URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Submission: On January 23 via api from IE — Scanned from DE

Summary

This website contacted 64 IPs in 10 countries across 55 domains to perform 395 HTTP transactions. The main IP is 104.196.130.246, located in North Charleston, United States and belongs to GOOGLE, US. The main domain is www.myjoyonline.com. The Cisco Umbrella rank of the primary domain is 242495.
TLS certificate: Issued by R3 on December 14th 2022. Valid for: 3 months.
This is the only time www.myjoyonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 104.196.130.246 15169 (GOOGLE)
4 2606:4700:e2:... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
26 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:223... 16509 (AMAZON-02)
2 18.66.15.115 16509 (AMAZON-02)
6 23.48.1.62 16625 (AKAMAI-AS)
3 13.32.105.95 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
8 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 44.195.176.242 14618 (AMAZON-AES)
1 2a04:4e42:600... 54113 (FASTLY)
4 35.190.38.143 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 23.203.125.156 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 162.19.138.120 16276 (OVH)
1 2001:41d0:701... 16276 (OVH)
1 2600:9000:223... 16509 (AMAZON-02)
2 162.19.138.119 16276 (OVH)
1 108.138.4.150 16509 (AMAZON-02)
12 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:224... 16509 (AMAZON-02)
2 2600:1f18:e8a... 14618 (AMAZON-AES)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
4 70.42.32.31 22075 (AS-OUTBRAIN)
2 146.75.118.132 54113 (FASTLY)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2a02:2638:1::3 44788 (ASN-CRITE...)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
96 2a00:1450:400... 15169 (GOOGLE)
7 14 142.250.180.230 15169 (GOOGLE)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 18.66.97.8 16509 (AMAZON-02)
1 2600:9000:205... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 178.250.2.146 44788 (ASN-CRITE...)
5 2a00:1450:400... 15169 (GOOGLE)
1 34.254.104.103 16509 (AMAZON-02)
15 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
45 2a00:1450:400... 15169 (GOOGLE)
2 35.190.39.111 15169 (GOOGLE)
27 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 35.244.159.8 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
1 64.233.184.154 15169 (GOOGLE)
8 15 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 185.29.134.244 30419 (MEDIAMATH...)
20 142.250.181.226 15169 (GOOGLE)
1 1 151.101.2.49 54113 (FASTLY)
1 1 35.190.0.66 15169 (GOOGLE)
2 2 185.64.189.115 62713 (AS-PUBMATIC)
2 2 172.64.154.237 13335 (CLOUDFLAR...)
2 2 72.251.249.9 32475 (SINGLEHOP...)
4 4 176.34.141.217 16509 (AMAZON-02)
1 2620:116:800d... 16509 (AMAZON-02)
1 52.223.40.198 16509 (AMAZON-02)
1 34.96.105.8 396982 (GOOGLE-CL...)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
2 2 37.157.3.20 198622 (ADFORM)
1 1 23.203.124.21 16625 (AKAMAI-AS)
2 2 37.252.171.85 29990 (ASN-APPNEX)
3 3 3.64.156.82 16509 (AMAZON-02)
2 2 52.30.109.223 16509 (AMAZON-02)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
1 1 2600:9000:211... 16509 (AMAZON-02)
395 64
Apex Domain
Subdomains
Transfer
151 googlesyndication.com
cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 156
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
2 MB
87 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
ad.doubleclick.net — Cisco Umbrella Rank: 192
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
bid.g.doubleclick.net — Cisco Umbrella Rank: 699
cm.g.doubleclick.net — Cisco Umbrella Rank: 216
498 KB
31 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1939
adservice.google.com — Cisco Umbrella Rank: 70
www.google.com — Cisco Umbrella Rank: 2
54 KB
15 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
712 KB
12 myjoyonline.com
www.myjoyonline.com — Cisco Umbrella Rank: 242495
409 KB
10 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 280
gcdn.2mdn.net — Cisco Umbrella Rank: 1170
r1---sn-5hnednsz.c.2mdn.net — Cisco Umbrella Rank: 456385
2 MB
10 gstatic.com
fonts.gstatic.com
csi.gstatic.com
www.gstatic.com
160 KB
10 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1273
widget-pixels.outbrain.com — Cisco Umbrella Rank: 3118
odb.outbrain.com — Cisco Umbrella Rank: 1473
mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 5618
mv.outbrain.com — Cisco Umbrella Rank: 2746
124 KB
9 vuukle.com
cdn.vuukle.com — Cisco Umbrella Rank: 16282
vuukle.com — Cisco Umbrella Rank: 5652
api.vuukle.com — Cisco Umbrella Rank: 29823
publish.vuukle.com — Cisco Umbrella Rank: 19325
279 KB
7 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
imasdk.googleapis.com — Cisco Umbrella Rank: 427
139 KB
6 remixd.com
tags.remixd.com — Cisco Umbrella Rank: 19049
pubcast-files.remixd.com — Cisco Umbrella Rank: 19847
player-files.remixd.com — Cisco Umbrella Rank: 20789
49 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 387
110 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 22
region1.google-analytics.com — Cisco Umbrella Rank: 2439
21 KB
4 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2206
2 KB
4 google.de
adservice.google.de — Cisco Umbrella Rank: 8470
1 KB
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 938
id5-sync.com — Cisco Umbrella Rank: 393
35 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 293
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 492
49 KB
4 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 846
178 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 276
1 KB
3 openx.net
oajs.openx.net — Cisco Umbrella Rank: 2596
google-bidout-d.openx.net — Cisco Umbrella Rank: 2546
717 B
3 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 385
mug.criteo.com — Cisco Umbrella Rank: 2848
7 KB
3 defybrick.com
rock.defybrick.com — Cisco Umbrella Rank: 10023
flint.defybrick.com — Cisco Umbrella Rank: 9627
20 KB
3 outbrainimg.com
tcheck.outbrainimg.com — Cisco Umbrella Rank: 8964
log.outbrainimg.com — Cisco Umbrella Rank: 2382
1 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1447
mab.chartbeat.com — Cisco Umbrella Rank: 2199
25 KB
2 scoota.co
r.scoota.co — Cisco Umbrella Rank: 31885
1 KB
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 413
2 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 590
1 KB
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1442
1 KB
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 595
1 KB
2 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 434
1 KB
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 702
1 KB
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 453
2 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 813
917 B
2 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 6206
360 B
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1039
bcp.crwdcntrl.net — Cisco Umbrella Rank: 904
10 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1365
93 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1057
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1305
640 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 41
119 KB
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 679
443 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 417
714 B
1 media.net
cs.media.net — Cisco Umbrella Rank: 1323
1 KB
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1808
173 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 301
265 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 636
463 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 11998
554 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 554
543 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 357
1 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2788
2 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 5447
2 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 637
13 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2762
8 KB
1 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 3255
625 B
1 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 2561
42 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1202
201 B
0 gemius.pl Failed
googlecm.hit.gemius.pl Failed
395 55
Domain Requested by
96 tpc.googlesyndication.com www.myjoyonline.com
cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
cdn.ampproject.org
imasdk.googleapis.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
45 pagead2.googlesyndication.com securepubads.g.doubleclick.net
cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.myjoyonline.com
www.googletagservices.com
googleads.g.doubleclick.net
26 googleads.g.doubleclick.net cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
26 securepubads.g.doubleclick.net www.myjoyonline.com
cdn.vuukle.com
securepubads.g.doubleclick.net
www.googletagservices.com
cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
20 cm.g.doubleclick.net www.myjoyonline.com
googleads.g.doubleclick.net
15 www.google.com 8 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
15 www.googletagservices.com securepubads.g.doubleclick.net
cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
googleads.g.doubleclick.net
14 ad.doubleclick.net 7 redirects cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
12 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
www.myjoyonline.com
12 www.myjoyonline.com www.myjoyonline.com
10 cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com securepubads.g.doubleclick.net
7 s0.2mdn.net tpc.googlesyndication.com
7 fonts.gstatic.com fonts.googleapis.com
6 cdn.vuukle.com www.myjoyonline.com
cdn.vuukle.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 widgets.outbrain.com www.myjoyonline.com
widgets.outbrain.com
5 fonts.googleapis.com www.myjoyonline.com
securepubads.g.doubleclick.net
cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
googleads.g.doubleclick.net
4 match.360yield.com 4 redirects
4 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
4 adservice.google.de securepubads.g.doubleclick.net
pagead2.googlesyndication.com
4 use.fontawesome.com www.myjoyonline.com
use.fontawesome.com
3 x.bidswitch.net 3 redirects
3 player-files.remixd.com www.myjoyonline.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.myjoyonline.com
3 c.amazon-adsystem.com www.myjoyonline.com
c.amazon-adsystem.com
2 r.scoota.co 2 redirects
2 secure.adnxs.com 2 redirects
2 c1.adform.net 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 ap.lijit.com 2 redirects
2 ssum-sec.casalemedia.com 2 redirects
2 image6.pubmatic.com 2 redirects
2 sync.mathtag.com 2 redirects
2 partner.googleadservices.com pagead2.googlesyndication.com
2 r1---sn-5hnednsz.c.2mdn.net cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
2 csi.gstatic.com imasdk.googleapis.com
2 imasdk.googleapis.com cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
2 esp.rtbhouse.com invstatic101.creativecdn.com
2 oajs.openx.net 1 redirects www.myjoyonline.com
2 gum.criteo.com 1 redirects static.criteo.net
2 mcdp-nydc1.outbrain.com widgets.outbrain.com
2 log.outbrainimg.com widgets.outbrain.com
2 cdn.confiant-integrations.net cdn.vuukle.com
cdn.confiant-integrations.net
2 flint.defybrick.com rock.defybrick.com
www.myjoyonline.com
2 id5-sync.com cdn.id5-sync.com
2 region1.google-analytics.com www.googletagmanager.com
2 cdn.id5-sync.com www.myjoyonline.com
securepubads.g.doubleclick.net
2 tags.remixd.com www.myjoyonline.com
tags.remixd.com
2 static.chartbeat.com www.myjoyonline.com
2 www.googletagmanager.com www.myjoyonline.com
1 s.ad.smaato.net 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 cs.media.net 1 redirects
1 tr.blismedia.com googleads.g.doubleclick.net
1 match.adsrvr.org googleads.g.doubleclick.net
1 cms.quantserve.com googleads.g.doubleclick.net
1 ads.travelaudience.com 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 www.gstatic.com googleads.g.doubleclick.net
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 mug.criteo.com www.myjoyonline.com
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 mv.outbrain.com widgets.outbrain.com
1 odb.outbrain.com widgets.outbrain.com
1 id.a-mx.com cdn.vuukle.com
1 cdn.jwplayer.com tags.remixd.com
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 rock.defybrick.com widgets.outbrain.com
1 lbs.eu-1-id5-sync.com cdn.id5-sync.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 widget-pixels.outbrain.com www.myjoyonline.com
1 tcheck.outbrainimg.com widgets.outbrain.com
1 publish.vuukle.com cdn.vuukle.com
1 api.vuukle.com cdn.vuukle.com
1 vuukle.com cdn.vuukle.com
1 pubcast-files.remixd.com tags.remixd.com
1 mab.chartbeat.com static.chartbeat.com
1 ping.chartbeat.net www.myjoyonline.com
0 googlecm.hit.gemius.pl Failed googleads.g.doubleclick.net
395 87
Subject Issuer Validity Valid
myjoyonline.com
R3
2022-12-14 -
2023-03-14
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-06 -
2023-06-05
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-01-02 -
2023-03-27
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-01-02 -
2023-03-27
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-01-02 -
2023-03-27
3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018
2022-05-06 -
2023-06-03
a year crt.sh
*.remixd.com
Amazon
2022-03-11 -
2023-04-09
a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1
2022-04-03 -
2023-04-04
a year crt.sh
c.amazon-adsystem.com
Amazon
2022-05-09 -
2023-04-18
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-01-02 -
2023-03-27
3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018
2022-12-19 -
2023-12-30
a year crt.sh
pubcast-files.remixd.com
GTS CA 1D4
2022-12-01 -
2023-03-01
3 months crt.sh
*.outbrainimg.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-03-11 -
2023-03-15
a year crt.sh
*.eu-1-id5-sync.com
R3
2022-11-09 -
2023-02-07
3 months crt.sh
rock.defybrick.com
Amazon
2022-05-09 -
2023-06-07
a year crt.sh
*.id5-sync.com
R3
2022-11-09 -
2023-02-07
3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon
2022-06-15 -
2023-06-15
a year crt.sh
*.google.com
GTS CA 1C3
2023-01-02 -
2023-03-27
3 months crt.sh
jwplayer.com
Amazon
2022-11-27 -
2023-12-25
a year crt.sh
*.defybrick.com
ZeroSSL ECC Domain Secure Site CA
2023-01-16 -
2023-04-16
3 months crt.sh
player-files.remixd.com
GTS CA 1D4
2022-12-10 -
2023-03-10
3 months crt.sh
*.confiant-integrations.net
E1
2022-11-24 -
2023-02-22
3 months crt.sh
*.google.de
GTS CA 1C3
2023-01-02 -
2023-03-27
3 months crt.sh
oa.openxcdn.net
GTS CA 1D4
2022-12-02 -
2023-03-02
3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-13 -
2023-04-15
3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-04 -
2023-03-31
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-01-02 -
2023-03-27
3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4
2022-12-30 -
2023-03-30
3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2022-05-01 -
2023-06-02
a year crt.sh
cdn.prod.uidapi.com
R3
2022-11-29 -
2023-02-27
3 months crt.sh
misc-sni.google.com
GTS CA 1C3
2023-01-02 -
2023-03-27
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-01-02 -
2023-03-27
3 months crt.sh
esp.rtbhouse.com
GTS CA 1D4
2023-01-21 -
2023-04-21
3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
*.googleadservices.com
GTS CA 1C3
2023-01-02 -
2023-03-27
3 months crt.sh
*.c.docs.google.com
GTS CA 1C3
2023-01-03 -
2023-03-14
2 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-09 -
2023-09-09
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
tr.blismedia.com
GTS CA 1D4
2022-12-14 -
2023-03-14
3 months crt.sh

