEGEz8GeGppipYGRrZwLEUmMLWBCddTROtQRd1Mmwq1UZJ4KveJw37bW"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=14400, s-maxage=14400
accept-ranges: bytes
cf-ray: 82ca482b78e72c37-FRA
content-length: 23188

GET
H2 200 answerai-banner.webp
pt.jojoy.io/static/img/ 49 KB
49 KB 815ms
815ms Image
image/webp 2606:4700:20::681a:2ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.jojoy.io/static/img/answerai-banner.webp
Requested by: Host: pt.jojoy.io
URL: https://pt.jojoy.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5ffac4e454b21ca0a405b46201669533f46567e18598f0fef746fc04871af41e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:12:53 GMT
cf-cache-status: MISS
last-modified: Tue, 17 Oct 2023 17:23:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"c278-18b3eaa0238"
x-powered-by: Express
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=caTqy6SO9iDw6BsBs3y5F7m9pYH1gUn1qNlEE9uJw9cAC4uIg2ydHmtrhwv6x7j1TLLPHavgAF3jXkkXKnH3PZr8u3K4M4NYc2t3RFv9QGi3JY2mNMYVSH%2FFYXG92Rb1KtC219RiPhw1"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=14400, s-maxage=14400
accept-ranges: bytes
cf-ray: 82ca482b78e92c37-FRA
content-length: 49784

GET
H2 200 img-feature-entry@3x.webp
pt.jojoy.io/static/img/ 286 KB
287 KB 901ms
901ms Image
image/webp 2606:4700:20::681a:2ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.jojoy.io/static/img/img-feature-entry@3x.webp
Requested by: Host: pt.jojoy.io
URL: https://pt.jojoy.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 622bb69f0e0fe89e07361f63f220ee72439711e86297260160335fdaa6e8696d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:12:53 GMT
cf-cache-status: MISS
last-modified: Tue, 17 Oct 2023 17:23:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"478a0-18b3eaa0238"
x-powered-by: Express
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t4taXjeCmARhpL8OmetHe2MvWUw%2F2aazOrq%2F3YzUUHlJ7Tzqz%2FL7tnOifc%2FWG%2FY1gGXVMZcswYKZ8fa5ME%2Bw%2B8NPOtAQgHbRt%2FbDJvgU06QvXiJhDwmjNza%2FpP3h2MckYPGpdpNzUiP0"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=14400, s-maxage=14400
accept-ranges: bytes
cf-ray: 82ca482b88f32c37-FRA
content-length: 293024

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
11 KB 424ms
424ms Fetch
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1516950419750613&correlator=3525226533862605&eid=31079660%2C31079667%2C31079672%2C31079695%2C44780988%2C31079527%2C31079576&output=ldjh&gdfp_req=1&vrg=202311140101&ptt=17&impl=fifs&iu_parts=51912183%3A22790316079%2Cjojoy.io_1216_rt_banner_320x50%2Cjojoy.io_1216_rt_320x50_anchor&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=320x50%2C1x1&ifi=1&sfv=1-0-40&ists=1&fas=0%2C1&sc=1&cookie_enabled=1&abxe=1&dt=1701087172430&lmt=1701087172&adxs=255%2C-9&adys=100%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fpt.jojoy.io%2F&vis=1&psz=1090x50%7C0x-1&msz=1090x50%7C0x-1&fws=0%2C2&ohw=0%2C0&ga_vid=2075358885.1701087172&ga_sid=1701087172&ga_hid=110518018&ga_fc=false&dlt=1701087171993&idt=420&adks=1397100714%2C3691850079&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64dcf1038e4e245582dd4fde1d779a9f74334f21912bd874fa55d95b032f104f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:12:52 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11235
x-xss-protection: 0
google-lineitem-id: -1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pt.jojoy.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 277 KB
85 KB 861ms
861ms Fetch
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1516950419750613&correlator=3525226533862605&eid=31079660%2C31079667%2C31079672%2C31079695%2C44780988%2C31079527%2C31079576&output=ldjh&gdfp_req=1&vrg=202311140101&ptt=17&impl=fifs&iu_parts=51912183%3A22790316079%2Cjojoy.io_1216_rt_banner_300x250%2Cjojoy.io_1216_rt_320x480&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=300x250%2C1x1&ifi=3&sfv=1-0-40&ists=1&fas=0%2C8&sc=1&cookie_enabled=1&abxe=1&dt=1701087172436&lmt=1701087172&adxs=650%2C-9&adys=710%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1&ucis=3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fpt.jojoy.io%2F&vis=1&psz=1600x250%7C0x-1&msz=300x250%7C0x-1&fws=0%2C2&ohw=0%2C0&ga_vid=2075358885.1701087172&ga_sid=1701087172&ga_hid=110518018&ga_fc=false&dlt=1701087171993&idt=420&adks=3261659983%2C2184137140&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e682d27de48f7ab183cf54a2e505bda47f07026656f218c79cdf6682c1332b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87165
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pt.jojoy.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0CB6 6 KB
3 KB 76ms
40ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.jojoy.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:12:52 GMT
expires: Tue, 26 Nov 2024 12:12:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/ 39 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl_page_level_ads.js?cb=31079695

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c33f40ab939ca2d48b1aae408ad1a69c0d758f0d8cccf8fab6d78ec5a8524f54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:36:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2164
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13749
x-xss-protection: 0
server: cafe
etag: 15176684494565588641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 26 Nov 2024 11:36:48 GMT

GET
DATA 200
OK truncated
/ 28 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43745c43ac57a8cb73639d8773eb46fb6401618d55afec5324746e0f93fe8d18

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 265 KB
89 KB 52ms
31ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K1JQDTLMBD

Requested by

Host: pt.jojoy.io
URL: https://pt.jojoy.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c692935b053e4db6e07dc094e894db98d764ce40ce585193a96d8915e85ae932

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:12:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91427
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 27 Nov 2023 12:12:52 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 200 KB
70 KB 217ms
110ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: pt.jojoy.io
URL: https://pt.jojoy.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

c3d606568f389989dd02561ca2b0d20d29eeb477ed633a690a518879748f487a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:12:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Fri, 24 Nov 2023 08:37:03 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "656060af-113c3"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 70595
expires: Mon, 27 Nov 2023 13:12:52 GMT

GET
H/1.1 200
OK 63104 Show response
ou.samogonmarvy.com/1clkn/ 6 B
1 KB 173ms
22ms Script
application/javascript 142.91.159.80
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://ou.samogonmarvy.com/1clkn/63104

Requested by

Host: pt.jojoy.io
URL: https://pt.jojoy.io/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

142.91.159.80 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 12:12:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=1
Server: nginx
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Keep-Alive: timeout=20

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 173 KB
62 KB 41ms
21ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MXZ42NC

Requested by

Host: pt.jojoy.io
URL: https://pt.jojoy.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a4f42e91495ef14885798347a4dc1bccd8598dc51a7404f524f7d6161b327338

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:12:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 63540
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 27 Nov 2023 12:12:52 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 102 B
104 B 56ms
42ms Fetch
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=pt.jojoy.io%2F

Requested by

Host: pt.jojoy.io
URL: https://pt.jojoy.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c151912c5cc34d3bb299ea73b95b532a00d8715e47e32aadd01e688bc9e7dab3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:12:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
x-xss-protection: 0
expires: Mon, 27 Nov 2023 12:12:52 GMT

GET
H2 200 records Show response
api-ad-admin.jojoy.io/ 333 B
523 B 681ms
216ms XHR
application/json 54.207.134.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-ad-admin.jojoy.io/records?app=1
Requested by: Host: pt.jojoy.io
URL: https://pt.jojoy.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.207.134.111 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-207-134-111.sa-east-1.compute.amazonaws.com
Software: /
Resource Hash: 25eb6d5af2bf0bc52762791ec699f0b0465f8ce86b8b167d4889312e1bef6cff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 27 Nov 2023 12:12:53 GMT
cache-control: max-age=7200
access-control-allow-headers: *
content-length: 333
access-control-allow-methods: GET,POST,PUT,DELETE
content-type: application/json; charset=utf-8

GET
H2 200 main.MTdjYzNiZDU2MQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 417 KB
109 KB 9ms
9ms Script
application/javascript 23.37.226.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCUPEBRC77U26HDI23BG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.226.99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-37-226-99.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 899b480c61ba64c81eca25d7e37c963401ce6521586c6f42b20648597f20acbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-akamai-request-id: 1e007e6f
date: Mon, 27 Nov 2023 12:12:52 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20231109073137B297707C3A488AEA0500
vary: Accept-Encoding
x-cache: TCP_HIT from a23-37-226-95.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 017b7a2c5159093af14b0cfec3af5091960a49893817a8590171823b34b023da2fe2bdf94705a19d3899de58cb9ef7aaadf519c91197cf1f5bc90b67450767ba490c56782d8998f378c512e9d588289842f5ec8e4019a1d11de790e5516b2919ef
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=4
content-length: 110621

GET
H2 206 adblock-plus.mp4
pt.jojoy.io/static/video/ 173 KB
173 KB 881ms
881ms Media
video/mp4 2606:4700:20::681a:2ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.jojoy.io/static/video/adblock-plus.mp4
Requested by: Host: pt.jojoy.io
URL: https://pt.jojoy.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 203109034eeb27d4fb79fd6122dfb38f99876683c2dc0b3410462a26a71c037b

Request headers

Referer: https://pt.jojoy.io/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 27 Nov 2023 12:12:53 GMT
cf-cache-status: EXPIRED
last-modified: Tue, 17 Oct 2023 17:23:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2b244-18b3eaa0238"
x-powered-by: Express
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CjC1HS3DZAgSVqteWSdcJw2EnuqKROZRhkjXF3JgBPoffP42MFo0ObfvDRZksxMJJ7Li7%2FIP42TmQIZbsWWfmf8LmmfZ74ScU3T6ucCASeqPNz%2FobZ1%2BNVfxlc193nyFJLVJrfAGUcJu"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
Content-Range: bytes 0-176707/176708
cache-control: public, max-age=14400, s-maxage=14400
cf-ray: 82ca482be96f2c37-FRA
Content-Length: 176708

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 67ms
52ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: pt.jojoy.io
URL: https://pt.jojoy.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://pt.jojoy.io/
Origin: https://pt.jojoy.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:12:52 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 82ca482c0ca8193c-FRA

GET
H2

200

358250275375644672
jojoy-app-files.acelitchi.com/com.kitkagames.fallbuddies/
Redirect Chain

https://jojoy-app-files.ezjojoy.com/com.kitkagames.fallbuddies/358250275375644672
https://jojoy-app-files.acelitchi.com/com.kitkagames.fallbuddies/358250275375644672

43 KB
44 KB

69ms
30ms

Image
image/png

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jojoy-app-files.acelitchi.com/com.kitkagames.fallbuddies/358250275375644672
Requested by: Host: pt.jojoy.io
URL: https://pt.jojoy.io/
Protocol: H2
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0742124a7f846501b44e02130f2d605e9f9142d4373b2d002a73b214b8adeb4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 27 Nov 2023 12:12:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: GGZZNYV000H86D6T
age: 1504029
x-cache: HIT
x-77-cache: HIT
x-age: 926588
alt-svc: h3=":443"; ma=86400
content-length: 43772
x-amz-id-2: I8g15foczYby9rYpwPUyFN9/tockOZDCWsZVEBGmpaoMhtKD33sJ87sklwiK+rznL46EP9hFUFtHlaxwpK1DjA==
x-77-nzt: Abk73BBcydH/fCMOAA
last-modified: Thu, 15 Sep 2022 13:58:48 GMT
server: cloudflare
etag: "e6291f350a789c975a3203fb2bac86ad"
x-77-nzt-ray: 90833930757839ca8e55c663de640817
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ixhND5TUTHeoEeSXjObqniDOmk4%2F9qSu8LWv%2FVGLGIzC5MI55AV6XtDJ%2FqR0HrvvIcNdNuoIhYEaC8boB0Z4qta7XJPqIXpF%2BTJo3takmAcOiDZqPrdEcTUcB9P%2BXwZJjPJ0s%2Bal%2FK%2F8ertool4G%2BYnaZFs0MRGIt9ctOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82ca48305fb5373c-FRA

Redirect headers

location: https://jojoy-app-files.acelitchi.com:443/com.kitkagames.fallbuddies/358250275375644672
date: Mon, 27 Nov 2023 12:12:53 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2

200

icon_de844a.png
cdn.topmongo.com/packages/com.kitkagames.fallbuddies/
Redirect Chain

https://cdn.ezjojoy.com/packages/com.kitkagames.fallbuddies/icon_de844a.png
https://upy.happymod.cool/packages/com.kitkagames.fallbuddies/icon_de844a.png
https://cdn.topmongo.com/packages/com.kitkagames.fallbuddies/icon_de844a.png

53 KB
54 KB

58ms
17ms

Image
image/png

2a02:6ea0:c700::21
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.topmongo.com/packages/com.kitkagames.fallbuddies/icon_de844a.png
Requested by: Host: pt.jojoy.io
URL: https://pt.jojoy.io/
Protocol: H2
Server: 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: de844ab516b84b9d73e284ee9fb5bacdb73992eb959a67c2c0b8412fa3e223f9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 27 Nov 2023 12:12:53 GMT
x-age-lb: 6965
x-amz-request-id: tx000003a50681a008424a0-0065642395-2730a77-prg
x-77-cache: HIT
x-accel-date: 1701080208
content-length: 54726
x-77-nzt: A9RmOLE3Nzf/NRsAANRmOAk3Nzf/+0gAAFm7vKlscqAA
x-accel-expires: @1702098325
x-77-age: 25648
x-cache-lb: HIT
last-modified: Mon, 28 Aug 2023 08:34:41 GMT
server: CDN77-Turbo
etag: "285078620c9503945a98466a7d558d60"
x-77-nzt-ray: 1cb09c0eee503b64c5876465b1d6fd2f
content-type: image/png
x-rgw-object-type: Normal
accept-ranges: bytes

Redirect headers

date: Mon, 27 Nov 2023 12:12:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dudoiLnuzlnNPTabYFdzTgCyCN88SlOBtqNFEwIju2kFX8%2BGbyh2DuN0hpo7EhvVIg3CqF%2F%2FpsWuyWf1NEt0vQXff0ObxlqgkQHHn%2FG2wa0kIgGnyNe94ETyDr9WBJJUexsMuOarE%2BimUeCyD3WLAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://cdn.topmongo.com/packages/com.kitkagames.fallbuddies/icon_de844a.png
x-envoy-upstream-service-time: 2
cf-ray: 82ca48302aa09b88-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/1pHSVWJQklc/ 167 KB
168 KB 62ms
19ms Image
image/jpeg 2a00:1450:4001:82b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/1pHSVWJQklc/maxresdefault.jpg

Requested by

Host: pt.jojoy.io
URL: https://pt.jojoy.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

003984ded3f919033ee5890d542d3fb8c6974709144e83ced22738ad95a4a1d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 10:38:50 GMT
x-content-type-options: nosniff
age: 5642
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 171203
x-xss-protection: 0
server: sffe
etag: "1657529680"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 27 Nov 2023 12:38:50 GMT

GET
H2

200

icon_9a3ca6.png
cdn.topmongo.com/packages/com.kiloo.subwaysurf/
Redirect Chain

https://cdn.ezjojoy.com/packages/com.kiloo.subwaysurf/icon_9a3ca6.png
https://upy.happymod.cool/packages/com.kiloo.subwaysurf/icon_9a3ca6.png
https://cdn.topmongo.com/packages/com.kiloo.subwaysurf/icon_9a3ca6.png