This page contains 57 frames:

Primary Page: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Frame ID: 377D2FF04BB28405D7B89C72C50EC467
Requests: 108 HTTP requests in this frame

Frame: https://cdn.vuukle.com/widgets/sharebar.html?version=2.17.9
Frame ID: 6A91D8E5BA2ADBDFD942FBC9AE4D19A2
Requests: 1 HTTP requests in this frame

Frame: https://cdn.jwplayer.com/libraries/FUtg69tL.js
Frame ID: 402C8033486B31A7D8C9EE028E0AF4E9
Requests: 7 HTTP requests in this frame

Frame: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C30370967E945F2AF79F13A0E6E76EE4
Requests: 1 HTTP requests in this frame

Frame: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2E6EF3A847D8031ED0D03DE5F8AB4D83
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.myjoyonline.com
Frame ID: 667D8D4BD773469E8C12D9F48C975709
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/index.html
Frame ID: 5E9748EE9B719BAE61607857F534B685
Requests: 23 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012301041800000/amp4ads-v0.mjs
Frame ID: 1C49FEBCAC227621CEA6BABA1B62F562
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite_fy2021.js
Frame ID: E4D5402190B41687DA1D9EA2E88DCCCE
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite_fy2021.js
Frame ID: D2ABE3F3DBD0DFD555DBC447A1FBB443
Requests: 8 HTTP requests in this frame

Frame: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9ACB577291E108F0E466E0827AF4ED39
Requests: 13 HTTP requests in this frame

Frame: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 273079ED92FE8F149592CC9B9A12BBF7
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2500680891621702
Frame ID: B35C720239DAFB3EE0DB1813BF6AD2DD
Requests: 13 HTTP requests in this frame

Frame: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F9A90E195D82E1C82476981785950C72
Requests: 8 HTTP requests in this frame

Frame: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 566D9DE104C3E63B36E5172FE771357F
Requests: 8 HTTP requests in this frame

Frame: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B34DDC86D210D1F8732E71C9D7231285
Requests: 8 HTTP requests in this frame

Frame: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E3769DE5E4A7962A6577F61135EF4F4C
Requests: 8 HTTP requests in this frame

Frame: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C06F0A3722BD346575E4DF8E91518992
Requests: 8 HTTP requests in this frame