48 KB
48 KB

48ms
6ms

Image
image/png

2a02:6ea0:c700::21
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.topmongo.com/packages/com.kiloo.subwaysurf/icon_9a3ca6.png
Requested by: Host: pt.jojoy.io
URL: https://pt.jojoy.io/
Protocol: H2
Server: 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9a3ca67645c2357a06ff7a6acc2dfe01e2c07de8938c4176fc6e7c057fda77e5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 27 Nov 2023 12:12:53 GMT
x-age-lb: 6748
x-amz-request-id: tx00000e5aab4003d77c5b6-0065642898-2bae485-prg
x-77-cache: HIT
x-accel-date: 1701080425
content-length: 48820
x-77-nzt: A9RmOLE3Nzf/XBoAANRmOAk3Nzf/0UQAAG09Wg4GPP4A
x-accel-expires: @1702099608
x-77-age: 24365
x-cache-lb: HIT
last-modified: Mon, 28 Aug 2023 07:54:30 GMT
server: CDN77-Turbo
etag: "345cb8f9cbe676853f55f33589f5a2df"
x-77-nzt-ray: 1cb09c0eee503b64c5876465769cf02f
content-type: image/png
x-rgw-object-type: Normal
accept-ranges: bytes

Redirect headers

date: Mon, 27 Nov 2023 12:12:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XxHqG00G57ivoNg01tmQGf2UCru%2BhhkYRpoLgDMWJjwobN57gkG3VUjHkXF8r%2FK%2FQAWJ7TV5oOpzX2gJhN480CjxHdlQXxW8U0Cjkx3qtfLb8hnXzFW2TJKEXLPzuTqnjwE73vvyvsXDdF3p8M%2BwmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://cdn.topmongo.com/packages/com.kiloo.subwaysurf/icon_9a3ca6.png
x-envoy-upstream-service-time: 0
cf-ray: 82ca48302aa29b88-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 identify_bb163.js Show response
analytics.tiktok.com/i18n/pixel/static/ 135 KB
36 KB 11ms
11ms Script
application/javascript 23.37.226.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.226.99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-37-226-99.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-akamai-request-id: 1e007e80
date: Mon, 27 Nov 2023 12:12:52 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20231109073151111B4CD2494DDFE40889
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-37-226-95.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0131c97ea717a60ce12e0afbc3a7bdfd84e0febdc4bbf76925d5d2e827ddf526efbe7d128163601627f3d755fceb63a69555dbc2469a99b3d480a2de5af23bb3288cf2446109049910b8b4a19bd31df3c04b28d8d95a3e382fba269ba19f633569
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=1
content-length: 36049

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
789 B 140ms
139ms Ping
text/plain 23.37.226.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.226.99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-37-226-99.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pt.jojoy.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: f80cacb2.1e007e89
date: Mon, 27 Nov 2023 12:12:52 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-37-226-95.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 125,23.37.226.95
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=40, inner; dur=38
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202311271212524D8E1C99750E12FFF53F
x-cache-remote: TCP_MISS from a23-48-100-41.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 41,23.48.100.41
x-tt-trace-host: 01071338e576d3120912a2d25762897a4e2ae9e35b996512339ade9456a647bf1691d3e097b2d79bd888f55cb7d36fff59a68d8c20760c6dff009074ed111390075d6193f52a00024262d5aff0f3dd953a7dc217896249901802b2a8b79cd090c168685cf8a8b0e4c02792a80871408e6b
access-control-allow-headers: Authorization,*
expires: Mon, 27 Nov 2023 12:12:52 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 34ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-K1JQDTLMBD&gtm=45je3b81v880828155z8871123441&_p=1701087172448&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2075358885.1701087172&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701087172&sct=1&seg=0&dl=https%3A%2F%2Fpt.jojoy.io%2F&dt=Jojoy%20-%20Free%20Download%20MOD%20APK%20Games%20%26%20Apps%20for%20Android&en=page_view&_fv=1&_ss=1&tfd=20645
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K1JQDTLMBD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:12:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pt.jojoy.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
67 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-237085958-4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K1JQDTLMBD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

70d57e656b8622fad4061d8844dcc1cd6a2d0c5d692e8ed8b9f11b37969f72f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:12:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 68761
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 27 Nov 2023 12:12:52 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 30ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-K1JQDTLMBD&gtm=45je3b81v880828155&_p=1701087172448&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2075358885.1701087172&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAC&_s=2&sid=1701087172&sct=1&seg=1&dl=https%3A%2F%2Fpt.jojoy.io%2F&dt=Jojoy%20-%20Free%20Download%20MOD%20APK%20Games%20%26%20Apps%20for%20Android&en=page_view&_ee=1&_et=2&tfd=20650
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K1JQDTLMBD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:12:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pt.jojoy.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
79 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-470YMXWLKF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-237085958-4&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8ee2d13c8d7a812c65923e28ae8e7be68e0566d9d158661d542a4905d6c10ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:12:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81005
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 27 Nov 2023 12:12:52 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-237085958-4&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:49:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1394
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 27 Nov 2023 13:49:38 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
203 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=110518018&t=pageview&_s=1&dl=https%3A%2F%2Fpt.jojoy.io%2F&ul=en-us&de=UTF-8&dt=Jojoy%20-%20Free%20Download%20MOD%20APK%20Games%20%26%20Apps%20for%20Android&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1840315005&gjid=1251584030&cid=2075358885.1701087172&tid=UA-237085958-4&_gid=647705961.1701087173&_r=1&gtm=457e3b81z8880828155&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=816969706

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pt.jojoy.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:12:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pt.jojoy.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 14ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-470YMXWLKF&gtm=45je3b81v9119023000&_p=1701087172448&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2075358885.1701087172&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1701087172&sct=1&seg=0&dl=https%3A%2F%2Fpt.jojoy.io%2F&dt=Jojoy%20-%20Free%20Download%20MOD%20APK%20Games%20%26%20Apps%20for%20Android&en=page_view&_fv=1&_ss=1&tfd=20743
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-470YMXWLKF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:12:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pt.jojoy.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10200.pYSe-jSVO0dm-EDV2OpkyfuN3r1s2ic8GUtn3cnOd26nM7_E3pF0yIWyVTPcrI4T.UURQgYY2gpUecWGw9CFeq-CxL_E%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10200.Ya84fAEj8Zb8YxmNBxH1o7dqBLD4oaJPCBreVhZJV58yXFGuD4VC3rGuEQkn47AmoyVsbf-OF-tZTnQoCXeZ699jp5K20_2aejiXqJ0xVI1IgRybS7efWwiQCRCBH7BpTvSNOuX0rc...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10200.Ls3L3d5-MjbRE5--5BL6Yd66vqy3dz2jpJIO7Pbx8_VjC5QY6hv2VFTm6-Nf7kFj73ZpxiNUx9HGnT9TQO5TJ4FxW2n1YRrLILm7OPEEpxdZu...

43 B
582 B

55ms
51ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10200.Ls3L3d5-MjbRE5--5BL6Yd66vqy3dz2jpJIO7Pbx8_VjC5QY6hv2VFTm6-Nf7kFj73ZpxiNUx9HGnT9TQO5TJ4FxW2n1YRrLILm7OPEEpxdZudImcrCXjmy6mIFdAB7yVHiFaPZENwyUImkSJvu8yvrdKqfjwfC4wlUAga7nppVWdMT7_dyk9CFy-ZyipDOvCyca433O5JiEPBLPNs4Lgg%2C%2C.txc7SAJ6HuSSdZer7bn7smOIiUk%2C

Requested by

Host: pt.jojoy.io
URL: https://pt.jojoy.io/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:12:52 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10200.Ls3L3d5-MjbRE5--5BL6Yd66vqy3dz2jpJIO7Pbx8_VjC5QY6hv2VFTm6-Nf7kFj73ZpxiNUx9HGnT9TQO5TJ4FxW2n1YRrLILm7OPEEpxdZudImcrCXjmy6mIFdAB7yVHiFaPZENwyUImkSJvu8yvrdKqfjwfC4wlUAga7nppVWdMT7_dyk9CFy-ZyipDOvCyca433O5JiEPBLPNs4Lgg%2C%2C.txc7SAJ6HuSSdZer7bn7smOIiUk%2C
date: Mon, 27 Nov 2023 12:12:52 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
473 B 101ms
100ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: pt.jojoy.io
URL: https://pt.jojoy.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:12:52 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 24 Nov 2023 08:37:03 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "656060af-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 27 Nov 2023 13:12:52 GMT

GET
H2 200 container.html Show response
4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 406A 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.jojoy.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:12:52 GMT
expires: Tue, 26 Nov 2024 12:12:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D746 624 B
825 B 72ms
46ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhDb4oYCGOLxlIABMAE&v=APEucNXphju-6hvZpVThA_rDQ50XSA_cgv6U_r5g6AlHyBkfZPktU8tXVdFWwuW8Yc6-35Zy8l5qGwu1xqxWczxEkl11kLRGCNVRhNttbZVGVocDvDm_eMQTHArDFh5-ddf2szUzOk1IJagq9NeXUhE4Uk1eL5ObNE8rwnt8WNWANjMPqHijXm0

Requested by

Host: 4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com
URL: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:12:52 GMT
expires: Mon, 27 Nov 2023 12:12:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 406A 89 KB
31 KB 164ms
137ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com
URL: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 12:12:53 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 406A 42 B
401 B 68ms
41ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C8br0XFsBoTd-7lPVZAXnyHIDm5FU7n4HVIRu7Y5SxRCwYYxqqatM17I2XDr7s3G7DjD2g2tmV4kxvGggBTYqWenWEjsS4mCPaR8Y8AbalGuWf_gE

Requested by

Host: 4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com
URL: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:12:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 406A 0
58 B 68ms
42ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=743111323498223214&x=1&ct=77

Requested by

Host: 4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com
URL: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:12:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 406A 25 KB
10 KB 37ms
19ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: 4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com
URL: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:12:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 19894
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nYV204gCybIgPQI1HmRdL5EK8iw2IRGBJXdbKXFjH7VSYUmTVdIt9zxYCae5DK7dtX4d4QzWT9P5L2mXkFiWqH6Aai40hYga03EZAteSvCPsbP%2FR9x23XzL9m9xM25Wv3jgWe%2FI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 82ca482ebe871c9d-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 27 Nov 2023 06:41:18 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 406A 3 KB
1 KB 34ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com
URL: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 09:52:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8438
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 09:52:14 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 406A 20 KB
9 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com
URL: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:17:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 16:17:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 406A 202 KB
64 KB 41ms
16ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com
URL: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Nov 2023 12:12:52 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D746
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKFyzaUwPG-W7CSo1wRsAgc&google_cver=1

43 B
776 B

24ms
24ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKFyzaUwPG-W7CSo1wRsAgc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhDb4oYCGOLxlIABMAE&v=APEucNXphju-6hvZpVThA_rDQ50XSA_cgv6U_r5g6AlHyBkfZPktU8tXVdFWwuW8Yc6-35Zy8l5qGwu1xqxWczxEkl11kLRGCNVRhNttbZVGVocDvDm_eMQTHArDFh5-ddf2szUzOk1IJagq9NeXUhE4Uk1eL5ObNE8rwnt8WNWANjMPqHijXm0
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:12:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ry8ORGXH%2BA4wlvbg4my6yD5sVr3TE5%2BDrJsb9CUGzaq%2B6sTZVRz7SqDjBRoub58I95cMcIWDGPHPINFPrkrsnQUrnJXP%2BopLQ%2FuNHKS%2FLD4lP8Xm8q6uhzXqWxLWNUciH0PQNHlR%2BCpoeA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82ca482f5b422c52-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:12:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKFyzaUwPG-W7CSo1wRsAgc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D746
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWSHxMDfMnaaz6aw9FJwbQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKFyzaUwPG-W7CSo1wRsAgc&google_cver=1

43 B
731 B

21ms
21ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKFyzaUwPG-W7CSo1wRsAgc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhDb4oYCGOLxlIABMAE&v=APEucNXphju-6hvZpVThA_rDQ50XSA_cgv6U_r5g6AlHyBkfZPktU8tXVdFWwuW8Yc6-35Zy8l5qGwu1xqxWczxEkl11kLRGCNVRhNttbZVGVocDvDm_eMQTHArDFh5-ddf2szUzOk1IJagq9NeXUhE4Uk1eL5ObNE8rwnt8WNWANjMPqHijXm0
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:12:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hchm8xkIjVP1%2FOJbjSKGio4PF9vgzR7bR3EdTdjDp9ZUP31%2FLd6bd5ov2NanDvguUCzI0A5KJxitjzwXhtNKVc2V4q2bKBAMai9np6BmzYKSAum5frN65bsOW9uGL4tO9KZWKSgOpm93qw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82ca482f8b792c52-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:12:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKFyzaUwPG-W7CSo1wRsAgc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame D746
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOt3qLdcquG-4Mi6KX1r9F8&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOt3qLdcquG-4Mi6KX1r9F8%26google_cver%3D1

43 B
896 B

13ms
13ms

Image
image/gif

185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOt3qLdcquG-4Mi6KX1r9F8%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhDb4oYCGOLxlIABMAE&v=APEucNXphju-6hvZpVThA_rDQ50XSA_cgv6U_r5g6AlHyBkfZPktU8tXVdFWwuW8Yc6-35Zy8l5qGwu1xqxWczxEkl11kLRGCNVRhNttbZVGVocDvDm_eMQTHArDFh5-ddf2szUzOk1IJagq9NeXUhE4Uk1eL5ObNE8rwnt8WNWANjMPqHijXm0

Protocol

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:12:53 GMT
an-x-request-uuid: b57c0c1b-cf8e-4702-a8b6-1c68904c8a20
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 138.199.38.132; 138.199.38.132; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:12:53 GMT
an-x-request-uuid: 66a2ecad-861e-47e4-8ec6-e8e8e7a5b7fa
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOt3qLdcquG-4Mi6KX1r9F8%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.132; 138.199.38.132; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D746
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjczMTE5ODAzNTExOTkzMDAyNA%3D%3D

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjczMTE5ODAzNTExOTkzMDAyNA%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:12:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:12:53 GMT
an-x-request-uuid: d0f11b40-53b8-48b8-a664-467468512eb7
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjczMTE5ODAzNTExOTkzMDAyNA%3D%3D
x-proxy-origin: 138.199.38.132; 138.199.38.132; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/88487890/
Redirect Chain

https://mc.yandex.com/watch/88487890?wmode=7&page-url=https%3A%2F%2Fpt.jojoy.io%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A20367%3Afu%3A0%3Aen%3Autf-...
https://mc.yandex.com/watch/88487890/1?wmode=7&page-url=https%3A%2F%2Fpt.jojoy.io%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A20367%3Afu%3A0%3Aen%3Aut...

420 B
583 B

54ms
54ms

Fetch
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/88487890/1?wmode=7&page-url=https%3A%2F%2Fpt.jojoy.io%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A20367%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1170%3Acn%3A1%3Adp%3A0%3Als%3A430776541035%3Ahid%3A747484444%3Az%3A60%3Ai%3A20231127131252%3Aet%3A1701087173%3Ac%3A1%3Arn%3A771626331%3Arqn%3A1%3Au%3A170108717339991639%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C17%2C19961%2C434%2C%2C0%2C%2C41%2C0%2C%2C%2C%2C20623%3Aco%3A0%3Acpf%3A1%3Ans%3A1701087151934%3Agi%3AR0ExLjEuMjA3NTM1ODg4NS4xNzAxMDg3MTcy%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1701087173%3At%3AJojoy%20-%20Free%20Download%20MOD%20APK%20Games%20%26%20Apps%20for%20Android&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29

Requested by

Host: pt.jojoy.io
URL: https://pt.jojoy.io/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

f81b64085ef29f399fb168df277b79723b3722d4dd0a31fe262704c334ad7d52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:12:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 27-Nov-2023 12:12:53 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pt.jojoy.io
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 420
x-xss-protection: 1; mode=block
expires: Mon, 27-Nov-2023 12:12:53 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:12:52 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 27-Nov-2023 12:12:52 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/88487890/1?wmode=7&page-url=https%3A%2F%2Fpt.jojoy.io%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A20367%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1170%3Acn%3A1%3Adp%3A0%3Als%3A430776541035%3Ahid%3A747484444%3Az%3A60%3Ai%3A20231127131252%3Aet%3A1701087173%3Ac%3A1%3Arn%3A771626331%3Arqn%3A1%3Au%3A170108717339991639%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C17%2C19961%2C434%2C%2C0%2C%2C41%2C0%2C%2C%2C%2C20623%3Aco%3A0%3Acpf%3A1%3Ans%3A1701087151934%3Agi%3AR0ExLjEuMjA3NTM1ODg4NS4xNzAxMDg3MTcy%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1701087173%3At%3AJojoy%20-%20Free%20Download%20MOD%20APK%20Games%20%26%20Apps%20for%20Android&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
access-control-allow-origin: https://pt.jojoy.io
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 27-Nov-2023 12:12:52 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 406A 0
56 B 41ms
40ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6516985338160&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:12:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 406A 0
56 B 41ms
41ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6516985338160&version=m202309260101&ct=77&x=1&cor=743111323498223200

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:12:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 406A 34 KB
20 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AxYwMCODc-ioLAhi4KrA_RYOJ54Im-0uQPajLkux0KhfyRwozjbGMoG_6fvK-0zd6vwOlbuy30SewCayxB2-BDxa2jDJ3EwoQoZwH1j6aD9N3TgDC0FtQM2dX2xNKioANAU1UyN0kmrhzvHP7MbbiFxqmsD0MujjcI11Ck8SFpvMySCdg&cry=1&dbm_d=AKAmf-CkKlu2xCYsXlBjfG_neKgFDVKKji0lwUNNVO7mMcRsCHqtw7xNaRumhSD_W2hvT_h81V9UuAufPX86WoObG2cWkmXytC4nQtImVwB5mIfceAMaq3WLqzBuF346_-RI0a3ghY03hT7UX2ZNWo-cTGn7OeTknvZAlXwd7rv7xkv67qhx13MJWhtx9J4684jREyHyUo4NZTm53QmIBGH9VX6N5hUrMmGl7nlpDdCrBZ9cBAWGU1zxURTDt8ZoDSsT_0EgUZikGJ8m7w6evTl1sn9OysR7fc-7qbWl9eXFcA4V6_nE5MIz9tidMyBGU5AiRibxDXJobBUmWiJdXBziWKHu9t_H6K-W6J-c2hIQpVf96oH7ovAaAPsUPbxUbXwrloYOCZSOOslfv8QqJP1pjEE93riqn9vc4JjprKjZFcoMEcBj5g2X5bTFUUmXHvRoxRgPCYk1Pqrpb0-D1VUeBvl-WIysjwcPfRHpwOILZ3Rczh9EFmzqLa5WJ4gWOMxJh3-iHoEAvELmy7JnTIDznoKwrpytAJTrfQBbuk99_G5ua6dawGtFLXBx-RaW2COl6cHYIVOvjraECSKlq03Wpyt8_PhffBNYhiXn8QokYN7amsM2Zl6_z4CHQYmPkz5q3s4kp9gcbnSbiUrAVgAk-VLCClqoePpKb3uNQGO85CviD05zBLdUtrNADq__6mwpp0b5bN3-movMDX_wH7xyA2F3e-mZRKAzwsiZabjTTXjUiuDEep4MUa8vGhv_VVFgqMBK-RAOh_KS380kaS2tp9MnRsaFI0H6hZc6Oce5MIlEXpsVA4m9IPrIZt3Rj6fxspSxvVFanuaJVcEVJFtqTx7spmhnIOEcN81gwnF0W6m71NTt3CTYQ-WpYF66z1E7CYud6ITz6UmoGvce5U2yfUKB0P67DSNeXXE9iqvet6SLB89XWAburOUQ3temz11mNHN7qUYAqimudPuGZN2elbJiv_6ZZj9jF51QFtA2K2lS8iSdB93VXXMA1L0MQKtgiQHATG7oeZMdQvYelp7YBepc9Rtm-3BM98YF7Xk1QWvE9n2vdtCuM66BnyV4dsw66aMx1l1CgxMuapvd0QS_lD2GLr3TEMYl9RNqT1fQd7epyxfHeHkh_KjWgoZbsbpEUyMtvS_tZK0DHFT6jIoMoCE0R8YSo2cOh6bpH8MZ1RsAvVnZ2ArA-dxN4fCP3Q1h_vRLH_osFqlZjGI23PBavywRMzKaAETKtwFFhNoPwqXzZbYAOuq11NEzb_mCAs5LTt8UDTgN-e2zTe6F59mvI2OzSTct2GOgLcPDEI1lfYNIBAhOj3uw51bKbLigGoNtnPkQTzfRpMfbgEG5ASu5zHgVxvX3lxdz088d-lUxJjuOuSdA_RRfgnNcdl3v2M9wH3Of8UGddjun25nkIFRJ9Mba_V001wqGaXLUeRn3t3eJaO_EgPhfF7_iuLGQXvH6mrJBDODGniaL24OValU3oPYZb_Qiqvz3xcuyGGpOEmHeUInwfXLGfIczRzfmJ-PGGgYH9o7oi2Kr-bmSBCVwBT0B_gifcDhCPAJF1eVTHD7U3yVH7naQLlf0BjwT7eF_S8FJN7lVjvNzNT08pmOhHwmJ47axGZO5M0ncOwa6W1y9i7QFhWJb_VeEabQ2MWhOgbMYnxTNcBSSUjcA3HMu7XlDmjIVPPp3D7Cjww8WpZvSPA3KY3uONXNZbN9aijvdN4s72VetCORdLnRQ4Z2DfrDyb1E-GtGLEt5P7L4MVXk9orMJung2SeFgIfpPrQ_SOjzdOtpAKSHj5LJbtkDfGFUaYQeK7ILA_3R8JbxzNv88QDrChO24ZNx0XdwEhP1T8nATzkwwB6JqtDzEC91m6ajk6121vcNByf4i36FcJWwH7uGBJqjxG_WCnLCoDmmteHVZ3Df7FJ-w7BgxLrG106YN_9XFoPtnjbtn6mu2aqbYVLws3tv8CyE4_rZzR6LskmMB39N8F437ajFqB-Je_cQkGH38fYEC5ETMdcwJ8Xjanx2olw2CdJCmk3LzAiGy3wQS5lOhQS2uWsHeiIY_SSW2OUB0_oP1MWZ-X903mmr_JwL70_ad-J9FGXbC7bE1ANfEwMVHzrBVLoSgRv6Gloh-ltGktE-CwVJNfPRaPmlUZfeVz4gailOXWZZMUTCG1P1FP-tIES5IDg8eGoiWBuTeCQG3lN8SHO_Ya4VbtBdfyhuT2LWYEboJxd5sIzr_3ZEE0Kn5rhpbhMNjc9ZSRwcS91w7so62InZ-2hM3FqbCKYMefPJDrU9DfGRKTDKJECvVvpr0utJUTWlGvWlqdkd3yFjdrmREWa_dN6aKl4bTokSuskb33JZ2cJHJ9QO5IBrjy4dhQsUpFt6xJjm_uvM5fQE31IGfIi9Qa6FuwXO3PYVouzcWZTZVmbdFh9I78V54AHVGcW4bdMkMv3fGHabjGhjQfjTA6DB5GbktqzP3mRKXf96XKKwnQGY7N9IkSOVFX48iC7im8OyfUOjuFkZV7AZlPZmQ-imsmrMJqiKMLM3PVLd0CWisaDIKDWEfG8C_e2fAk1HUm63Jt5inrLcyFF0MMbslrHHE1QXYhM8Iyd3hyT3v74v9e02ZrGZZ3pttKYLMK_MbotK8y6tgcJ4aPbyTAZ9KPjpQK-TUDTgWKjkuwPk9meuqU_epvz7Dd6ryvUnWiniwuT2_Bu7pcJj9WDxd7XG5wZ0NRd7Tt8U9_NKbvPz-uvfJyujGZnj5uuWrOUDGhxuJcW6SpxgYozbkeypyF2xyf5bWGuAtHw3njvSDRuT6FMDFGJw2d4xZSwLirP4jcVnyLkriaRAiH2V0jJLnJ_tIJweZB8dyklInHdlAr7LbPNMLTBVytZ954YS3w9-xT7EaMj7XalcsAHweQ9KXd1d9qqgqBtAy2867IcMtZ5PrWYEQ2EKjPSQJt5tyhBT80BieWOUEphtSljng0J0EfT1lMZ8f4Fh_YlKUtLTgWw71hBSfVRmOg3QHhR1FBDjcHqr8VOomy8saWhcaLy6y9YMCALWG5dwMD8u9dVxBUhqzGTtL_U84SY-cmnUtafbDVNf1O-zxXwUmOGC_HivnBP-AR8A0vB6YIoAwxbEXEoSy6i3P-ULyatPGHUlDdmjnB9nhYHmUxtr2248wJ5aWvr3SW4AVNIUcLwhq7M4dAvjTGcBWk8cnEaT-S8PNxY95IVO5D2TTcGQpzTIqKF6tNXv4693c_tx03RxNh53EPB1EMipzjYExYM4IHeWhJpl_2G4bXngmd11VkjRJ4qtxdbHO7Ne364_ct_YthaJYn317i-iNmvIjGDf9hYJZ6dI9PNY0NRjaDCpxrBLDedG4-K3rjoxSZfEueoasJCiGkPdGs_Zx3BTAdJbxFx13vUbR7NFbfLBEzC8ros9a1Q6xK5pxv3KamT4JBJKhm-gYKKLZy8rv8SlpBHvfcrPFAcxjoiNJwrlk4ziI1JzFj8gFSv1J2JF2KUU8OFTVliWc2afc1-KB70hBxFz_57EXqd4wSrHK6KzpV52FRJVRtvWPxSDGkvNGu1nPIRJdUUWPRNNCAdTYUamTwu7EVCCCBs-9b5yntr4Nz-Uy0hcPebH3VePjGXe85vzBKIXe3NGN5pn91gtRSWDlYpnda8pG4TLIirevbozraWqbUD3J1BGIvmN1_9dHQEwzUKYywMtdUT5JxzPk-xqq4jakASXXzjunqTvKWJblWlBCpRFc8wb1PyeVakgrQ-wdxk0_Q7Llyd8YpadZwKwrdhKuJo5XYnpnyDcjlaMVMvUSYhbsw2L7QyQjjBSVObQvXixX3zq-La_0dbRK5w-cRDuAZBGzaFNd9gC11jCjd_Ef9_NPuKFBGg5knAv640_1yBpvnKnw8yjAty_isSbJ00kgSQdaP-Kswd8RBp7XGtZiHvhuXVeABOpJSBfDM7jyeayHgN8Dq00&cid=CAQSTgDICaaNn_Lsnu2IA7B-tuH_46DC8P9bhxVI-PlBzrHI0nsckEr4RNaVUDbtqQRwaW0068lGbue3j455xTAmpMFz3kAQAI_X_dfAQnv3_BgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fpt.jojoy.io%2F&ds=l&xdt=1&iif=1&cor=743111323498223200&adk=2228999115&idt=170&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcac0e9300d7e73cdd3c3d305fb34e1a6a28eb84d28453dbf5a208a8aeb9ed00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19899
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 406A 31 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AxYwMCODc-ioLAhi4KrA_RYOJ54Im-0uQPajLkux0KhfyRwozjbGMoG_6fvK-0zd6vwOlbuy30SewCayxB2-BDxa2jDJ3EwoQoZwH1j6aD9N3TgDC0FtQM2dX2xNKioANAU1UyN0kmrhzvHP7MbbiFxqmsD0MujjcI11Ck8SFpvMySCdg&cry=1&dbm_d=AKAmf-CkKlu2xCYsXlBjfG_neKgFDVKKji0lwUNNVO7mMcRsCHqtw7xNaRumhSD_W2hvT_h81V9UuAufPX86WoObG2cWkmXytC4nQtImVwB5mIfceAMaq3WLqzBuF346_-RI0a3ghY03hT7UX2ZNWo-cTGn7OeTknvZAlXwd7rv7xkv67qhx13MJWhtx9J4684jREyHyUo4NZTm53QmIBGH9VX6N5hUrMmGl7nlpDdCrBZ9cBAWGU1zxURTDt8ZoDSsT_0EgUZikGJ8m7w6evTl1sn9OysR7fc-7qbWl9eXFcA4V6_nE5MIz9tidMyBGU5AiRibxDXJobBUmWiJdXBziWKHu9t_H6K-W6J-c2hIQpVf96oH7ovAaAPsUPbxUbXwrloYOCZSOOslfv8QqJP1pjEE93riqn9vc4JjprKjZFcoMEcBj5g2X5bTFUUmXHvRoxRgPCYk1Pqrpb0-D1VUeBvl-WIysjwcPfRHpwOILZ3Rczh9EFmzqLa5WJ4gWOMxJh3-iHoEAvELmy7JnTIDznoKwrpytAJTrfQBbuk99_G5ua6dawGtFLXBx-RaW2COl6cHYIVOvjraECSKlq03Wpyt8_PhffBNYhiXn8QokYN7amsM2Zl6_z4CHQYmPkz5q3s4kp9gcbnSbiUrAVgAk-VLCClqoePpKb3uNQGO85CviD05zBLdUtrNADq__6mwpp0b5bN3-movMDX_wH7xyA2F3e-mZRKAzwsiZabjTTXjUiuDEep4MUa8vGhv_VVFgqMBK-RAOh_KS380kaS2tp9MnRsaFI0H6hZc6Oce5MIlEXpsVA4m9IPrIZt3Rj6fxspSxvVFanuaJVcEVJFtqTx7spmhnIOEcN81gwnF0W6m71NTt3CTYQ-WpYF66z1E7CYud6ITz6UmoGvce5U2yfUKB0P67DSNeXXE9iqvet6SLB89XWAburOUQ3temz11mNHN7qUYAqimudPuGZN2elbJiv_6ZZj9jF51QFtA2K2lS8iSdB93VXXMA1L0MQKtgiQHATG7oeZMdQvYelp7YBepc9Rtm-3BM98YF7Xk1QWvE9n2vdtCuM66BnyV4dsw66aMx1l1CgxMuapvd0QS_lD2GLr3TEMYl9RNqT1fQd7epyxfHeHkh_KjWgoZbsbpEUyMtvS_tZK0DHFT6jIoMoCE0R8YSo2cOh6bpH8MZ1RsAvVnZ2ArA-dxN4fCP3Q1h_vRLH_osFqlZjGI23PBavywRMzKaAETKtwFFhNoPwqXzZbYAOuq11NEzb_mCAs5LTt8UDTgN-e2zTe6F59mvI2OzSTct2GOgLcPDEI1lfYNIBAhOj3uw51bKbLigGoNtnPkQTzfRpMfbgEG5ASu5zHgVxvX3lxdz088d-lUxJjuOuSdA_RRfgnNcdl3v2M9wH3Of8UGddjun25nkIFRJ9Mba_V001wqGaXLUeRn3t3eJaO_EgPhfF7_iuLGQXvH6mrJBDODGniaL24OValU3oPYZb_Qiqvz3xcuyGGpOEmHeUInwfXLGfIczRzfmJ-PGGgYH9o7oi2Kr-bmSBCVwBT0B_gifcDhCPAJF1eVTHD7U3yVH7naQLlf0BjwT7eF_S8FJN7lVjvNzNT08pmOhHwmJ47axGZO5M0ncOwa6W1y9i7QFhWJb_VeEabQ2MWhOgbMYnxTNcBSSUjcA3HMu7XlDmjIVPPp3D7Cjww8WpZvSPA3KY3uONXNZbN9aijvdN4s72VetCORdLnRQ4Z2DfrDyb1E-GtGLEt5P7L4MVXk9orMJung2SeFgIfpPrQ_SOjzdOtpAKSHj5LJbtkDfGFUaYQeK7ILA_3R8JbxzNv88QDrChO24ZNx0XdwEhP1T8nATzkwwB6JqtDzEC91m6ajk6121vcNByf4i36FcJWwH7uGBJqjxG_WCnLCoDmmteHVZ3Df7FJ-w7BgxLrG106YN_9XFoPtnjbtn6mu2aqbYVLws3tv8CyE4_rZzR6LskmMB39N8F437ajFqB-Je_cQkGH38fYEC5ETMdcwJ8Xjanx2olw2CdJCmk3LzAiGy3wQS5lOhQS2uWsHeiIY_SSW2OUB0_oP1MWZ-X903mmr_JwL70_ad-J9FGXbC7bE1ANfEwMVHzrBVLoSgRv6Gloh-ltGktE-CwVJNfPRaPmlUZfeVz4gailOXWZZMUTCG1P1FP-tIES5IDg8eGoiWBuTeCQG3lN8SHO_Ya4VbtBdfyhuT2LWYEboJxd5sIzr_3ZEE0Kn5rhpbhMNjc9ZSRwcS91w7so62InZ-2hM3FqbCKYMefPJDrU9DfGRKTDKJECvVvpr0utJUTWlGvWlqdkd3yFjdrmREWa_dN6aKl4bTokSuskb33JZ2cJHJ9QO5IBrjy4dhQsUpFt6xJjm_uvM5fQE31IGfIi9Qa6FuwXO3PYVouzcWZTZVmbdFh9I78V54AHVGcW4bdMkMv3fGHabjGhjQfjTA6DB5GbktqzP3mRKXf96XKKwnQGY7N9IkSOVFX48iC7im8OyfUOjuFkZV7AZlPZmQ-imsmrMJqiKMLM3PVLd0CWisaDIKDWEfG8C_e2fAk1HUm63Jt5inrLcyFF0MMbslrHHE1QXYhM8Iyd3hyT3v74v9e02ZrGZZ3pttKYLMK_MbotK8y6tgcJ4aPbyTAZ9KPjpQK-TUDTgWKjkuwPk9meuqU_epvz7Dd6ryvUnWiniwuT2_Bu7pcJj9WDxd7XG5wZ0NRd7Tt8U9_NKbvPz-uvfJyujGZnj5uuWrOUDGhxuJcW6SpxgYozbkeypyF2xyf5bWGuAtHw3njvSDRuT6FMDFGJw2d4xZSwLirP4jcVnyLkriaRAiH2V0jJLnJ_tIJweZB8dyklInHdlAr7LbPNMLTBVytZ954YS3w9-xT7EaMj7XalcsAHweQ9KXd1d9qqgqBtAy2867IcMtZ5PrWYEQ2EKjPSQJt5tyhBT80BieWOUEphtSljng0J0EfT1lMZ8f4Fh_YlKUtLTgWw71hBSfVRmOg3QHhR1FBDjcHqr8VOomy8saWhcaLy6y9YMCALWG5dwMD8u9dVxBUhqzGTtL_U84SY-cmnUtafbDVNf1O-zxXwUmOGC_HivnBP-AR8A0vB6YIoAwxbEXEoSy6i3P-ULyatPGHUlDdmjnB9nhYHmUxtr2248wJ5aWvr3SW4AVNIUcLwhq7M4dAvjTGcBWk8cnEaT-S8PNxY95IVO5D2TTcGQpzTIqKF6tNXv4693c_tx03RxNh53EPB1EMipzjYExYM4IHeWhJpl_2G4bXngmd11VkjRJ4qtxdbHO7Ne364_ct_YthaJYn317i-iNmvIjGDf9hYJZ6dI9PNY0NRjaDCpxrBLDedG4-K3rjoxSZfEueoasJCiGkPdGs_Zx3BTAdJbxFx13vUbR7NFbfLBEzC8ros9a1Q6xK5pxv3KamT4JBJKhm-gYKKLZy8rv8SlpBHvfcrPFAcxjoiNJwrlk4ziI1JzFj8gFSv1J2JF2KUU8OFTVliWc2afc1-KB70hBxFz_57EXqd4wSrHK6KzpV52FRJVRtvWPxSDGkvNGu1nPIRJdUUWPRNNCAdTYUamTwu7EVCCCBs-9b5yntr4Nz-Uy0hcPebH3VePjGXe85vzBKIXe3NGN5pn91gtRSWDlYpnda8pG4TLIirevbozraWqbUD3J1BGIvmN1_9dHQEwzUKYywMtdUT5JxzPk-xqq4jakASXXzjunqTvKWJblWlBCpRFc8wb1PyeVakgrQ-wdxk0_Q7Llyd8YpadZwKwrdhKuJo5XYnpnyDcjlaMVMvUSYhbsw2L7QyQjjBSVObQvXixX3zq-La_0dbRK5w-cRDuAZBGzaFNd9gC11jCjd_Ef9_NPuKFBGg5knAv640_1yBpvnKnw8yjAty_isSbJ00kgSQdaP-Kswd8RBp7XGtZiHvhuXVeABOpJSBfDM7jyeayHgN8Dq00&cid=CAQSTgDICaaNn_Lsnu2IA7B-tuH_46DC8P9bhxVI-PlBzrHI0nsckEr4RNaVUDbtqQRwaW0068lGbue3j455xTAmpMFz3kAQAI_X_dfAQnv3_BgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fpt.jojoy.io%2F&ds=l&xdt=1&iif=1&cor=743111323498223200&adk=2228999115&idt=170&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 04:49:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26584
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11874
x-xss-protection: 0
server: cafe
etag: 3876053170955424897
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 04:49:49 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 406A 41 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:17:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 158131
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 16:17:22 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTA4NzE3MzA5MDEzMAogIHNlcnZlcl9pcDogMTc1ODc0MzE0CiAgcHJvY2Vzc19pZDogMjYzNDgxNjE4Mwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5MzI2NDY1...
ad.doubleclick.net/ddm/activity/ Frame 406A 0
850 B 79ms
44ms Image
image/png 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTA4NzE3MzA5MDEzMAogIHNlcnZlcl9pcDogMTc1ODc0MzE0CiAgcHJvY2Vzc19pZDogMjYzNDgxNjE4Mwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5MzI2NDY1CmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9hY2VyLmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAzNTY0MDA1MzQ1MTMzNjk2MjQ0CmRlYnVnX2tleTogNzY5MjYwNDIyNDIwNTE2MTg0NAppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjMtMTEtMjciCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA5MzI2NDY1CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMjc5MDkzNDc1CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MzA1MjQzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDI4NzIxMjk3CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMjY4Nzc3Njk4CiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2FjZXIuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vc29mdHdhcmVodW50ZXIuZGUiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9saXplbnNpby5kZSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo

Requested by

Host: 4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com
URL: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:12:53 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x20948913ef9051bc0000000000000000","13":"0xc4ed38aaef55765c0000000000000000","14":"0xb9378ac99604ff390000000000000000","15":"0x46cbfb6120770b520000000000000000"},"debug_key":"7692604224205161844","debug_reporting":true,"destination":"https://acer.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["9326465"]},"priority":"0","source_event_id":"3564005345133696244"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 406A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a214dfaa2f19ec724170856ad6df2576600b10e7e5633f6c1484781e19cb4a8c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 r62eglto.js
ad4m.at/ Frame 406A 25 KB
10 KB 20ms
20ms Other
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: 4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com
URL: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:12:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 19895
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gJht2EEklDgEf773Bg3wWq5romS%2Fo7LNhT1bHXJwqSUIBN7nyMKM%2BjMBdTif6k0dlUJ%2FAOZC4GAh8iQYdx%2B74oyu4hea6%2FEI4p0NiXzhpY4DzAGlsUrlyYnoV4sQVf2%2FZ7mYY2E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 82ca483058561c9d-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 27 Nov 2023 06:41:18 GMT

GET
H2 200 frame.html Show response
ad4m.at/ Frame 9342 2 KB
1 KB 23ms
23ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a

Request headers

Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1834298
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 82ca4830585f1c9d-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Mon, 27 Nov 2023 12:12:53 GMT
expires: Mon, 06 Nov 2023 07:07:05 GMT
last-modified: Tue, 17 Oct 2023 09:43:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iHD3RiLW1FLlHKEKLFOVtsKK9NC0atzIJ6ST18ElWv6nq5uKoRunyfaCBpR9J2BMUWHVH1pYdpd9246YHD1CGVdnybGfAqFIeZuBvfh7ElNG3yHvFpIwT%2BtJCZQ7CFdjBy6KgkA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame ECB0 38 KB
13 KB 7ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 158082
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 16:18:11 GMT
expires: Sun, 24 Nov 2024 16:18:11 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame ECB0 39 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 09:10:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Nov 2024 09:10:14 GMT

POST
H3 200 rs Show response
ad4m.at/ Frame 406A 2 KB
2 KB 31ms
30ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e74d93756c675c8c2a65e74ba3a04b8b77bb0854ab5611f17ee4457784257cae

Request headers

Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 27 Nov 2023 12:12:53 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aieAG7amh3PuNjyJevbtbjlEc9MwqqYcFUQeJOZ5gBLX5%2FnuUzV7DuXKSmso0xyV8E8z8Niz5eIPp9VlpAHXTepBbOpQoXVniII0cPkr7FD3YjcD4a%2FjUUBQVsZ6c7ZjvTwYPQQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com
access-control-allow-credentials: true
cf-ray: 82ca483118611e51-FRA
x-backend-server: aa-reachservice-group-europe-west1-jgqc
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 43ms
34ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82ca4830d8291e51-FRA
content-length: 24
content-type: text/plain
date: Mon, 27 Nov 2023 12:12:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z0bj%2Fi3T1OZfMjt1BqJji%2F9dvhT4nk7mK2%2BgPXTg8s4PBLdAHNrLIocPNqTHH1px%2FnOLv8jPfAACjMFZiz1qoJNMVsdhhkbjJYJypwgO7JimGux5NhhlHuTxAYk3SGosSw7XA4Q%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-jgqc

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ECB0 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BcETxxYdkZZLABYrC7gO3tbDoCQAAAAA4AeAEAg&bg=!Hh2lHVLNAAZxrfrxUa07ADQBe5WfOJ8WdD5_UPuQfIB1KxmUKsG7QplzpwLy8cj_4Jl_4lG6QVMVZAkvwLARgDjQj39pAgAAAD5SAAAAAWgBBwoAG4ZjTBw5zWh2kPbxE6GGNo5Ip7D8Ten7uFbz05kC-wq4ODU99-yV4f3Ac5MrGdHGi3p7IFTzibZDPSPXeSQE05ScnUAeCtKuIupEh4dkt6Nwfme89HrtHlFoTtofUoyJWoaD5dAjIQbJgFj0y9Eg3OdSxLwFYCs24fCCnB6E9h4-xi8jWxWhDYd1xwfn6ITD6Q_x4SYqZlwJEoP98r_39_4heD5_s_3OotK-2xwepsa1Sg41gjCQg_1Ckb5fbJUDTSCsGJUNGv1iACLiAx4d4Pjw8_AIK02Nj5FRLRzEDOdSFyo_b_1_sGtKI5KDpJ8ykL-jGq4tGq5tEXLVUx9mSQjJ4yZ-iteA4poUCp3d5uApjiOov02L6o-NiVEoGVIOup3IqZPvlzNJLJ_FQeU9P7d-Di-WLliptLBsNlt7Z2tXfS7nZhb7-imxSMV90E0EJiU2mvvO2sunYnn_smWuT0wDw1FQ-nC6zV7roHD5aaFnruvcgF5D60mLPZwjh3DEu7UCmpotlwF8Ljt8z72ibrDUqV7XNBiCtE5n9vjQhylU552ZwrTB8BsSQlJkrN7P0Op6IznZgUgKvjesgMEM67eqhb0g07nkoPeD_PYbxh885UXRy91E35MwGHKj-jaidmYInqK4v2wharhpyF_Fi2t8C2tRnxMwUc_l3n4e92ZwNkixsYOHeXrZz_RDSIbpVvuxyL5cJ_p15KwZso4klPim4-dF5o8H6BHkF-W9LOwKj9GNMzmt8hGL8KsjtUN5OCVL2f-1MJFRdUIQTAE0UpciizDanxIgIeaH_Evmd_mr0ZK_OHB_-hOWcrxV6-csU-PEum3YjO3ubojFGzP7n0igrSTIniRcZAup7OtJvMVWYRucKZkI4czd-XYjcekAvRMa2e0LxQWx9o658jcAY-M_Ee88pQ5OMYp14OjclRm9tZj3QTJn5EoHq4HzbM143SH-atLc180oPq5sIEZ9D00QRSsbizZtD4hGxhgZM6hmTK1V3Fia95_Sayn7H_CRUA6DCgz9VCMOWIvecqeQDnAHk7ltDJmlU4g