Frame: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 12C2212883133EF6FBF7FAE0C1849BE5
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2500680891621702
Frame ID: 9B906E2956B5143B7E7CC3A687CA6B77
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 14D9E79162C87369E3D9648BA40ACEB5
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/index.html
Frame ID: F8C81F8B1FBECB30A773832B6D915FF5
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4032645762797114999/index.html
Frame ID: 3EE51D7D20CF6A7DDA9478EEECA453DC
Requests: 23 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/index.html
Frame ID: B4E0ED8C681C0E017C9E74DE4D709675
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18332568827419972199/index.html
Frame ID: 3BFFD51479167BA92626A4D4EB8182AB
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10271607261087679227/index.html
Frame ID: 63E91FF1A37AE2F735DADA098F294406
Requests: 23 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/index.html
Frame ID: F93E4BED366ABC3514016F4C06774C77
Requests: 23 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 0B4FC824EB8900754AFDE2877B401D46
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230118/r20190131/zrt_lookup.html
Frame ID: DA7E6F1DEB7DF38F7D706AD164AA1DE9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B771601AA4FA42F809B9920462DDBD06
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 98966AF813EC8C78A7F985EFCE4B28E6
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A81D29FD2FA1DB7C7FBA9A87612791C4
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 234AC86FEFDA6352584DA813D8B431A9
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 90D5CF40EAA2A92E64CC21B6DD261B4D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AFE730AB750EC15E16D9084774366013
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&adk=1812271804&adf=2751418289&lmt=1674480128&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=260x810_l%7C260x810_r&format=0x0&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127301&bpp=6&bdt=753&idt=565&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA&nras=1&correlator=8068862756404&frm=23&ife=4&pv=2&ga_vid=947933348.1674480125&ga_sid=1674480128&ga_hid=209361048&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=250&ifk=3688579295&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071546%2C31071581%2C44779793&oid=2&pvsid=3280936135904142&tmod=363497309&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.c43lynr10gpo&btvi=1&fsb=1&dtd=876
Frame ID: AF43347415C2B38FA55C6214956B9AED
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189485&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674480128&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127301&bpp=4&bdt=753&idt=645&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA&prev_fmts=0x0&nras=1&correlator=8068862756404&frm=23&ife=4&pv=1&ga_vid=947933348.1674480125&ga_sid=1674480128&ga_hid=209361048&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=1670&biw=1600&bih=1200&isw=300&ish=250&ifk=3688579295&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071546%2C31071581%2C44779793&oid=2&pvsid=3280936135904142&tmod=363497309&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.tto1jbwpffzd&btvi=2&fsb=1&dtd=885
Frame ID: 67667106855D336AFD3172E6A6F95CEB
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&adk=1812271804&adf=2751417949&lmt=1674480128&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=260x810_l%7C260x810_r&format=0x0&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127255&bpp=6&bdt=767&idt=659&shv=r20230118&mjsv=m202301100101&ptt=9&saldr=aa&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA&nras=1&correlator=8068862756404&frm=23&ife=4&pv=1&ga_vid=947933348.1674480125&ga_sid=1674480128&ga_hid=1940045243&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=250&ifk=2712454997&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071714%2C44774292%2C44779793&oid=2&pvsid=2760405362826837&tmod=1170705000&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.1dek23ns65hx&btvi=1&fsb=1&dtd=958
Frame ID: 698BE686F3E450E5B05D7015FE1A39F4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186305&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674480128&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127255&bpp=2&bdt=767&idt=701&shv=r20230118&mjsv=m202301100101&ptt=9&saldr=aa&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA&prev_fmts=0x0&nras=1&correlator=8068862756404&frm=23&ife=4&pv=1&ga_vid=947933348.1674480125&ga_sid=1674480128&ga_hid=1940045243&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=2848&biw=1600&bih=1200&isw=300&ish=250&ifk=2712454997&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071714%2C44774292%2C44779793&oid=2&pvsid=2760405362826837&tmod=1170705000&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.jbs1i9xeqep2&btvi=2&fsb=1&dtd=970
Frame ID: F15E7D7C926A0456029E96F6E83282C0
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: EB57EE166A5CD1645F38EE1B36434A3B
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&adk=1812271804&adf=2751417939&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.myjoyonline.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127531&bpp=4&bdt=900&idt=445&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&nras=1&correlator=5654113976534&frm=24&ife=3&pv=2&ga_vid=1108797295.1674480128&ga_sid=1674480128&ga_hid=22970163&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3119401086&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44779794%2C31071262%2C31071663&oid=2&pvsid=2005410910370218&tmod=607883322&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.v0gxl9v55dyn&fsb=1&dtd=933
Frame ID: 997F148B104C14BDD888BC1DEB0E64D2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186307&pi=t.ma~as.7074810865&w=300&fwrn=16&fwrnh=100&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127531&bpp=3&bdt=900&idt=724&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5654113976534&frm=24&ife=3&pv=1&ga_vid=1108797295.1674480128&ga_sid=1674480128&ga_hid=22970163&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3119401086&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44779794%2C31071262%2C31071663&oid=2&pvsid=2005410910370218&tmod=607883322&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.a1rcvohtmwn1&fsb=1&dtd=941
Frame ID: F7361037D7BA67103B39CF454B7EE349
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B19C9A855A8718360BF0AD2046EFF3A6
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3E02B9FC7A719D545175A9DC1D71CAA6
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 53FE0E65AB2FAE52D1338ABCC3F668B0
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 20DE472B5221B3E2BD959047F7451B46
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CE215D81B8A569A6CE805C32385FDD2E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DC5509CA609EAE192227C826754FD99A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7F646E8925065C2D93369D1957CC02F7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 547158320B4DFDC55C041C47DD3156FD
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3ED3926314C00FF5041E02681ADAD080
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 740E6687145A4A92BC616BB0A1DBA6EC
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Frame ID: 416A5ADB552035FA1DF77788BB65C677
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Frame ID: 6301CCAF2DAC5B8C9CEF2FAB599A6AA6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Frame ID: 89D234E4A2D74849E1780072684A9638
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EACD356A9B6541A9E06A577B2ED5B1E5
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 869C55F4004E4DA100123133C24CEE47
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Crypto founder charged with $700m financial crimes - MyJoyOnline.com

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • chartbeat\.js

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

395
Requests

93 %
HTTPS

52 %
IPv6

55
Domains

87
Subdomains

64
IPs

10
Countries

6828 kB
Transfer

16675 kB
Size

46
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 94
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&rid=esp&cc=1
Request Chain 96
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355225907;dc_trk_aid=546295868;dc_trk_cid=184451307;ord=1138718664;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355225907;dc_pre=CIe4-cjk3fwCFSPOEQgdL8ICbw;dc_trk_aid=546295868;dc_trk_cid=184451307;ord=1138718664;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Request Chain 103
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=myjoyonline.com&sn=ChromeSyncframe&so=0&topUrl=www.myjoyonline.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=JDtoYXwvM1Y0bE94N2xWRFJieGdYNnpMTUJGUGhDRDk2Q1JLSEhDMmR6cEw2UHQ0c3U3L3dUMUorYTlLZnJlSUFZN0ZkZlNYVFRSWEk2VFN2K1BkTXlOQndtUzhzdU4zWmVwanRIVVdlQlRWaHo3andkeEZZUy9XSCtjQVpjMDhFYnRkTjVkdnNKWG83SVc4Q29PeW1ZK0czOFJEOFlpVVRUZnhvVlFmem4zQ1hYVTlxZEtOY04zRVdQTTN2MDF2VHhNMENaa2lkR0VtSFJrRnVzK0g4ZkFkTDY0UHZLZ3UzQ28vVkx1bkxmWk84R3gxekkvRlJJSHZDL1lzTDBKNFg3N0xsTW1MRk9oM3pYUE8rclBSTncybzl4dz09fA&cppv=2
Request Chain 179
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355224557;dc_trk_aid=546418159;dc_trk_cid=184123079;ord=2591882938;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355224557;dc_pre=CMqNo8nk3fwCFSrzEQgdcRgFXw;dc_trk_aid=546418159;dc_trk_cid=184123079;ord=2591882938;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd
Request Chain 181
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355225907;dc_trk_aid=546295868;dc_trk_cid=184452513;ord=2355410536;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355225907;dc_pre=CLmeo8nk3fwCFa-c_QcdCPMMNw;dc_trk_aid=546295868;dc_trk_cid=184452513;ord=2355410536;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd
Request Chain 185
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355224557;dc_trk_aid=546418159;dc_trk_cid=184123079;ord=2694559607;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355224557;dc_pre=CLTVpMnk3fwCFbST_QcdW08L9g;dc_trk_aid=546418159;dc_trk_cid=184123079;ord=2694559607;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd
Request Chain 191
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355224557;dc_trk_aid=546418159;dc_trk_cid=184123406;ord=2545364839;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355224557;dc_pre=CJjEpcnk3fwCFRXVdwodnaoGLQ;dc_trk_aid=546418159;dc_trk_cid=184123406;ord=2545364839;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd
Request Chain 195
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355225907;dc_trk_aid=546295868;dc_trk_cid=184452783;ord=268517420;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355225907;dc_pre=CO_iqMnk3fwCFWiTdwodsbsN2g;dc_trk_aid=546295868;dc_trk_cid=184452783;ord=268517420;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd
Request Chain 199
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355225907;dc_trk_aid=546295868;dc_trk_cid=184451307;ord=367337548;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355225907;dc_pre=CMHcqsnk3fwCFeHIuwgdzl0IWQ;dc_trk_aid=546295868;dc_trk_cid=184451307;ord=367337548;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd
Request Chain 272
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 276
  • https://gcdn.2mdn.net/videoplayback/id/d6d592b36afed1d5/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818542020/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/624A1F4607B2EC5D51D56E0241D490BF80C52ED9.50755E7EB456410CD398D1899F1849AF7DEB6888/key/ck2/file/file.mp4 HTTP 302
  • https://r1---sn-5hnednsz.c.2mdn.net/videoplayback/id/d6d592b36afed1d5/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818542020/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0830CAB3A9637840C2B8C56513C492C9B19E5792.638DA4D7824FA0AB821C6544E09B0B15D4A51A9D/key/cms1/cms_redirect/yes/mh/1k/mip/2a03:1b20:6:f011::5e/mm/42/mn/sn-5hnednsz/ms/onc/mt/1674479107/mv/u/mvi/1/pl/48/file/file.mp4
Request Chain 279
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 280
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 281
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 313
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 316
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 317
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 489
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDwdeTuRCYWsVjUxmRcxQiQ&google_cver=1&google_push=AavPq0N8G9t4YJo88Z9n2TV_0haIERAlg1raLNaLqAAjXcOkKh-lPIpG63GRTD5oQ3Qd0fo3B6g6A5Y6Ds3NdlbzJlZ29FYy3wwoCg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0N8G9t4YJo88Z9n2TV_0haIERAlg1raLNaLqAAjXcOkKh-lPIpG63GRTD5oQ3Qd0fo3B6g6A5Y6Ds3NdlbzJlZ29FYy3wwoCg
Request Chain 490
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEBUprFaBMA2II2Y700zOmvg&google_cver=1&google_push=AavPq0OmLzVnVukNeY-JhdKJd0zRvcqpx23a_wE8NuLAko7RRxroNiZCfkxG_98RUltjUh1e-0Jj6CqfJNrdgFXgRF0f3AzaY6Wto2Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBUprFaBMA2II2Y700zOmvg&google_push=AavPq0OmLzVnVukNeY-JhdKJd0zRvcqpx23a_wE8NuLAko7RRxroNiZCfkxG_98RUltjUh1e-0Jj6CqfJNrdgFXgRF0f3AzaY6Wto2Y
Request Chain 491
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEMZfslquJDeFp9__S5sLCiM&google_cver=1&google_push=AavPq0PcU-_UbQz2R4gf4GIQQKG-BvCQt_sytkl8FsnAs0FBbWP6rpZYSoKFx6YQbkFWHgCUcuEdXUXMBU0iaoONcwqpoKQ8-8STYKc HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=k4VFk0CFQx6hc4mnJyPmfw2&google_push=AavPq0PcU-_UbQz2R4gf4GIQQKG-BvCQt_sytkl8FsnAs0FBbWP6rpZYSoKFx6YQbkFWHgCUcuEdXUXMBU0iaoONcwqpoKQ8-8STYKc
Request Chain 492
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGub2njBkcvGvLajXeiGypA&google_cver=1&google_push=AavPq0P9nubESXMDGS8lQQ2iseVJWXTnmxkNOMUutO0XrUH051oT_pEGAyzPZSsgXBotUKZKe3ai5f1kk9AyAVwXN2EreiygChL82MI HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGub2njBkcvGvLajXeiGypA&google_cver=1&google_push=AavPq0P9nubESXMDGS8lQQ2iseVJWXTnmxkNOMUutO0XrUH051oT_pEGAyzPZSsgXBotUKZKe3ai5f1kk9AyAVwXN2EreiygChL82MI&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=LCgovRt7QFq4ftJDdnUDyA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0P9nubESXMDGS8lQQ2iseVJWXTnmxkNOMUutO0XrUH051oT_pEGAyzPZSsgXBotUKZKe3ai5f1kk9AyAVwXN2EreiygChL82MI
Request Chain 493
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP9YmCIm6St2shiz5b1mK2I&google_cver=1&google_push=AavPq0P2cdh5yuRbg34bmwEqWKzEic4xUfIJ46vaEV-m0wDdO9EAlLABxJBmsqSgQS6thbjcxcNOsTezHN1_b2U8q3yzqBnZZr6TB7A HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEP9YmCIm6St2shiz5b1mK2I&google_push=AavPq0P2cdh5yuRbg34bmwEqWKzEic4xUfIJ46vaEV-m0wDdO9EAlLABxJBmsqSgQS6thbjcxcNOsTezHN1_b2U8q3yzqBnZZr6TB7A&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP9YmCIm6St2shiz5b1mK2I&google_hm=Y86KAv9GIrpLkSQleuCmOAAABI0AAAAB&google_nid=index&google_push=AavPq0P2cdh5yuRbg34bmwEqWKzEic4xUfIJ46vaEV-m0wDdO9EAlLABxJBmsqSgQS6thbjcxcNOsTezHN1_b2U8q3yzqBnZZr6TB7A