Requested by

Host: pt.jojoy.io
URL: https://pt.jojoy.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:12:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C58A 6 KB
3 KB 9ms
8ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.jojoy.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:12:52 GMT
expires: Tue, 26 Nov 2024 12:12:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 74E5 3 KB
3 KB 35ms
35ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=36039&b=xEgtQfEK78Sm8rcPHWtrHQt3WXtJT6TM2uA&f=YxqtrfzXWdsQKWtVH8t3HgC1e2TAT1TXqar&c=320&d=50&e=&g=9fa3d957b6dd57bd688dc4e4f38ee74a%2F16842225229900069245&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=dbmPros&r=1701087173282&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCOY8FxIdkZb3LHeqB1fAP3t2QmAKw7MyzdI6TrvOVDPAuEAEg_7zILGCV4pCCoAegAdyokOUCyAEJqQIHxDQrk1qyPqgDAcgDmwSqBPIBT9AnnSjt06NT0zqEezTJB1jyZaBAQZQ1BsQSfCZWPVrf3ZYOLc3PqWJ3eeLOo_adABdZsHVdj9lBRS1biEItc3jo9UegKHwd-4mqK5EdRzA5kQ0SP5v9ZYtI1ZrV4rtxGVqUh_Gmo6AI8y4bJEAA-GLD3pnQ7uvaJlyNBT-MiRLGqyZROB2FrX48Apfx3jgTxawJKyJxkk4uim9Uf3y1kpBx_sSX2xhhs19OUbpVUp65-ocZdDbbtqjO8QXvuOYwyncms5oTbdM0bpt85JQxsTpICz9940jIBmV3ulGpJQQHn-iyQqlegzbPzuHtx0i2NIvABOr-mfamAuAEA4gF4v2k2AeQBgGgBk2AB4zX75oBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CREXiDRMIkLuWxZPkggMV6kAVCB3eLgQjsBOjwPcU0BMA2BMK2BQB0BUB-BYBgBcB6BcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSTgDICaaNn_Lsnu2IA7B-tuH_46DC8P9bhxVI-PlBzrHI0nsckEr4RNaVUDbtqQRwaW0068lGbue3j455xTAmpMFz3kAQAI_X_dfAQnv3_BgB%2526sig%253DAOD64_2JZPx5L6IvFdkKlHbxkGQvPiNF1Q%2526client%253Dca-pub-1318661272776558%2526dbm_c%253DAKAmf-AJtUn2Ci5UC8uZhBM_xEQerjsN4CytwzJVRNxqLHVZFsy3JVosCJ3LVrlZyFgcgBgs5mWv0EbGS5cF9BWei1hR4qNBPN-3zqSRQGiC5rYohUhoelW30YePR5g1OMBsqx9BaTb4FWij0SW1A59wZQ-5t8R-XX-9xpDi_HhYD0UAXHA2LjQ%2526cry%253D1%2526dbm_d%253DAKAmf-B2k6EF1cx9HEUhk3yTHaAUtUj5gMLFindT-Xe5TrE0WXMKZk2SPB-H1OUGvKIAS5IoDUMpG4Q4SxqjN-ido-Xww2eVqoenoK8SGJ9CjuI3fMeMKiepD6qkyZkBRqFAOZD7Z7rWN2uA05oJirp7NVApwMKf7o93HIc_UqqnDzIdg9p9_V1sZcDjABb7Q2kC3i_lAU0OH2g074zMPvWo1SAsN0WyaXUiXbUTYI1qrXmUX38hezu1l51j3si_1ikwXNDkat4B3X6ksJ4Ij8wtWv3Mu4Z_VZVGc2LtU8bsjWQYgqK-hUxsFsLP44UBZQzE5NTxpNAcXm8lHC8feSFB42kj5Ac61Y4zmS4-N5Bbnk-6AuGoS-VWBwSNO3BqxDbttp6e71pUkNHKuRrg9cd5QBZ_W-3gcw2kwAGAbTdzLEQ3ilTmgQ7rE7niMhTwZAtaDE3EmOWbbfrA5azUonM3MwIbGYpahzGAFHJse1dtgkwBGXC-a87VoXO7fqkC-pUaG7yYI_oipHhXoc2y_RjlEsGlDJMQC-QuG5-q979Q45jl_jmYVF8%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b9d9ea33bdad8831a86723c1ba70dec24d841784792b54bb484878dd4b811e2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 82ca483159731c9d-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:12:53 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1F5B 624 B
245 B 48ms
48ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-JahC708UBGK6v7PsBMAE&v=APEucNUgj4aZvOL26OvSVG0Hg3Fp8JlnV2xZacsfNtjuitMARcCbU3Wv_-CBNWZxghCJVAWYGUOghZfPyGJQcOgWWZpCk02eC58aD9vnVCUeIdanzb94IJ9bvHjO4Dr6Sdr5vevGDALIQ_XyjO_zdFEcGS3K4SUJxrGUoZvBPk3Ie3pYbBXinRs

Requested by

Host: 4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com
URL: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:12:53 GMT
expires: Mon, 27 Nov 2023 12:12:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame C58A 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: pt.jojoy.io
URL: https://pt.jojoy.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 15:58:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 15:58:47 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame C58A 7 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: pt.jojoy.io
URL: https://pt.jojoy.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 14:44:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77289
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 14:44:44 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame C58A 0
0 56ms
54ms Fetch
image/gif 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsudX0Hpfj1TwiYpp5CA-HHuAAsdCCzpZosi-I4diNpR-VwXIBY-l_KWUOdI-ILgpy_KUtExv4nK5CJ1W7DFspDE8tQgHksmI8MpMDlcm7tOqt2EO46X60NfzsQ21QzGpsOi9OE5CEdlOS1vTtKnbyKaJfVkb55xL_5zjzQ9vLkWtrFpozRIEJyx7juMy-5voB3h7igo_20NrP7tkPNygU-_jgjxU1XzuvY_oiDJVc5vsMvt2ArTWE8qStlkL4nnRB7GBm5WiolincM7jpfxHDs-iAGOH-Eq0VHcslScvc8548-R5sQI2kXc4tGO2_b_03HoJav8PdHvK4Hq3PXNQJZZT3gqd3tLPmSNxz82tl4TG94rixHNAv7BSPkm5tCuSC9nzjyF0wfhzbG65Izif-2J8Q9ErgBfGOPhpq6ZeU1DKCiOIvHtDfN1kY0gpNHmIkUWojIygfQ831tGnAjI1XoVLia3kLXzhJFNzmK2DuWMbSwnheBGpkYaRhdWs4_iC7zixna40R_HEC_T9AYNFATqnR_AtO9lteoJYtooro9xzNCSFzL81hRQbSKTstV4HCBMLYfJgMzmDZvTeM2YdhKVLcF9UmmYLlEd_oPHmJW5SQagfMN6d_ljDyG1yrp94GOpZm7V0eWv-ONVn04HK6AvftdC5kRQbLrcO9EzHBR4bf9RVXDMu6Atf4ZvACOfyDSquLW3dxLOd0Sup_-y-tasdkZLNc2H9YT8XGDXAcflg89KflmpAWnPmc_cYfdEtz1dAtJ4Q34b9xGIsPfIKwjmIKzsFEAkzk9k1RS-AA0ewve9OoRDFRJlpQRDV9UwnLrbtEniXYQOts_eXD_aSxrRlz2IRNxKpAAcwNPZUqa-tWRetF8RpFNBe-TyrUsW_jcMky9GS0ykBxluzO-Cxeagery0Gs6LArRYR4y4WiYF_-e3DQAJHqTYIvR_cy1ayCp317bz4ybAttFUp00Ici2Nea9xGnreCbgi4xFrtVznZmDHoLlHZYJqvl1ZQTOU6p-bN6NpIjRJ5HQTglV0JZ0PIp5RdcmVcvKwrjlcj-2jKn0km2MJ8ZQe2sXBVdamZbE8IcAXEekM9t8WCQ-xG08UpSjQ-YM6EEKhJeofg_Wl2tWGBIty92videsLHgz7bCKDQHia2Z9VQrl91eUhbGSNLcCsl1jEgDYUpxm74m_uEvOyZ6kPODcT778iWDiCG265A28CaAUs4hwxDYEGFd7epN-UzLfaf0QhYSbjRJpNKsF1Yrjix0CcLH6lvezRfX6miuRCnxSECi9A6G3TYUNgoeNFlTWTn3irrLiBh4QUwovH8EX5G7jjNBE2qT2vz-_lU3eVXLd3qQ&sai=AMfl-YQyFi3HabIC5IXX8bJsQDgwkmCSX6aTlqMmTBdT8Do-L4yXMbIKvM380v3dXDwjvPkznlhJT9Ra8JThQxKbNfqUt4cHp_BIg4Qyfb3jUqUK4hlySyEG2EP5ETnWFClJVqWcCmwKZyaA5UauQ9g1W4vXl673IXKH4UHh0AkrKJAVDvf39hC_8daF4JeZuxNEiuWrneQsM-8VhgeWu9FEz4QO7I75HJ1clFJTq1mOJZB_5GK0RLP6NWOLwKBaTJzgENABmXjndRwGjt0Btpf7qWodKnTE2vOnAkl64yImSv33GLZQN-draPKCObrvCu2QO0x8A2Bymcust5jNm2umNgeaY0F56WOZkvejNIlF6WwvE0uKwEEJ9HkuNfialBkq5gmSFHosRU_Nlkxc6z5uIuioMwnL6Tg7Pq4qn6CsLmaNCvGSSwD0VOPfVPS7Chyw0AOpd7jIyz18uHgmTQuc2qPSF277QbO2EiqFgvWMSGfsSyb0Tjutuxu7KcGczpV8ZNReUQ&sig=Cg0ArKJSzKLLE8Ups8e6EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly95aWVsZG9wdGltaXplci5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20231109.43022&arae=0&ftch=1&adurl=

Requested by

Host: pt.jojoy.io
URL: https://pt.jojoy.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 27 Nov 2023 12:12:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame C58A 41 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: pt.jojoy.io
URL: https://pt.jojoy.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:17:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 158131
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 16:17:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C58A 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com
URL: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 09:52:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8439
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 09:52:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C58A 20 KB
8 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com
URL: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:17:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 16:17:19 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C58A 42 B
63 B 41ms
40ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CFZoTnj-wppotOSkHO-rBJVlZm1HNSRjif7vzDl-Z_BJe9YXC_koiwMMZqkE0G7L9mTqM3qjZESA4EsFMoaHeYQ4upL9aKXOGexcJISk6kD2hPhZc

Requested by

Host: 4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com
URL: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:12:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 it
ag.yieldoptimizer.com/ag/ Frame C58A 43 B
477 B 44ms
15ms Image
image/gif 130.211.12.42
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.yieldoptimizer.com/ag/it?ac=88183575&n=9&cb=1701087172838929
Requested by: Host: 4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com
URL: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.12.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 42.12.211.130.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:12:53 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-type: image/gif
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C58A 202 KB
64 KB 110ms
109ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com
URL: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:12:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Nov 2023 12:12:53 GMT

GET
H2 200 4402921570838892850
s0.2mdn.net/simgad/ Frame C58A 103 KB
104 KB 30ms
7ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/4402921570838892850

Requested by

Host: 4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com
URL: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34f96019936e8b0ada1c2bf106cc90136fa264fc24c5855d2da5454134029ca1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 19:53:24 GMT
x-content-type-options: nosniff
age: 145169
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105585
x-xss-protection: 0
last-modified: Thu, 26 Oct 2023 09:27:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 24 Nov 2024 19:53:24 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame B6C1 38 KB
13 KB 7ms
7ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 158082
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 16:18:11 GMT
expires: Sun, 24 Nov 2024 16:18:11 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 74E5 115 KB
14 KB 25ms
25ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=36039&b=xEgtQfEK78Sm8rcPHWtrHQt3WXtJT6TM2uA&f=YxqtrfzXWdsQKWtVH8t3HgC1e2TAT1TXqar&c=320&d=50&e=&g=9fa3d957b6dd57bd688dc4e4f38ee74a%2F16842225229900069245&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=dbmPros&r=1701087173282&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCOY8FxIdkZb3LHeqB1fAP3t2QmAKw7MyzdI6TrvOVDPAuEAEg_7zILGCV4pCCoAegAdyokOUCyAEJqQIHxDQrk1qyPqgDAcgDmwSqBPIBT9AnnSjt06NT0zqEezTJB1jyZaBAQZQ1BsQSfCZWPVrf3ZYOLc3PqWJ3eeLOo_adABdZsHVdj9lBRS1biEItc3jo9UegKHwd-4mqK5EdRzA5kQ0SP5v9ZYtI1ZrV4rtxGVqUh_Gmo6AI8y4bJEAA-GLD3pnQ7uvaJlyNBT-MiRLGqyZROB2FrX48Apfx3jgTxawJKyJxkk4uim9Uf3y1kpBx_sSX2xhhs19OUbpVUp65-ocZdDbbtqjO8QXvuOYwyncms5oTbdM0bpt85JQxsTpICz9940jIBmV3ulGpJQQHn-iyQqlegzbPzuHtx0i2NIvABOr-mfamAuAEA4gF4v2k2AeQBgGgBk2AB4zX75oBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CREXiDRMIkLuWxZPkggMV6kAVCB3eLgQjsBOjwPcU0BMA2BMK2BQB0BUB-BYBgBcB6BcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSTgDICaaNn_Lsnu2IA7B-tuH_46DC8P9bhxVI-PlBzrHI0nsckEr4RNaVUDbtqQRwaW0068lGbue3j455xTAmpMFz3kAQAI_X_dfAQnv3_BgB%2526sig%253DAOD64_2JZPx5L6IvFdkKlHbxkGQvPiNF1Q%2526client%253Dca-pub-1318661272776558%2526dbm_c%253DAKAmf-AJtUn2Ci5UC8uZhBM_xEQerjsN4CytwzJVRNxqLHVZFsy3JVosCJ3LVrlZyFgcgBgs5mWv0EbGS5cF9BWei1hR4qNBPN-3zqSRQGiC5rYohUhoelW30YePR5g1OMBsqx9BaTb4FWij0SW1A59wZQ-5t8R-XX-9xpDi_HhYD0UAXHA2LjQ%2526cry%253D1%2526dbm_d%253DAKAmf-B2k6EF1cx9HEUhk3yTHaAUtUj5gMLFindT-Xe5TrE0WXMKZk2SPB-H1OUGvKIAS5IoDUMpG4Q4SxqjN-ido-Xww2eVqoenoK8SGJ9CjuI3fMeMKiepD6qkyZkBRqFAOZD7Z7rWN2uA05oJirp7NVApwMKf7o93HIc_UqqnDzIdg9p9_V1sZcDjABb7Q2kC3i_lAU0OH2g074zMPvWo1SAsN0WyaXUiXbUTYI1qrXmUX38hezu1l51j3si_1ikwXNDkat4B3X6ksJ4Ij8wtWv3Mu4Z_VZVGc2LtU8bsjWQYgqK-hUxsFsLP44UBZQzE5NTxpNAcXm8lHC8feSFB42kj5Ac61Y4zmS4-N5Bbnk-6AuGoS-VWBwSNO3BqxDbttp6e71pUkNHKuRrg9cd5QBZ_W-3gcw2kwAGAbTdzLEQ3ilTmgQ7rE7niMhTwZAtaDE3EmOWbbfrA5azUonM3MwIbGYpahzGAFHJse1dtgkwBGXC-a87VoXO7fqkC-pUaG7yYI_oipHhXoc2y_RjlEsGlDJMQC-QuG5-q979Q45jl_jmYVF8%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=36039&b=xEgtQfEK78Sm8rcPHWtrHQt3WXtJT6TM2uA&f=YxqtrfzXWdsQKWtVH8t3HgC1e2TAT1TXqar&c=320&d=50&e=&g=9fa3d957b6dd57bd688dc4e4f38ee74a%2F16842225229900069245&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=dbmPros&r=1701087173282&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCOY8FxIdkZb3LHeqB1fAP3t2QmAKw7MyzdI6TrvOVDPAuEAEg_7zILGCV4pCCoAegAdyokOUCyAEJqQIHxDQrk1qyPqgDAcgDmwSqBPIBT9AnnSjt06NT0zqEezTJB1jyZaBAQZQ1BsQSfCZWPVrf3ZYOLc3PqWJ3eeLOo_adABdZsHVdj9lBRS1biEItc3jo9UegKHwd-4mqK5EdRzA5kQ0SP5v9ZYtI1ZrV4rtxGVqUh_Gmo6AI8y4bJEAA-GLD3pnQ7uvaJlyNBT-MiRLGqyZROB2FrX48Apfx3jgTxawJKyJxkk4uim9Uf3y1kpBx_sSX2xhhs19OUbpVUp65-ocZdDbbtqjO8QXvuOYwyncms5oTbdM0bpt85JQxsTpICz9940jIBmV3ulGpJQQHn-iyQqlegzbPzuHtx0i2NIvABOr-mfamAuAEA4gF4v2k2AeQBgGgBk2AB4zX75oBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CREXiDRMIkLuWxZPkggMV6kAVCB3eLgQjsBOjwPcU0BMA2BMK2BQB0BUB-BYBgBcB6BcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSTgDICaaNn_Lsnu2IA7B-tuH_46DC8P9bhxVI-PlBzrHI0nsckEr4RNaVUDbtqQRwaW0068lGbue3j455xTAmpMFz3kAQAI_X_dfAQnv3_BgB%2526sig%253DAOD64_2JZPx5L6IvFdkKlHbxkGQvPiNF1Q%2526client%253Dca-pub-1318661272776558%2526dbm_c%253DAKAmf-AJtUn2Ci5UC8uZhBM_xEQerjsN4CytwzJVRNxqLHVZFsy3JVosCJ3LVrlZyFgcgBgs5mWv0EbGS5cF9BWei1hR4qNBPN-3zqSRQGiC5rYohUhoelW30YePR5g1OMBsqx9BaTb4FWij0SW1A59wZQ-5t8R-XX-9xpDi_HhYD0UAXHA2LjQ%2526cry%253D1%2526dbm_d%253DAKAmf-B2k6EF1cx9HEUhk3yTHaAUtUj5gMLFindT-Xe5TrE0WXMKZk2SPB-H1OUGvKIAS5IoDUMpG4Q4SxqjN-ido-Xww2eVqoenoK8SGJ9CjuI3fMeMKiepD6qkyZkBRqFAOZD7Z7rWN2uA05oJirp7NVApwMKf7o93HIc_UqqnDzIdg9p9_V1sZcDjABb7Q2kC3i_lAU0OH2g074zMPvWo1SAsN0WyaXUiXbUTYI1qrXmUX38hezu1l51j3si_1ikwXNDkat4B3X6ksJ4Ij8wtWv3Mu4Z_VZVGc2LtU8bsjWQYgqK-hUxsFsLP44UBZQzE5NTxpNAcXm8lHC8feSFB42kj5Ac61Y4zmS4-N5Bbnk-6AuGoS-VWBwSNO3BqxDbttp6e71pUkNHKuRrg9cd5QBZ_W-3gcw2kwAGAbTdzLEQ3ilTmgQ7rE7niMhTwZAtaDE3EmOWbbfrA5azUonM3MwIbGYpahzGAFHJse1dtgkwBGXC-a87VoXO7fqkC-pUaG7yYI_oipHhXoc2y_RjlEsGlDJMQC-QuG5-q979Q45jl_jmYVF8%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:12:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1834298
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0VzB2FwjN5YfqSf4ip0uCcmgSYayw9IYvIc3HZ3cqBCZMO3U3il3xmlr8cZVyBfQQJWXi%2B08KagzEsvPVo5nEnniVpD8MnzKNumB8qKZacsAX%2F%2BGU9AygLjwfAETxevmD6ExsszuFyg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 82ca48318aeb906c-FRA
expires: Tue, 28 Nov 2023 12:12:53 GMT