Request Chain 494
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEL6-8EfR7jOAlLTegAI5UxM&google_cver=1&google_push=AavPq0Ps70Hvx7OCv96rBNZWy80eim9WcfUpwXRgxOyLRcIsXMTt0A4Tlea81oXUTaUbcaLbjSe91DiYVaB8DspJi-Ioc1SP-AlBGNg HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEL6-8EfR7jOAlLTegAI5UxM&google_cver=1&google_push=AavPq0Ps70Hvx7OCv96rBNZWy80eim9WcfUpwXRgxOyLRcIsXMTt0A4Tlea81oXUTaUbcaLbjSe91DiYVaB8DspJi-Ioc1SP-AlBGNg&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0Ps70Hvx7OCv96rBNZWy80eim9WcfUpwXRgxOyLRcIsXMTt0A4Tlea81oXUTaUbcaLbjSe91DiYVaB8DspJi-Ioc1SP-AlBGNg&google_hm=GCNirGZHj33VmJ02S3urdZ1g
Request Chain 495
  • https://match.360yield.com/match/ebda?google_gid=CAESENEgNjB04rtFRXUV_cof7po&google_cver=1&google_push=AavPq0P6Mlb88a-DhMBz8a6_Y0mszpgejt9D4S1_DPfxslGVJN5m5quGD9SRCpAxfkXpBQ29Z1tdcwlIVqsM0yLGgkUtZh7A3BJEwQ HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESENEgNjB04rtFRXUV_cof7po&google_cver=1&google_push=AavPq0P6Mlb88a-DhMBz8a6_Y0mszpgejt9D4S1_DPfxslGVJN5m5quGD9SRCpAxfkXpBQ29Z1tdcwlIVqsM0yLGgkUtZh7A3BJEwQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QoRb9sbrSy2g93GDSpAAVw&google_push=AavPq0P6Mlb88a-DhMBz8a6_Y0mszpgejt9D4S1_DPfxslGVJN5m5quGD9SRCpAxfkXpBQ29Z1tdcwlIVqsM0yLGgkUtZh7A3BJEwQ
Request Chain 500
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIRrRijaV4MWBLrfddO1BDc&google_cver=1&google_push=AavPq0MofgaGV9xvtttPvxmQeoUFbQ4DcCz8PXPA8edksAVie_Le6xeRc-FNqhhi8aS9gKo6V3HXeX7tKHwmNx_XP3esoBIeIwPx-sD6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5MTgzNzM5NjE2MzU1NzUxOQ%3D%3D&google_push=AavPq0MofgaGV9xvtttPvxmQeoUFbQ4DcCz8PXPA8edksAVie_Le6xeRc-FNqhhi8aS9gKo6V3HXeX7tKHwmNx_XP3esoBIeIwPx-sD6
Request Chain 501
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDYJ6AC0osp43BZv1bfZ5tc&google_cver=1&google_push=AavPq0PoyCZTymnagK-Svp7IVGQUYVRiyCei1k4e4HxZYE4-Pg5xgGPgkx1AqrPMVf-PhF-Nnft0n-IwpX005P_ePdTnl0jw7nKHVT9C HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDYJ6AC0osp43BZv1bfZ5tc&google_cver=1&google_push=AavPq0PoyCZTymnagK-Svp7IVGQUYVRiyCei1k4e4HxZYE4-Pg5xgGPgkx1AqrPMVf-PhF-Nnft0n-IwpX005P_ePdTnl0jw7nKHVT9C HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk2NzA1MzYzNzA2Nzg5NzY0&google_push=AavPq0PoyCZTymnagK-Svp7IVGQUYVRiyCei1k4e4HxZYE4-Pg5xgGPgkx1AqrPMVf-PhF-Nnft0n-IwpX005P_ePdTnl0jw7nKHVT9C
Request Chain 502
  • https://cs.media.net/cksync?type=g&google_gid=CAESEFALKgD_ZwT2FX-UzFPRVAQ&google_cver=1&google_push=AavPq0N6PrCOqfzIfTLZPrIjJ2wqpYEI4u4HEjDa--llVQGdrYcHhs4ipMcgZEGdQt5FqojMLP9Iho-bbYzSKrQf_dN6J73qcNqnvExf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE3NDgxNzMwODM5NzMzMjAwMFYxMA%3d%3d&mn_hm=MzE3NDgxNzMwODM5NzMzMjAwMFYxMA%3d%3d&google_sc=1&google_push=AavPq0N6PrCOqfzIfTLZPrIjJ2wqpYEI4u4HEjDa--llVQGdrYcHhs4ipMcgZEGdQt5FqojMLP9Iho-bbYzSKrQf_dN6J73qcNqnvExf&gdpr=&gdpr_consent=
Request Chain 503
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEJWTryLBEATBtHi07PNhKPY&google_cver=1&google_push=AavPq0P2LgQ7OKewaAnP2zUVJn9glmP_GCNm2pbs4pgq0DJjrNdTEn3brl5qfWVARxR9sjFgLmUglt3JRNP5Dpsj0HMfLPkhhuGFrjWErg HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEJWTryLBEATBtHi07PNhKPY%26google_cver%3D1%26google_push%3DAavPq0P2LgQ7OKewaAnP2zUVJn9glmP_GCNm2pbs4pgq0DJjrNdTEn3brl5qfWVARxR9sjFgLmUglt3JRNP5Dpsj0HMfLPkhhuGFrjWErg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzEwOTAxNjEzOTU3MTQxMDc5NA%3D%3D&google_gid=CAESEJWTryLBEATBtHi07PNhKPY&google_cver=1&google_push=AavPq0P2LgQ7OKewaAnP2zUVJn9glmP_GCNm2pbs4pgq0DJjrNdTEn3brl5qfWVARxR9sjFgLmUglt3JRNP5Dpsj0HMfLPkhhuGFrjWErg
Request Chain 506
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 513
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDwdeTuRCYWsVjUxmRcxQiQ&google_cver=1&google_push=AavPq0P8md435FSJrfcDNRHIMPlYPwFWMWtjQIcFEsrAhOM9Y6uI-xT0OM83-g7qPPLzijrBpTVgIBBQ8qXDI6ePL-XJi6C_GiNu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=0vNjzooCSACZqMWKR9hDAQ&google_push=AavPq0P8md435FSJrfcDNRHIMPlYPwFWMWtjQIcFEsrAhOM9Y6uI-xT0OM83-g7qPPLzijrBpTVgIBBQ8qXDI6ePL-XJi6C_GiNu
Request Chain 514
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIRrRijaV4MWBLrfddO1BDc&google_cver=1&google_push=AavPq0Pm93xbOuERrJ9tg-PMSKGSYvipfUGFoodh3DHjZOQRGRVWgWc_TWaueca2KG-B6B24Dfp_ZbGx_dmiqMg5iu2SicvOZKdN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5MTgzNzM5NjE2MzU1NzUxOQ%3D%3D&google_push=AavPq0Pm93xbOuERrJ9tg-PMSKGSYvipfUGFoodh3DHjZOQRGRVWgWc_TWaueca2KG-B6B24Dfp_ZbGx_dmiqMg5iu2SicvOZKdN
Request Chain 515
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEK58Vko8glCKtlyuNigXpQ&google_cver=1&google_push=AavPq0PUhQx4VdpoydQdcucQaO_oH4atzmamaxxkLfU0UFvTPvb_ZRuDO5mLjLppDmNeUBdslT1faqzx8bHG_U1cVHBMeGIl0Zrb HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEEK58Vko8glCKtlyuNigXpQ&google_cver=1&google_push=AavPq0PUhQx4VdpoydQdcucQaO_oH4atzmamaxxkLfU0UFvTPvb_ZRuDO5mLjLppDmNeUBdslT1faqzx8bHG_U1cVHBMeGIl0Zrb HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=d7b4f2a8-2e85-4eb0-8d3e-a87295cef1f0&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0PUhQx4VdpoydQdcucQaO_oH4atzmamaxxkLfU0UFvTPvb_ZRuDO5mLjLppDmNeUBdslT1faqzx8bHG_U1cVHBMeGIl0Zrb&google_hm=Iepg9eUdStSoYu1nG9MNAw==
Request Chain 516
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJCFISnesXG7XIA2CnAjUaE&google_cver=1&google_push=AavPq0N0XO9PGMvMtKXkZ0QfYiE4Z8QCaJ6Qz5H7ZkeL_v2W299faol-HB87-duI70XpojZdSFnEq4-5yc8_4ah4unxzRtXzqUcbmg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0N0XO9PGMvMtKXkZ0QfYiE4Z8QCaJ6Qz5H7ZkeL_v2W299faol-HB87-duI70XpojZdSFnEq4-5yc8_4ah4unxzRtXzqUcbmg&google_hm=eS03Z2xGcmlwRTJwR3BDM1U2QXBEWUwxbTdpT0RhU2tsWX5B
Request Chain 517
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEGH0YfByByKnFybtWARXx_U&google_cver=1&google_push=AavPq0MIUC1bYspUnRSVTMGgJs-V8LeJBMCKWbhzNSDZ3ZdNU2XRY_9_YTeKH36Ml1z_5yLsT1thwaCjzZUKSQp_msreMRj3OIq8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0MIUC1bYspUnRSVTMGgJs-V8LeJBMCKWbhzNSDZ3ZdNU2XRY_9_YTeKH36Ml1z_5yLsT1thwaCjzZUKSQp_msreMRj3OIq8
Request Chain 518
  • https://match.360yield.com/match/ebda?google_gid=CAESENEgNjB04rtFRXUV_cof7po&google_cver=1&google_push=AavPq0NqUZnm1qV0OFRe7cVwD0QX0_K6OxntcIYBrxb4RM0DOXk0cROzRVkhlBMh9prW-rnJB66fO-HL5ureSdoVL1tDfrKGcMGuwQ HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESENEgNjB04rtFRXUV_cof7po&google_cver=1&google_push=AavPq0NqUZnm1qV0OFRe7cVwD0QX0_K6OxntcIYBrxb4RM0DOXk0cROzRVkhlBMh9prW-rnJB66fO-HL5ureSdoVL1tDfrKGcMGuwQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QoRb9sbrSy2g93GDSpAAVw&google_push=AavPq0NqUZnm1qV0OFRe7cVwD0QX0_K6OxntcIYBrxb4RM0DOXk0cROzRVkhlBMh9prW-rnJB66fO-HL5ureSdoVL1tDfrKGcMGuwQ