GET
H2 200 66CEDD6D55F7A1D0B522AEF6E50AEC117C387EA3B3A03D7292BE077FE545E004F9D27FBF932E19705466557A3EAF48D15F5F3D90B5F080A13569B1F7A5A4732C
assets.ad4m.at/ Frame 74E5 15 KB
15 KB 36ms
36ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/66CEDD6D55F7A1D0B522AEF6E50AEC117C387EA3B3A03D7292BE077FE545E004F9D27FBF932E19705466557A3EAF48D15F5F3D90B5F080A13569B1F7A5A4732C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=36039&b=xEgtQfEK78Sm8rcPHWtrHQt3WXtJT6TM2uA&f=YxqtrfzXWdsQKWtVH8t3HgC1e2TAT1TXqar&c=320&d=50&e=&g=9fa3d957b6dd57bd688dc4e4f38ee74a%2F16842225229900069245&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=dbmPros&r=1701087173282&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCOY8FxIdkZb3LHeqB1fAP3t2QmAKw7MyzdI6TrvOVDPAuEAEg_7zILGCV4pCCoAegAdyokOUCyAEJqQIHxDQrk1qyPqgDAcgDmwSqBPIBT9AnnSjt06NT0zqEezTJB1jyZaBAQZQ1BsQSfCZWPVrf3ZYOLc3PqWJ3eeLOo_adABdZsHVdj9lBRS1biEItc3jo9UegKHwd-4mqK5EdRzA5kQ0SP5v9ZYtI1ZrV4rtxGVqUh_Gmo6AI8y4bJEAA-GLD3pnQ7uvaJlyNBT-MiRLGqyZROB2FrX48Apfx3jgTxawJKyJxkk4uim9Uf3y1kpBx_sSX2xhhs19OUbpVUp65-ocZdDbbtqjO8QXvuOYwyncms5oTbdM0bpt85JQxsTpICz9940jIBmV3ulGpJQQHn-iyQqlegzbPzuHtx0i2NIvABOr-mfamAuAEA4gF4v2k2AeQBgGgBk2AB4zX75oBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CREXiDRMIkLuWxZPkggMV6kAVCB3eLgQjsBOjwPcU0BMA2BMK2BQB0BUB-BYBgBcB6BcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSTgDICaaNn_Lsnu2IA7B-tuH_46DC8P9bhxVI-PlBzrHI0nsckEr4RNaVUDbtqQRwaW0068lGbue3j455xTAmpMFz3kAQAI_X_dfAQnv3_BgB%2526sig%253DAOD64_2JZPx5L6IvFdkKlHbxkGQvPiNF1Q%2526client%253Dca-pub-1318661272776558%2526dbm_c%253DAKAmf-AJtUn2Ci5UC8uZhBM_xEQerjsN4CytwzJVRNxqLHVZFsy3JVosCJ3LVrlZyFgcgBgs5mWv0EbGS5cF9BWei1hR4qNBPN-3zqSRQGiC5rYohUhoelW30YePR5g1OMBsqx9BaTb4FWij0SW1A59wZQ-5t8R-XX-9xpDi_HhYD0UAXHA2LjQ%2526cry%253D1%2526dbm_d%253DAKAmf-B2k6EF1cx9HEUhk3yTHaAUtUj5gMLFindT-Xe5TrE0WXMKZk2SPB-H1OUGvKIAS5IoDUMpG4Q4SxqjN-ido-Xww2eVqoenoK8SGJ9CjuI3fMeMKiepD6qkyZkBRqFAOZD7Z7rWN2uA05oJirp7NVApwMKf7o93HIc_UqqnDzIdg9p9_V1sZcDjABb7Q2kC3i_lAU0OH2g074zMPvWo1SAsN0WyaXUiXbUTYI1qrXmUX38hezu1l51j3si_1ikwXNDkat4B3X6ksJ4Ij8wtWv3Mu4Z_VZVGc2LtU8bsjWQYgqK-hUxsFsLP44UBZQzE5NTxpNAcXm8lHC8feSFB42kj5Ac61Y4zmS4-N5Bbnk-6AuGoS-VWBwSNO3BqxDbttp6e71pUkNHKuRrg9cd5QBZ_W-3gcw2kwAGAbTdzLEQ3ilTmgQ7rE7niMhTwZAtaDE3EmOWbbfrA5azUonM3MwIbGYpahzGAFHJse1dtgkwBGXC-a87VoXO7fqkC-pUaG7yYI_oipHhXoc2y_RjlEsGlDJMQC-QuG5-q979Q45jl_jmYVF8%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e28f2dd1e46699a744ddae119d0b6beeb1d2ff4058c582ae843077cece5fff60

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:12:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8210
cf-polished: origFmt=gif, origSize=30738
alt-svc: h3=":443"; ma=86400
content-length: 14986
cf-bgj: imgq:85,h2pri
last-modified: Mon, 27 Nov 2023 09:55:51 GMT
server: cloudflare
etag: "d0ca4a4ad1fdc6eb313f2cf2848fb47e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ANa6N0NkQPqZdcQokvDsCgoB26Kv%2BnIDSd8eacHvnRfW4nu0b8U3IQS6YpxW%2BALZ%2FAcWleEFez3y8MRsWzGTOTUBnfoz2PD2lTzhO%2F%2Bbxa0VoABUQqIEOnZdTbOu8%2BjEmhJ45cbMGWaQBiSD"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82ca483189cc1c9d-FRA

GET
DATA 200
OK truncated
/ Frame C58A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f05aeaddc044eee89df5eeb59e1d08ff94de876562d68a2ed29ea09ab4efcaa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0D39 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.jojoy.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:12:52 GMT
expires: Tue, 26 Nov 2024 12:12:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame B6C1 39 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 09:10:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Nov 2024 09:10:14 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 1F5B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKFyzaUwPG-W7CSo1wRsAgc&google_cver=1

43 B
735 B

25ms
24ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKFyzaUwPG-W7CSo1wRsAgc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-JahC708UBGK6v7PsBMAE&v=APEucNUgj4aZvOL26OvSVG0Hg3Fp8JlnV2xZacsfNtjuitMARcCbU3Wv_-CBNWZxghCJVAWYGUOghZfPyGJQcOgWWZpCk02eC58aD9vnVCUeIdanzb94IJ9bvHjO4Dr6Sdr5vevGDALIQ_XyjO_zdFEcGS3K4SUJxrGUoZvBPk3Ie3pYbBXinRs
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:12:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2FhdSqQqTjVyl6g2SCkwPf%2FInYsMvoAVKZOefVRSaJ5pS1RZloZEe%2FByEz4piB2M2Zj%2FoP687tP1VvvzFAzU3LDLMfZPjMvpUR2UdE8MPcRpF4yXbidWiKqTVh0W59re6nXPA2LiQBtNjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82ca4831dec52c52-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:12:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKFyzaUwPG-W7CSo1wRsAgc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 1F5B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWSHxMDfMnaaz6aw9FJwbQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKFyzaUwPG-W7CSo1wRsAgc&google_cver=1

43 B
733 B

22ms
22ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKFyzaUwPG-W7CSo1wRsAgc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-JahC708UBGK6v7PsBMAE&v=APEucNUgj4aZvOL26OvSVG0Hg3Fp8JlnV2xZacsfNtjuitMARcCbU3Wv_-CBNWZxghCJVAWYGUOghZfPyGJQcOgWWZpCk02eC58aD9vnVCUeIdanzb94IJ9bvHjO4Dr6Sdr5vevGDALIQ_XyjO_zdFEcGS3K4SUJxrGUoZvBPk3Ie3pYbBXinRs
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:12:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JitGizFMn4NHfp238bKJ12dhSX4vT3N9q%2BYOjXadMP5TeAkkGrPdDbc%2FE6IgVLJgYr8in5Vfvmf6sT833UHyZn%2FIszm%2FcyiqxdU60lnOQzVCxosTrNMUTbsXq5s6XPVhBwAMVY0ncet6tw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82ca48321f262c52-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:12:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKFyzaUwPG-W7CSo1wRsAgc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 1F5B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOt3qLdcquG-4Mi6KX1r9F8&google_cver=1

43 B
847 B

14ms
14ms

Image
image/gif

185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOt3qLdcquG-4Mi6KX1r9F8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-JahC708UBGK6v7PsBMAE&v=APEucNUgj4aZvOL26OvSVG0Hg3Fp8JlnV2xZacsfNtjuitMARcCbU3Wv_-CBNWZxghCJVAWYGUOghZfPyGJQcOgWWZpCk02eC58aD9vnVCUeIdanzb94IJ9bvHjO4Dr6Sdr5vevGDALIQ_XyjO_zdFEcGS3K4SUJxrGUoZvBPk3Ie3pYbBXinRs

Protocol

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:12:53 GMT
an-x-request-uuid: 4cf0656f-5af3-4f96-bbbb-073a88234d5f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.132; 138.199.38.132; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:12:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOt3qLdcquG-4Mi6KX1r9F8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1F5B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQzNjAxNDA1NjkzOTA1ODM3Mw%3D%3D

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQzNjAxNDA1NjkzOTA1ODM3Mw%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:12:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:12:53 GMT
an-x-request-uuid: a81ee2a9-7797-47a9-ab42-76cc94570e62
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQzNjAxNDA1NjkzOTA1ODM3Mw%3D%3D
x-proxy-origin: 138.199.38.132; 138.199.38.132; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 0D39 4 KB
1 KB 38ms
15ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com
URL: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 Nov 2023 12:12:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Nov 2023 12:11:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Nov 2023 12:12:53 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 22A8 14 KB
1 KB 33ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: pt.jojoy.io
URL: https://pt.jojoy.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 Nov 2023 12:12:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Nov 2023 11:15:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Nov 2023 12:12:53 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 22A8 2 KB
822 B 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: pt.jojoy.io
URL: https://pt.jojoy.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 10:09:15 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 22A8 23 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: pt.jojoy.io
URL: https://pt.jojoy.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 10:09:15 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5D0E 143 B
166 B 8ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: pt.jojoy.io
URL: https://pt.jojoy.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3096
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 11:21:17 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 22A8 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: pt.jojoy.io
URL: https://pt.jojoy.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 09:52:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8439
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 09:52:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 22A8 20 KB
8 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: pt.jojoy.io
URL: https://pt.jojoy.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:17:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 16:17:19 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 22A8 202 KB
64 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: pt.jojoy.io
URL: https://pt.jojoy.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:12:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Nov 2023 12:12:53 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 22A8 37 KB
16 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: pt.jojoy.io
URL: https://pt.jojoy.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 10:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 525818
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 19 Feb 2024 10:09:15 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 0D39 21 KB
9 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com
URL: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8781
x-xss-protection: 0
server: cafe
etag: 9666818975682992898
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 10:09:15 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0D39 205 B
520 B 28ms
9ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com
URL: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:42:07 GMT
x-content-type-options: nosniff
age: 534646
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 20 Nov 2024 07:42:07 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0D39 604 B
695 B 29ms
10ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com
URL: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 12:20:23 GMT
x-content-type-options: nosniff
age: 85950
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 25 Nov 2024 12:20:23 GMT