395 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
408 KB
65 KB
Document
General
Full URL
https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.196.130.246 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.130.196.104.bc.googleusercontent.com
Software
Apache / W3 Total Cache/2.2.9
Resource Hash
0d4c7fd1d5fdd062669013eeee3b1322b8d5582bf1d731ab80a2c062261149b6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=3600, public
Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 23 Jan 2023 13:22:03 GMT
ETag
"b9d507ade2ebb5d15c06221f67ccd91c"
Expires
Mon, 23 Jan 2023 14:22:04 GMT
Keep-Alive
timeout=5, max=100
Last-Modified
Mon, 23 Jan 2023 13:22:04 GMT
Link
<https://www.myjoyonline.com/wp-json/>; rel="https://api.w.org/", <https://www.myjoyonline.com/wp-json/wp/v2/posts/10032247384>; rel="alternate"; type="application/json", <https://www.myjoyonline.com/?p=10032247384>; rel=shortlink, </wp-content/cache/minify/f402f.js>; rel=preload; as=script, </wp-content/cache/minify/8b1d5.js>; rel=preload; as=script, </wp-content/cache/minify/56d32.js>; rel=preload; as=script, </wp-content/cache/minify/eb8ca.js>; rel=preload; as=script, </wp-content/cache/minify/e816c.js>; rel=preload; as=script, </wp-content/cache/minify/1615d.js>; rel=preload; as=script
Pragma
public
Server
Apache
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
X-Powered-By
W3 Total Cache/2.2.9
f402f.js
www.myjoyonline.com/wp-content/cache/minify/
86 KB
30 KB
Script
General
Full URL
https://www.myjoyonline.com/wp-content/cache/minify/f402f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.196.130.246 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.130.196.104.bc.googleusercontent.com
Software
Apache /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 13:22:04 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 10:38:11 GMT
Server
Apache
ETag
"15851-5ee20e29cb14a-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
30677
8b1d5.js
www.myjoyonline.com/wp-content/cache/minify/
2 KB
1 KB
Script
General
Full URL
https://www.myjoyonline.com/wp-content/cache/minify/8b1d5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.196.130.246 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.130.196.104.bc.googleusercontent.com
Software
Apache /
Resource Hash
eaa653af5e2a278672661f05d1af722339924fc64dc6d314f85a644e1d3e52a1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 13:22:04 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 10:38:12 GMT
Server
Apache
ETag
"8da-5ee20e2a22fa3-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
750
56d32.js
www.myjoyonline.com/wp-content/cache/minify/
3 KB
2 KB
Script
General
Full URL
https://www.myjoyonline.com/wp-content/cache/minify/56d32.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.196.130.246 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.130.196.104.bc.googleusercontent.com
Software
Apache /
Resource Hash
9a3d1f5824ad4bd991a67acab64088920e43d25545ca6b4cb78736dc35b696a3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 13:22:04 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 10:38:12 GMT
Server
Apache
ETag
"bd7-5ee20e2a06a7b-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1377
eb8ca.js
www.myjoyonline.com/wp-content/cache/minify/
98 KB
30 KB
Script
General
Full URL
https://www.myjoyonline.com/wp-content/cache/minify/eb8ca.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.196.130.246 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.130.196.104.bc.googleusercontent.com
Software
Apache /
Resource Hash
8ca8a4feeb61ae9e7c5b6dc7a7918cf9c214c601be52f73231bb20cec8861c00
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 13:22:04 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 10:38:12 GMT
Server
Apache
ETag
"18804-5ee20e2a24ee4-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
30097
e816c.js
www.myjoyonline.com/wp-content/cache/minify/
198 KB
44 KB
Script
General
Full URL
https://www.myjoyonline.com/wp-content/cache/minify/e816c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.196.130.246 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.130.196.104.bc.googleusercontent.com
Software
Apache /
Resource Hash
6efad1e6bd5fdd0ba9e23498896aa5b19bee073f1a880b427260e4bac3658b94
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 13:22:04 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 10:38:12 GMT
Server
Apache
ETag
"319e3-5ee20e2a3c5ea-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
44404
1615d.js
www.myjoyonline.com/wp-content/cache/minify/
6 KB
3 KB
Script
General
Full URL
https://www.myjoyonline.com/wp-content/cache/minify/1615d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.196.130.246 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.130.196.104.bc.googleusercontent.com
Software
Apache /
Resource Hash
1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 13:22:04 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 10:38:12 GMT
Server
Apache
ETag
"1883-5ee20e2a2cbe6-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2356
lazyload.min.js
www.myjoyonline.com/wp-content/plugins/w3-total-cache/pub/js/
6 KB
3 KB
Script
General
Full URL
https://www.myjoyonline.com/wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.196.130.246 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.130.196.104.bc.googleusercontent.com
Software
Apache /
Resource Hash
1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 13:22:04 GMT
Content-Encoding
gzip
Last-Modified
Sat, 24 Dec 2022 15:14:19 GMT
Server
Apache
ETag
"1883-5f0945b30dfb4-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2356
wp-emoji-release.min.js
www.myjoyonline.com/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://www.myjoyonline.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.196.130.246 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.130.196.104.bc.googleusercontent.com
Software
Apache /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 13:22:04 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jul 2022 05:34:25 GMT
Server
Apache
ETag
"48b9-5e2f416caa229-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
5009
all.css
use.fontawesome.com/releases/v5.6.3/css/
52 KB
12 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.6.3/css/all.css?ver=6.1.1
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9X4ZFX43YYHM68XB
age
579738
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
8haH9Iu/2zCoDv+mM9+JmYAwP1yiqinNtzUdMc5zUU53IXQmqWixajRc+H1uhEhLn1hc+/3Hfec=
last-modified
Wed, 30 Jun 2021 15:44:33 GMT
server
cloudflare
etag
W/"dc93d584e41f8417f6b7163320d34329"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lByX3JkH9S07mvfgVBsBSlHMq0tOeQbln9QxsuQcfadRw6PNqoD9a0DCdDrKs98pg4WNUqkWs5Jshst%2FkuoIMMs26r3CPRTu69bhMYIGXSERe2x1UzMKDO5Kf0y1MrGpanDS7UytS4%2F8elzSA0CgTFfs"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
78e0d60a083c9966-FRA
css
fonts.googleapis.com/
1 KB
945 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Work+Sans&ver=6.1.1
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7e61b98cfd48dd5fda2b67045ebc64812e2125be27b1b8f699672567ae2d9ed3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 23 Jan 2023 13:22:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 23 Jan 2023 12:58:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 23 Jan 2023 13:22:04 GMT
js
www.googletagmanager.com/gtag/
110 KB
43 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-76317721-1
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
114c9b122b1fbf279d80b35358b673fc4e3dceb0b79f4601a12d9f753ffabd99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43984
x-xss-protection
0
last-modified
Mon, 23 Jan 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 23 Jan 2023 13:22:04 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
81 KB
28 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5347c4105095bfd7a60d36cebf6326aa7be3c361650fb65db295b6062389ba7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27707
x-xss-protection
0
server
sffe
etag
"1460 / 773 of 1000 / last-modified: 1674475854"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 23 Jan 2023 13:22:04 GMT
js
www.googletagmanager.com/gtag/
217 KB
76 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VVPMTF49Z0
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1adf2bf874479961970a4306772735d4d8251a02ddda3fd01f952c703ea1273a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77660
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 23 Jan 2023 13:22:04 GMT
chartbeat_mab.js
static.chartbeat.com/js/
23 KB
10 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:dc00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 01:13:29 GMT
content-encoding
gzip
via
1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 00:57:56 GMT
server
nginx
x-amz-cf-pop
FRA56-P2
age
43715
etag
W/"62d75314-5d6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
VLFxDb3xnKLWOl6dcODKhBNhnl3UATdNT7m6uItwG7V9W2jostlwLw==
expires
Tue, 24 Jan 2023 01:13:29 GMT
index.js
tags.remixd.com/player/v5/
34 KB
10 KB
Script
General
Full URL
https://tags.remixd.com/player/v5/index.js
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-115.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
91bcc65a1a6bb4755e48576889ae27c2f620e49d126b8127dd16c1a99945b9d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:21:39 GMT
content-encoding
gzip
via
1.1 7f49a9d7acd3e2b85c2c573f92e92d4c.cloudfront.net (CloudFront)
last-modified
Tue, 21 Jun 2022 15:31:59 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P1
age
35
etag
"57b6f8ad4125903b7e06bb427c232d10"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=1800
accept-ranges
bytes
content-length
10041
x-amz-cf-id
fjTaqH91e99t-olmWPQ8C_nLbWEhJfDEG5Edqap-TteozUv1sqhKzA==
outbrain.js
widgets.outbrain.com/
250 KB
86 KB
Script
General
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.48.1.62 Warsaw, Poland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-1-62.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a6b14f19ff1b6305699bc9e066c2b354a7b4c9c538098baa40bbd27075c1a4f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:04 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 11:46:56 GMT
etag
"16-m4O/ZEhlQ0nCaI79qp0WE5/Bt7c"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=14400
access-control-allow-credentials
false
x-traceid
3ae707de2665e39fbcc96573dab54297
timing-allow-origin
*, *
content-length
87827
apstag.js
c.amazon-adsystem.com/aax2/
179 KB
45 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.105.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-105-95.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a1a74eef6e94e2e8414e313d3dac9c34b11fccf52909e9eb833ce2cf70ced650