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame C58A 0
0 44ms
44ms Fetch
image/gif 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsudX0Hpfj1TwiYpp5CA-HHuAAsdCCzpZosi-I4diNpR-VwXIBY-l_KWUOdI-ILgpy_KUtExv4nK5CJ1W7DFspDE8tQgHksmI8MpMDlcm7tOqt2EO46X60NfzsQ21QzGpsOi9OE5CEdlOS1vTtKnbyKaJfVkb55xL_5zjzQ9vLkWtrFpozRIEJyx7juMy-5voB3h7igo_20NrP7tkPNygU-_jgjxU1XzuvY_oiDJVc5vsMvt2ArTWE8qStlkL4nnRB7GBm5WiolincM7jpfxHDs-iAGOH-Eq0VHcslScvc8548-R5sQI2kXc4tGO2_b_03HoJav8PdHvK4Hq3PXNQJZZT3gqd3tLPmSNxz82tl4TG94rixHNAv7BSPkm5tCuSC9nzjyF0wfhzbG65Izif-2J8Q9ErgBfGOPhpq6ZeU1DKCiOIvHtDfN1kY0gpNHmIkUWojIygfQ831tGnAjI1XoVLia3kLXzhJFNzmK2DuWMbSwnheBGpkYaRhdWs4_iC7zixna40R_HEC_T9AYNFATqnR_AtO9lteoJYtooro9xzNCSFzL81hRQbSKTstV4HCBMLYfJgMzmDZvTeM2YdhKVLcF9UmmYLlEd_oPHmJW5SQagfMN6d_ljDyG1yrp94GOpZm7V0eWv-ONVn04HK6AvftdC5kRQbLrcO9EzHBR4bf9RVXDMu6Atf4ZvACOfyDSquLW3dxLOd0Sup_-y-tasdkZLNc2H9YT8XGDXAcflg89KflmpAWnPmc_cYfdEtz1dAtJ4Q34b9xGIsPfIKwjmIKzsFEAkzk9k1RS-AA0ewve9OoRDFRJlpQRDV9UwnLrbtEniXYQOts_eXD_aSxrRlz2IRNxKpAAcwNPZUqa-tWRetF8RpFNBe-TyrUsW_jcMky9GS0ykBxluzO-Cxeagery0Gs6LArRYR4y4WiYF_-e3DQAJHqTYIvR_cy1ayCp317bz4ybAttFUp00Ici2Nea9xGnreCbgi4xFrtVznZmDHoLlHZYJqvl1ZQTOU6p-bN6NpIjRJ5HQTglV0JZ0PIp5RdcmVcvKwrjlcj-2jKn0km2MJ8ZQe2sXBVdamZbE8IcAXEekM9t8WCQ-xG08UpSjQ-YM6EEKhJeofg_Wl2tWGBIty92videsLHgz7bCKDQHia2Z9VQrl91eUhbGSNLcCsl1jEgDYUpxm74m_uEvOyZ6kPODcT778iWDiCG265A28CaAUs4hwxDYEGFd7epN-UzLfaf0QhYSbjRJpNKsF1Yrjix0CcLH6lvezRfX6miuRCnxSECi9A6G3TYUNgoeNFlTWTn3irrLiBh4QUwovH8EX5G7jjNBE2qT2vz-_lU3eVXLd3qQ&sai=AMfl-YQyFi3HabIC5IXX8bJsQDgwkmCSX6aTlqMmTBdT8Do-L4yXMbIKvM380v3dXDwjvPkznlhJT9Ra8JThQxKbNfqUt4cHp_BIg4Qyfb3jUqUK4hlySyEG2EP5ETnWFClJVqWcCmwKZyaA5UauQ9g1W4vXl673IXKH4UHh0AkrKJAVDvf39hC_8daF4JeZuxNEiuWrneQsM-8VhgeWu9FEz4QO7I75HJ1clFJTq1mOJZB_5GK0RLP6NWOLwKBaTJzgENABmXjndRwGjt0Btpf7qWodKnTE2vOnAkl64yImSv33GLZQN-draPKCObrvCu2QO0x8A2Bymcust5jNm2umNgeaY0F56WOZkvejNIlF6WwvE0uKwEEJ9HkuNfialBkq5gmSFHosRU_Nlkxc6z5uIuioMwnL6Tg7Pq4qn6CsLmaNCvGSSwD0VOPfVPS7Chyw0AOpd7jIyz18uHgmTQuc2qPSF277QbO2EiqFgvWMSGfsSyb0Tjutuxu7KcGczpV8ZNReUQ&sig=Cg0ArKJSzKLLE8Ups8e6EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly95aWVsZG9wdGltaXplci5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=65&vt=11&dtpt=65&dett=2&cstd=0&cisv=r20231109.43022&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: pt.jojoy.io
URL: https://pt.jojoy.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:12:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5D0E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

16ms
16ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com
URL: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:12:53 GMT
expires: Mon, 27 Nov 2023 12:12:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:12:53 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 web
etpweb.jojoy.io/event/report/ 0
0 169ms
168ms Ping
application/json 2606:4700:20::681a:2ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://etpweb.jojoy.io/event/report/web
Requested by: Host: 1558334541.rsc.cdn77.org
URL: https://1558334541.rsc.cdn77.org/nfs/20221104/etpnoauid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pt.jojoy.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response
pagead2.googlesyndication.com/bg/ Frame 7A04 39 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js

Requested by

Host: pt.jojoy.io
URL: https://pt.jojoy.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:16:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 305796
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15097
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 23:16:17 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B6C1 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BCyewxIdkZZGaM4Kc1fAP_YqhqA0AAAAAOAHgBAI&bg=!R0SlRAvNAAZxrfrxUa07ADQBe5WfOERgZT3IDlarQ1wOnkQJhxZPGfo59XgKuSORm9y2mhqfjUGp9-i97unnw27fZWfmAgAAAFNSAAAABWgBBwoAg8Ts3KFxippZAeypuHlyM2LAh1XKsks4mLftBeMZumjSE1TduUAfj9qwSq9rvOwq2v039lXjEjN2K4ti5B8Ij4nwuYdCUsScflxy1K7fUrOlDXbEafJ6IKHIiq6aqOfIat5uF4amvSz-n0okSiiLjB0A8fZdTOgLZDaNZqObOrXCuJfnmQMBWLTUeI4KhWsjOsblqcM4Difw7J4ceLUvnhPLKtgGD3lDceUf2zEN-KiRrz4V3spunx4PJ-X0Okbj4qZp7eb0FT9E7mLh6xIiUO_uuECViDpNSQcl-esi_bkuk88QrSpXFD1xL7TIMM9JBgvG-2jDsuGkXKjZtQU6EG6iPCLdXB-p6qjt635HPrvV74IBu05BOO7XfNK51pNBia0DKle1MvcUiBP9DSxpR3oVcvngHwwR43XYrPhqhyfLFFUkx8TKgbobVngzN5EE5g59jvJInWwdg-GsEZJ4AVEQbyDva7eGwANbBDzX8qB-FP67jMDB2eFynNx8EZBq2TGGLaCc1f7HtAEzUyqHV_GOZ9V1uHkUprsDJoTTsLgrUL6Y_jM2QHwDsssfKvPKLEvJatGDY8TXPxcHKNH200R8uwRLPOGm7xcNNhDziTZb9gWgVuqAyjRNLU0wiiD0hz2NCTlNdPJH8DK-ss6BZLngCxgMNzq5QdE9fGctas0YrsWMn5OKaWia5IxDQXTY_4vw04frUP1kfFc6-ZYckjtDAtP0UbDPh6AzRpU92-XL0GiuX3szwjVoSblEygxxUqPy4isqheuT9PZbgbr_SoEWHLyh-X3cfajmaBrcWavsOTeuH25DSopqS_p7Ht3r5jqyRntIVGhgGlbI-Ag4Hi5lu3ma3EobYSksJoJxNHHAO1XNW8QGDVgDrpdiBZVI_xeG_zADc46gjY88Ae6OLHf907WxlcilFpYFUGu9sGp1vv6pa7be9CVCpzhXNO7kYc8XNKM0WgR0JRCNFmW1LNZPsugXt0htsomechlpo7nUthuKxjdrJSyxQZGOCyfOqRmlXHxpKIoVwi-tkxK2cZ5ZsYeAJyMpszXC7cZbe-JyZ7C1JHFeW4LqMSysyrneV1VOVCzD41jrALATeBYLdh0qL4B-8Dy1MjCUi-f-MN_q-zSIPhtoRRfDmoYiNnEDKmW8igEKf2my8aWGAlzS0RkmI3gsF4rSX4KWvlvv1nLMz6e-nodZ4w

Requested by

Host: pt.jojoy.io
URL: https://pt.jojoy.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:12:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 89ms
75ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311140101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68c8743169e3d2ef45064e39d74aca1491ec36ef0800ab0b940a89feef505fa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12404
x-xss-protection: 0

POST
H2 204 rum Show response
pt.jojoy.io/cdn-cgi/ 0
140 B 17ms
17ms XHR
text/plain 2606:4700:20::681a:2ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pt.jojoy.io/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:2ee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://pt.jojoy.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: application/json

Response headers

date: Mon, 27 Nov 2023 12:12:53 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://pt.jojoy.io
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 82ca48347c032c37-FRA

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 87ms
87ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:12:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Nov 2023 12:12:53 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3B12 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.jojoy.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5260
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 10:45:14 GMT
expires: Tue, 26 Nov 2024 10:45:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 060F 829 B
999 B 16ms
16ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9bd0c9d2a9afcc364fc41cca66f233c89ef815fc39ab0cd9dff3f161e5c3b04c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3EcQBTfthjF45KAkRKfR7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pt.jojoy.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-3EcQBTfthjF45KAkRKfR7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:12:54 GMT
expires: Mon, 27 Nov 2023 12:12:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 3B12 39 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 09:10:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10960
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Nov 2024 09:10:14 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 060F 0
0 40ms
40ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311140101&jk=1516950419750613&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3B12 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?bhyyLA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:12:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 406A 42 B
64 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssG7mgLhsyiuDlDVTOHlPAN2BWTjILclkwL_n_gKrotQ7xUi2qiuxF31P06PLltt8CxXeh_lilCVChNHbntfnNnbJeh9nmkHgFokdOHShoo2s_q4_XPh9V-hURFiEEDxP6Mcc0DAXRBObFT&sai=AMfl-YTuxk3HauLCEfnF4GUfORz2Mmu8yleQc6rCoh-8Tn71tasPR3m7WGcNRGG7HNvH52jWnTQx9RFTbhAyq8VUM9fgxLH7ZeQ9lBs2h867iiQiaVoNwSrnsZHSZzESq0TTauQZrU5Twez2ibziXg_-&sig=Cg0ArKJSzFXZNKIt_1CvEAE&cid=CAQSTgDICaaNn_Lsnu2IA7B-tuH_46DC8P9bhxVI-PlBzrHI0nsckEr4RNaVUDbtqQRwaW0068lGbue3j455xTAmpMFz3kAQAI_X_dfAQnv3_BgB&id=lidar2&mcvt=1000&p=100,640,150,960&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1397100714&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701087172872&rpt=289&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:12:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 406A 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6516985338160&version=m202309260101&ct=77&x=1&cor=743111323498223200

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:12:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C58A 42 B
64 B 44ms
43ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv8ap_eQLFyXUFX8-hvXYIWZ-yFz5AfjWTOM4246xiko_wDJvQYN59sQvGlLk-8KX-ieLYyWvms1KYZD_RoXXAvRDRh3hMZ4y6D2kwAJYZkeDx9EL7CAiWi_v2bjfRy-oQXV9NlQNtQr4dL&sai=AMfl-YTUK7XS0T29PLtbpBee-i8-Cj0TTOPZvJrowGo6Xu9NF9s6cNKD09a_E5iD8MKax1ZJlqFat5rVCRXxVho_fnfeYYSb-nqplDVFTJKSbb_YqZ9XsQ01yDHmlIOYR9VlTGV8kxO4bGeQf_PgSUuE&sig=Cg0ArKJSzLYvxWMPpC73EAE&cid=CAQSTgDICaaN-YfrokPt1DBmbFRqAEZsbG2cviPOO_sAqV0St_t4JaTYnBH0e4SBgHkxpgn_Gm4EcVSu1h2w2_MITlAB-ZjrdehngnsheBHYThgB&id=lidar2&mcvt=1000&p=709,650,977,950&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=0.93&if=1&vu=1&app=0&itpl=20&adk=3261659983&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701087173319&rpt=170&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:12:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
43ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311140101&jk=1516950419750613&bg=!np2lndLNAAZxrfrxUa07ADQBe5WfON2LRYemfGmJnKXrWsm7Q0jO9KuyNyZdgRGFLPgw_3CZKZCiOeifg0If3gYU5D4GAgAAADpSAAAAAmgBBwoAFOT0JWXPGXpqtTWEMwIaLhSZVfkSmQKvyyFFrHmHRiWZbL3bRqke9hjE8W-NTDuIQWfxHIFnBFq9zoCkRyVoB1fFNhbazwXkN5ucLMgf6nSIncDpdUa7kFCYHFwVuSy68jKYgGASOTsuQPiSzGmKfmopaK68FrSOvAgyyOYOvWx_pTMQzDTWeq5MUvJWXR2MgP_H9Tgh7Qll7HrTVg_q_e2E0BhxlBdxsTAi53LhxUG9pSCuTi5B2sUbzdbdGWgHNDORxHmX6-R30qCNp-12JdLwkhwq-Bh9mHJv6X_HGt8a62IuxePKmsBOqWo4rolZqQkySd2YeUQ429ZeHr6aB_IgJmliOIqjrYQjcvw89YjKPTMT_WyHL7KcknioT3gl3kT4t6RpnJuJ8bSirSDUs5e8zNojz4eG3vU2U-N7MCRcEQ62ZRc5TP4u75j5inDnZvKIEka-ghgA1TLDFW72fjTSVOI0Ny5HOtW39CiPoEMOY7jOady42X01tQMG6IrLPbYYLAR1CL-PrYNiZO0zdJUC-Ntv3wivhEilBL3xdRfL7sEzpf6DK9CpZfuQEgwaJAxK36xK9gBTAfSPApNs0i_Lv-Io3jpDhrBYlpXQsRcfhFQ7zAmzXMusDJjUO8tT6G9vohy8j_P05OVHzxRRXWdKpAtGVheIpsdhMsLh9dFrj2nhdQdE51JIHEG1MFUZ10XxOhpZhSdWpdsB9ZJUeuaRAFVvH7ZCEyEvuQY0pS77H_dz-cQE9Fp4qXPadpGKwhDupeNsDHg15_cv-y8qDACbb_WoHidY5HGKg0ZH1Avji8iW7XhLdz9Qg-GW1dU_sv2uhhllfNgMPqZZ7NfkUTVsP9hYWJd2u0_Gf97WkiPXo9-7wWJkmfF3hgpjLhxA88JTl4y-Q0SVVkVB6OlEwk0zNOOAIkcI45evHTUuSZGnR3GhFWkX
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
792 B 130ms
129ms Ping
text/plain 23.37.226.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.226.99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-37-226-99.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pt.jojoy.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 9ef5196c.1e008461
date: Mon, 27 Nov 2023 12:12:55 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-37-226-95.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 115,23.37.226.95
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=29, inner; dur=26
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231127121255EA1C3CB28E390A0E89F1
x-cache-remote: TCP_MISS from a23-218-223-15.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 30,23.218.223.15
x-tt-trace-host: 01071338e576d3120912a2d25762897a4e2ae9e35b996512339ade9456a647bf1668631491d84323d2a5f54985ac72af1e73f00f71a25db91a75f61cc475c375b8ca4e69a67532be204cf3889d7738f15acbd6f9e0a01c3ccce67d78beb36642786ef7f5b53cbe99ffcd14f0551f3c8776
access-control-allow-headers: Authorization,*
expires: Mon, 27 Nov 2023 12:12:55 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 14ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-K1JQDTLMBD&gtm=45je3b81v880828155z8871123441&_p=1701087172448&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2075358885.1701087172&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1701087172&sct=1&seg=1&dl=https%3A%2F%2Fpt.jojoy.io%2F&dt=Jojoy%20-%20Free%20Download%20MOD%20APK%20Games%20%26%20Apps%20for%20Android&en=browser_type&ep.action=check&ep.category=chrome&_et=1&tfd=25650
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K1JQDTLMBD
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.jojoy.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:12:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pt.jojoy.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.jojoy.io/	1970-01-20 16:32:05	Name: sajssdk_2015_cross_new_user Value: 1
.jojoy.io/	1970-01-21 02:07:27	Name: sensorsdata2015jssdkchannel Value: %7B%22prop%22%3A%7B%22_sa_channel_landing_url%22%3A%22%22%7D%7D
.jojoy.io/	1970-01-21 02:07:27	Name: sensorsdata2015jssdkcross Value: %7B%22audio_id%22%3A%22124.04347527516074%22%2C%22distinct_id%22%3A%2218c10b256a44c8-0eb07efb4b5c378-61325e53-1920000-18c10b256a582f%22%2C%22first_id%22%3A%22%22%2C%22props%22%3A%7B%22%24latest_traffic_source_type%22%3A%22direct%22%2C%22%24latest_search_keyword%22%3A%22%E6%9C%AA%E5%8F%96%E5%88%B0%E5%80%BC_%E7%9B%B4%E6%8E%A5%E6%89%93%E5%BC%80%22%2C%22%24latest_referrer%22%3A%22%22%7D%2C%22identities%22%3A%22eyIkaWRlbnRpdHlfY29va2llX2lkIjoiMThjMTBiMjU2YTQ0YzgtMGViMDdlZmI0YjVjMzc4LTYxMzI1ZTUzLTE5MjAwMDAtMThjMTBiMjU2YTU4MmYifQ%3D%3D%22%2C%22installed_at%22%3A1701087172263%2C%22history_login_id%22%3A%7B%22name%22%3A%22%22%2C%22value%22%3A%22%22%7D%2C%22%24device_id%22%3A%2218c10b256a44c8-0eb07efb4b5c378-61325e53-1920000-18c10b256a582f%22%7D
.tiktok.com/	1970-01-21 01:53:03	Name: _ttp Value: 2Yl59JuykaOPsVOdebwj2U2QNR1
.jojoy.io/	1970-01-21 01:53:03	Name: _tt_enable_cookie Value: 1
.jojoy.io/	1970-01-21 01:53:03	Name: _ttp Value: 4ol_c6_uY37yXqlEKixdtugNckT
.jojoy.io/	1970-01-21 02:07:27	Name: _ga_K1JQDTLMBD Value: GS1.1.1701087172.1.1.1701087172.0.0.0
ou.samogonmarvy.com/	1970-01-20 16:32:53	Name: GL_UI4 Value: eJw9jd1Og0AUhKH8VS3oJDyAj8C2Iu2l8SG8JGfZU4qF3WZZIb69GxO9mi%2BTbzJBEGzKR4RLmiD6ohrPQjaKGz7ulRTi9UCyIXF42XOt%2BHyq6Yi7YW4dyZFdjO08kXWtW2LsetZsh67tjOIcT976a67arDpGIi1plSOZvDHmyKQ168y2jBBrmhjp%2B8Uan8lEn8YiEuLkedCewwobM5dRcY%2FsY9DKD4sdNqIqijTAw20kdzZ2ageVhkh6S4oRvmHbkePe2G9kiuerMzfAjKr9939%2Fo1VUSBUvQ%2BfPjbuw%2FQGUrE67
ou.samogonmarvy.com/	1970-01-20 16:32:53	Name: GL_GI10 Value: eJwVi00KwjAUBpMHVgURPuwBeoJC7caurdqNh3jEKEHyw0sUvL3tZgYGRilF9Q7kEvZdf2q7YWgX9UfoF2i8gEzA%2BmbFc%2FhBC2iamwSsJpuzhTbAVTi8nx8pDfvmzi5AO2xGLmzYJ1DI2J6jpChc5iNVGlTiwvyoFfS3OvwB6tcfbw%3D%3D
.jojoy.io/	1970-01-20 16:32:53	Name: _gid Value: GA1.2.647705961.1701087173
.jojoy.io/	1970-01-20 16:31:27	Name: _gat_gtag_UA_237085958_4 Value: 1
.jojoy.io/	1970-01-21 02:07:27	Name: _ga_470YMXWLKF Value: GS1.1.1701087172.1.0.1701087172.0.0.0
.jojoy.io/	1970-01-21 02:07:27	Name: _ga Value: GA1.1.2075358885.1701087172
.jojoy.io/	1970-01-21 01:17:03	Name: _ym_uid Value: 170108717339991639
.jojoy.io/	1970-01-21 01:17:03	Name: _ym_d Value: 1701087173
.mc.yandex.com/	1970-01-20 16:31:27	Name: sync_cookie_csrf Value: 650339779fake
.yandex.com/	1970-01-21 02:07:27	Name: i Value: flOyyFlm96I71wfy6H31zMo8rNm1gilv9VjSyHgccvMS58phZMyCJjgd+QZ1EA30bykpnh0u7I7gSYzqfHi2/iPuNqM=
.yandex.com/	1970-01-21 01:17:03	Name: yandexuid Value: 1387855081701087172
.jojoy.io/	1970-01-20 16:32:39	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 16:31:27	Name: sync_cookie_csrf Value: 25019111fake
.mc.yandex.com/	1970-01-20 16:32:53	Name: sync_cookie_ok Value: synced
.doubleclick.net/	1970-01-21 01:53:03	Name: IDE Value: AHWqTUlOmG0Zn2swLS9Ro_aR_d2fU2XDeJU4F56a_VpPFV4ap74d2vjB8HuVMH0H
.yandex.ru/	1970-01-21 02:07:27	Name: yandexuid Value: 1387855081701087172
.yandex.ru/	1970-01-21 02:07:27	Name: yuidss Value: 1387855081701087172
.yandex.ru/	1970-01-21 02:07:27	Name: i Value: flOyyFlm96I71wfy6H31zMo8rNm1gilv9VjSyHgccvMS58phZMyCJjgd+QZ1EA30bykpnh0u7I7gSYzqfHi2/iPuNqM=
.yandex.ru/	1970-01-21 02:07:27	Name: yp Value: 1701173572.yu.1861630261701087172
.yandex.ru/	1970-01-21 01:17:03	Name: ymex Value: 1703679172.oyu.1861630261701087172
.casalemedia.com/	1970-01-21 01:17:03	Name: CMID Value: ZWSHxMDfMnaaz6aw9FJwbQAA
.casalemedia.com/	1970-01-20 18:41:03	Name: CMPS Value: 5196
.casalemedia.com/	1970-01-20 18:41:03	Name: CMPRO Value: 5196
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2409605281701087172
.yandex.com/	1970-01-21 01:17:03	Name: yuidss Value: 1387855081701087172
.yandex.com/	1970-01-21 01:17:03	Name: ymex Value: 1732623172.yrts.1701087172
.yandex.com/	1970-01-21 01:17:03	Name: bh Value: KgI/MA==
.adnxs.com/	1970-01-20 18:41:03	Name: uuid2 Value: 3436014056939058373
.jojoy.io/	1970-01-20 16:31:28	Name: _ym_visorc Value: b
.adnxs.com/	1970-01-20 18:41:03	Name: anj Value: dTM7k!M41.D>6NRF']wIg2H`gN(xTm!@wnfH8K6pQK`!5=E<*L5?%Lte772E0.Y<3C1`#Vj))so^kT<?9NzT[Yy)<t%nugO%v4VB%nlj^)btEv
.doubleclick.net/	1970-01-20 20:50:39	Name: APC Value: AfxxVi67HQHidear2Rxb-Vv8E4hd2Q9i5imcwSt7fi3p8UooQpRukA
.doubleclick.net/	1970-01-20 17:14:39	Name: ar_debug Value: 1
.jojoy.io/	1970-01-21 01:53:03	Name: __gads Value: ID=30ec76b0d50746d5:T=1701087172:RT=1701087172:S=ALNI_MbRWUfTVXSNZKt8QRUnpe8tcwD2SA
.jojoy.io/	1970-01-21 01:53:03	Name: __gpi Value: UID=00000ce114a6bf24:T=1701087172:RT=1701087172:S=ALNI_MY8IIQ2qX_ZqWZykpM_rEy73Tf0xA
.yieldoptimizer.com/	1970-01-21 01:17:03	Name: ckid Value: 3017930621751
.yieldoptimizer.com/	1970-01-21 01:17:03	Name: itk Value: xgDO1MDOfVzN4AzM3QzNzQTM4MDM%3DgzN
.doubleclick.net/	1970-01-20 16:31:30	Name: DSID Value: NO_DATA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1558334541.rsc.cdn77.org
4db295b186f3e3482bc1a6407acd7087.safeframe.googlesyndication.com
ad.doubleclick.net
ad4m.at
ag.yieldoptimizer.com
analytics.tiktok.com
api-ad-admin.jojoy.io
as.ad4m.at
assets.ad4m.at
cdn.ezjojoy.com
cdn.topmongo.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
etpweb.jojoy.io
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
ib.adnxs.com
jojoy-app-files.acelitchi.com
jojoy-app-files.ezjojoy.com
mc.yandex.com
mc.yandex.ru
ou.samogonmarvy.com
pagead2.googlesyndication.com
pt.jojoy.io
region1.google-analytics.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.cloudflareinsights.com
tpc.googlesyndication.com
upy.happymod.cool
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.18.36.155
130.211.12.42
142.250.184.198
142.250.186.66
142.91.159.80
185.89.210.20
2001:4860:4802:34::36
23.37.226.99
2606:4700:20::681a:2ee
2606:4700:20::681a:bd1
2606:4700:3036::6815:38b4
2606:4700::6810:3965
2a00:1450:4001:802::2001
2a00:1450:4001:806::2002
2a00:1450:4001:810::2008
2a00:1450:4001:812::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82b::2016
2a00:1450:4001:830::2001
2a00:1450:4001:830::2006
2a00:1450:4001:831::2003
2a02:6b8::1:119
2a02:6ea0:c700::17
2a02:6ea0:c700::21
2a06:98c1:3121::3
54.207.134.111
54.94.186.21
003984ded3f919033ee5890d542d3fb8c6974709144e83ced22738ad95a4a1d8
0742124a7f846501b44e02130f2d605e9f9142d4373b2d002a73b214b8adeb4c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0ca6c3dc8486c1758db620358bf9c2201b83cf02ec75d40760db17bc7a81bf33
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
203109034eeb27d4fb79fd6122dfb38f99876683c2dc0b3410462a26a71c037b
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
25eb6d5af2bf0bc52762791ec699f0b0465f8ce86b8b167d4889312e1bef6cff
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2f05aeaddc044eee89df5eeb59e1d08ff94de876562d68a2ed29ea09ab4efcaa
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34f96019936e8b0ada1c2bf106cc90136fa264fc24c5855d2da5454134029ca1
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43745c43ac57a8cb73639d8773eb46fb6401618d55afec5324746e0f93fe8d18
453b46da497d344121f50bd9b9bc4eb0664c1120d36377703fdbe23cb4515985
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4991714f172a661f71dc1ebb05fd7b5ac4d4cbe9f0bc41b12a3170165f1745ba
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b9d9ea33bdad8831a86723c1ba70dec24d841784792b54bb484878dd4b811e2
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
5ffac4e454b21ca0a405b46201669533f46567e18598f0fef746fc04871af41e
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
622bb69f0e0fe89e07361f63f220ee72439711e86297260160335fdaa6e8696d
64dcf1038e4e245582dd4fde1d779a9f74334f21912bd874fa55d95b032f104f
67acdb19dace362ed13b91b1ba34f35b0f3a73c937262c3cf1cc50218a4b1c81
68c8743169e3d2ef45064e39d74aca1491ec36ef0800ab0b940a89feef505fa5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70d57e656b8622fad4061d8844dcc1cd6a2d0c5d692e8ed8b9f11b37969f72f4
7eeb99e9f0563d79a34bf9d13c260f0552269bbde05b145d331cdf1aae47c25a
7fc3a1a7614e68c095ed0511980df26a21427ed1a898ca67023e368365b15c17
84d42abffac688d78da37b59281944acc73f799909bfead3d70cdb5983f8ce70
8717067bbb1fe0aac07273b800501d0cfb8f2463db1686e7148379dbb34310bb
899b480c61ba64c81eca25d7e37c963401ce6521586c6f42b20648597f20acbd
8a6257cf024c224974a56902c2f2f31f46fcb111cb6e94f1b5f89810f37b51fa
8ee2d13c8d7a812c65923e28ae8e7be68e0566d9d158661d542a4905d6c10ac5
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
9782c9035a30b966ad1bbfbade6f0265fe05c4a3540c3506faa5956f70f814ee
9a3ca67645c2357a06ff7a6acc2dfe01e2c07de8938c4176fc6e7c057fda77e5
9bd0c9d2a9afcc364fc41cca66f233c89ef815fc39ab0cd9dff3f161e5c3b04c
9f677676f89690e84f326fd4ab70c3744eca725181c31c3026df78783a1bc321
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
a214dfaa2f19ec724170856ad6df2576600b10e7e5633f6c1484781e19cb4a8c
a4f42e91495ef14885798347a4dc1bccd8598dc51a7404f524f7d6161b327338
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
c151912c5cc34d3bb299ea73b95b532a00d8715e47e32aadd01e688bc9e7dab3
c33f40ab939ca2d48b1aae408ad1a69c0d758f0d8cccf8fab6d78ec5a8524f54
c3d606568f389989dd02561ca2b0d20d29eeb477ed633a690a518879748f487a
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c4f72fc56e5e0fdc96b0326360d1f279061b37bb56a178a974e5e85b33c64d2a
c692935b053e4db6e07dc094e894db98d764ce40ce585193a96d8915e85ae932
cdf98ed996fa74c4ffb6aa06ec2ee40ca17c502a6c1c1fbfb84e1dd9477f972e
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d0e682d27de48f7ab183cf54a2e505bda47f07026656f218c79cdf6682c1332b
d51cc26647d74c56e338fdf38628e59e8fadbf326c6f01405f62747e6348a777
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de844ab516b84b9d73e284ee9fb5bacdb73992eb959a67c2c0b8412fa3e223f9
e28f2dd1e46699a744ddae119d0b6beeb1d2ff4058c582ae843077cece5fff60
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e74d93756c675c8c2a65e74ba3a04b8b77bb0854ab5611f17ee4457784257cae
ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f81b64085ef29f399fb168df277b79723b3722d4dd0a31fe262704c334ad7d52
f9d15757f2a9f00eac64207b3e4042a4c791e8116dcc8e0ab9aa9fdb3a86dab7
fb7ae0f257f7da390f8c60998add4e543e1a56d4d5a22a1a494365b4fb8b5315
fcac0e9300d7e73cdd3c3d305fb34e1a6a28eb84d28453dbf5a208a8aeb9ed00

pt.jojoy.io Open in urlscan Pro 2606:4700:20::681a:2ee Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

127 Requests

90 %HTTPS

72 %IPv6

25 Domains

37 Subdomains

31 IPs

6 Countries

2593 kBTransfer

5980 kBSize

44 Cookies

24 Outgoing links

Redirected requests

127 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pt.jojoy.io Open in urlscan Pro
2606:4700:20::681a:2ee Public Scan

Screenshot
Live screenshot

Full Image

127
Requests

90 %
HTTPS

72 %
IPv6

25
Domains

37
Subdomains

31
IPs

6
Countries

2593 kB
Transfer

5980 kB
Size

44
Cookies

127 HTTP transactions
3 data transactions