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:09:07 GMT
content-encoding
gzip
via
1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront), 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
last-modified
Thu, 19 Jan 2023 20:39:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA60-P1
age
778
etag
W/"09722bdf068e1f62e3d9a9e39a8dde87"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
NrYJqBrwpGmd_FlKFcOEAPXMccWgKqCyWHI2RWneL8eQ2wgPImYd0Q==
chartbeat.js
static.chartbeat.com/js/
37 KB
15 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:dc00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 02:57:12 GMT
content-encoding
gzip
via
1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 17:25:10 GMT
server
nginx
x-amz-cf-pop
FRA56-P2
age
37492
etag
W/"63921df6-9377"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
KeilVqfX8mwTrs6mEhsFRlGpS4lCf-htfBy9K5qdSzCPXX2jducTow==
expires
Tue, 24 Jan 2023 02:57:12 GMT
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eeb399f1789ed52132e5a180555cc0e24bf966b03cd0e97792bae7c637e4e229

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8Jpg.woff2
fonts.gstatic.com/s/worksans/v18/
17 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/worksans/v18/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8Jpg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans&ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c46b18a1ccba221be436881e1649ef1bfd1e656184fcd535e84bc77c77e8e5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.myjoyonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 20:11:18 GMT
x-content-type-options
nosniff
age
493846
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17912
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 17:55:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jan 2024 20:11:18 GMT
popular-posts
www.myjoyonline.com/wp-json/wordpress-popular-posts/v1/
55 B
1 KB
XHR
General
Full URL
https://www.myjoyonline.com/wp-json/wordpress-popular-posts/v1/popular-posts
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/wp-content/cache/minify/56d32.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.196.130.246 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.130.196.104.bc.googleusercontent.com
Software
Apache / PHP/7.3.13
Resource Hash
6713389ea14cc05e4e8cb02088d80e6eca8bf94c9528b5e43fe3bd5011b5df4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

X-WP-Nonce
8a691aba40
Date
Mon, 23 Jan 2023 13:22:04 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
PHP/7.3.13
Connection
Keep-Alive
Content-Length
75
Server
Apache
Allow
GET, POST
Access-Control-Allow-Methods
OPTIONS, GET, POST, PUT, PATCH, DELETE
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.myjoyonline.com
Access-Control-Expose-Headers
X-WP-Total, X-WP-TotalPages, Link
Vary
Origin,Accept-Encoding
Access-Control-Allow-Credentials
true
X-Frame-Options
SAMEORIGIN
X-Robots-Tag
noindex
Keep-Alive
timeout=5, max=99
Link
<https://www.myjoyonline.com/wp-json/>; rel="https://api.w.org/"
Access-Control-Allow-Headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
truncated
/
66 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cbec7579d8c2963f13b8ef90847bef861b534371bfd2dab99ebb09ff1528b0e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
66 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5390e9facc0ddb3ebb2236c1c797ba47be28e4173b948f172d133e4f8ce5748e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
018326e7d55a2b60f35e0bcf4b00708cf66e6f25bc4fba2ac37c444b518f7286

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
fa-regular-400.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/
15 KB
15 KB
Font
General
Full URL
https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-regular-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css?ver=6.1.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ecdc6188a4b2ec48e2ebf84a2a6584e78473f1216d7119832b5dc109bec7492

Request headers

Referer
https://use.fontawesome.com/releases/v5.6.3/css/all.css?ver=6.1.1
Origin
https://www.myjoyonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
N75BZK0Y1BBW8WE3
age
19635
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14872
x-amz-id-2
HWbE4Q/2jzymfkZIpMSm/eiMIcY5DNqWjGzNuoq6zOlnbqk7Qa/73TkEzbPavyMa+j7JwISGjDU=
last-modified
Wed, 30 Jun 2021 15:44:54 GMT
server
cloudflare
etag
"4b218302f9057d02864d4909661831e9"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sF0m2q5SOjPp6mvu8SfupXbQzM512JUYtcNWvYsuzPbl1EPaDelYEuFf12YPxoNWhdc5RcoTuvTMHJxV7ZAHF0jnkdTSIFQ9bYRRiqyKRCoV%2FuIMgF1AIb7uG2I6Iay4k2DK07S%2FZN%2Fmjz93LUkDWEV9"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
78e0d60aca142bf1-FRA
fa-brands-400.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/
73 KB
73 KB
Font
General
Full URL
https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css?ver=6.1.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eed474a49bdbf745c19e463f070e67977c1ab27835603eb749d9e5c249cf81f8

Request headers

Referer
https://use.fontawesome.com/releases/v5.6.3/css/all.css?ver=6.1.1
Origin
https://www.myjoyonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
X3HPMKRQHQWF4GXC
age
18390
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
74288
x-amz-id-2
dbI++Pp1xa1CbshqwsxHvd+Q8/oidArOKdo96DdOW6DCmvoQC0845mfEKPA7wPDkXx6eCKhf1/c=
last-modified
Wed, 30 Jun 2021 15:44:54 GMT
server
cloudflare
etag
"eac60e8a656781e13d2a674b4d9051c0"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xZRdre2%2FMwduH3l63QjAce00%2BsNjpuBUyoWaAiLlLa2FKrXNezTBQA5L68qNqAQQS7qps5gQey3riQQshk5C2YoPy5y0W3DyD3YHXjQ47OBHjTNlysxM442uiH64%2BABfjsL5Og%2BmyBv%2BwVqX4YTZeyPu"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
78e0d60aca152bf1-FRA
fa-solid-900.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/
77 KB
78 KB
Font
General
Full URL
https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css?ver=6.1.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903

Request headers

Referer
https://use.fontawesome.com/releases/v5.6.3/css/all.css?ver=6.1.1
Origin
https://www.myjoyonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
N7599YCGH7T9W14Z
age
19635
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
79100
x-amz-id-2
tqYYkN3SX1LPycI+yGgTulhbeAxrzolN2nGUyppFqV6xwLaqw9H7L1R1GSmnvWxk7pl/yqDK134=
last-modified
Wed, 30 Jun 2021 15:44:54 GMT
server
cloudflare
etag
"5dc01cfcd5336f696cb85da7ce53fa9b"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VxQUAm8D7gtjZ3bhBI58DFPzdnUN5UnZzXXiQeMWiHkouAUnVMa1GXaQ81eRhNwn7EopApXl%2FBCIwE%2FWLJAkQHfe5fwwXV7TIlGHxAwKwccG7Zz6sLdPhMNb6oHqZ8wNde6p%2FCJYcv5LcDADwaK4GDtW"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
78e0d60aca172bf1-FRA
platform.js
cdn.vuukle.com/
199 KB
54 KB
Script
General
Full URL
https://cdn.vuukle.com/platform.js
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f7d41310435064aa15d0620251c2a473a016576e68136531c0a7e959b621bf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:04 GMT
content-encoding
br
cf-cache-status
HIT
age
9372
cf-polished
origSize=203470
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 20 Jan 2023 10:44:19 GMT
server
cloudflare
etag
W/"63ca7083-31ace"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=1800
cf-ray
78e0d60b08ee9a3b-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
truncated
/
64 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
cropped-joychristmas.png
www.myjoyonline.com/wp-content/uploads/2022/12/
27 KB
27 KB
Image
General
Full URL
https://www.myjoyonline.com/wp-content/uploads/2022/12/cropped-joychristmas.png
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.196.130.246 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.130.196.104.bc.googleusercontent.com
Software
Apache /
Resource Hash
8e8add0c0316a42e776f9ceb5d9b6af087ae2e99f8474d45456e44aaff268597
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 13:22:04 GMT
Content-Encoding
gzip
Last-Modified
Sat, 24 Dec 2022 03:58:26 GMT
Server
Apache
ETag
"6ab6-5f08aea08373c-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
27341
US-Attorney-Breon-Peace-754x424.jpg
www.myjoyonline.com/wp-content/uploads/2023/01/
199 KB
199 KB
Image
General
Full URL
https://www.myjoyonline.com/wp-content/uploads/2023/01/US-Attorney-Breon-Peace-754x424.jpg
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.196.130.246 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
246.130.196.104.bc.googleusercontent.com
Software
Apache /
Resource Hash
9bfe7ab04384a675f2c6e493fb40e3b6ad557b20ec30b5738db4f52c2dd89665
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 13:22:04 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Jan 2023 09:01:25 GMT
Server
Apache
ETag
"31ae8-5f2ae4b4c8a2c-gzip"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
image/jpeg
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
config
c.amazon-adsystem.com/cdn/prod/
386 B
738 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.myjoyonline.com&pubid=33ad62c7-3412-4428-a63e-5fe3c8ffc47f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.105.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-105-95.fra60.r.cloudfront.net
Software
Server /
Resource Hash
c515abea3632e11f7febff0522cfc2632cbbe1d4aacc03a455571ee6d6e68e52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 09:07:05 GMT
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
age
15298
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.myjoyonline.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
386
x-amz-cf-id
ROl64XBu5k8mmls0_wlDFZATX0GWKvjgkbNTTe0u3yHYRCynH_m5jA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.105.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-105-95.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id
1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
content-encoding
gzip
via
1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront)
date
Mon, 23 Jan 2023 02:07:05 GMT
x-amz-cf-pop
FRA60-P1
age
40500
x-cache
Hit from cloudfront
last-modified
Fri, 23 Dec 2022 01:05:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
Zxh8oV7dj9hwgDULLxP_2a4EJXVRTD0DAoGSHksnXsyuw7U4qL6pRw==
id5-api.js
cdn.id5-sync.com/api/1.0/
57 KB
17 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:04 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 18 Jan 2023 10:47:57 GMT
server
cloudflare
x-amz-request-id
3K8ZKSB9E6X90NSS
age
1438
etag
W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
78e0d60b8edd90d7-FRA
x-amz-id-2
9v1FoIXL/newQeKKbNI8K9PqtMFnswBEe/q6cvizEQQtF6vioOjQSFy4vvzTEwlVdI0LlazlCeY=
ping
ping.chartbeat.net/
43 B
201 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=myjoyonline.com&p=%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&u=CF12pLCEKLuJCVG2ab&d=myjoyonline.com&g=65720&g0=%22Business%22&g1=Prince%20Adu-Owusu&n=1&f=00001&c=0&x=0&m=0&y=4674&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&b=1494&t=B-8gwYhR8qsDIx3hgDQH55DBHaRhZ&V=139&i=Crypto%20founder%20charged%20with%20%24700m%20financial%20crimes%20-%20MyJoyOnline.com&tz=0&sn=1&sv=CDqPGbCBKBbEPFQ0B4HjwpCm75fs&sd=1&im=067b2fff&_
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.195.176.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-195-176-242.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 23 Jan 2023 13:22:05 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/
212 B
519 B
XHR
General
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=myjoyonline.com&domain=myjoyonline.com&path=%2Fcrypto-founder-charged-with-700m-financial-crimes%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2fc0cea6c16f357f8746d85bedf59c0929f559a2224af3739d9b38641c00dfff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 23 Jan 2023 13:22:04 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
161
x-served-by
cache-hhn-etou8220075-HHN
x-timer
S1674480125.770090,VS0,VE96
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Sat, 21 Jan 2023 13:22:04 GMT
myjoyonline.com
pubcast-files.remixd.com/player-configs/
8 KB
9 KB
Fetch
General
Full URL
https://pubcast-files.remixd.com/player-configs/myjoyonline.com
Requested by
Host: tags.remixd.com
URL: https://tags.remixd.com/player/v5/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.38.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
addec199fcf7a538b4b38ab5464ee3c8f69c0af9bbd0485943029382338ace12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 12:44:12 GMT
age
2272
x-guploader-uploadid
ADPycdtrJ_pOqgr2kuxHKZTrQx9XjGSD1s9TYIlfryu1f2ZebE3Iz-jT8RfhLo01iXJKk3zFmD1JNuPK5HQZ-5ZiC7kiKx2bFrOc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8372
last-modified
Mon, 31 Oct 2022 16:21:25 GMT
server
UploadServer
etag
"77488f0b6883032e1cd73f40b8eaef2c"
x-goog-generation
1667233285626577
x-goog-hash
crc32c=T0O1Ig==, md5=d0iPC2iDAy4c1z9AuOrvLA==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-meta-cache-control
public, no-cache, must-revalidate
x-goog-stored-content-length
8372
accept-ranges
bytes
content-type
application/json
expires
Mon, 23 Jan 2023 13:44:12 GMT
getGeo
vuukle.com/
90 B
323 B
XHR
General
Full URL
https://vuukle.com/getGeo
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53f98bb0b288d162a288ce2caf8406c00c1fd474f0c73a58b5893098271621a9

Request headers

Referer
https://www.myjoyonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 23 Jan 2023 13:22:04 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,HEAD,POST,OPTIONS
access-control-allow-origin
*
content-type
application/json;charset=UTF-8
cf-ray
78e0d60beedd904e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
loadVuukle
api.vuukle.com/api/v1/Comments/
2 KB
1 KB
XHR
General
Full URL
https://api.vuukle.com/api/v1/Comments/loadVuukle?apiKey=255be353-1ccf-4eea-af0c-86d618375550&articleId=10032247384&globalRecommendation=false&host=myjoyonline.com&start=0&uri=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
442f149347e0cc694a8fa36e3627b1dbd3ecfb37896331001280d4bed933da82
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Referer
https://www.myjoyonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 23 Jan 2023 13:22:04 GMT
via
1.1 varnish (Varnish/6.2)
content-encoding
br
cf-cache-status
DYNAMIC
age
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1
pragma
no-cache
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH, OPTIONS
x-varnish
309015640
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.myjoyonline.com
cache-control
no-store,no-cache
access-control-allow-credentials
true
access-control-allow-credentiails
true
cf-ray
78e0d60bfc262c2b-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
prebid3.js
cdn.vuukle.com/static/
474 KB
142 KB
Script
General
Full URL
https://cdn.vuukle.com/static/prebid3.js
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aae6af796749b4e50dfb211439d3bad2c858ac0e744908cbf969d0281f6c6a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:04 GMT
content-encoding
br
cf-cache-status
HIT
age
879401
cf-polished
origSize=634326
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 13 Jan 2023 07:55:15 GMT
server
cloudflare
etag
W/"63c10e63-9add6"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=3600
cf-ray
78e0d60c1ace9a3b-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
myjoyonline.com.json
cdn.vuukle.com/ads/
26 KB
2 KB
XHR
General
Full URL
https://cdn.vuukle.com/ads/myjoyonline.com.json
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fb9344bf86f85a31d606c8c79ea79eadc775287a9f104756c48833b0b7b10b7

Request headers

Referer
https://www.myjoyonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 23 Jan 2023 13:22:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 23 Jan 2023 10:04:35 GMT
server
cloudflare
etag
W/"63ce5bb3-679c"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cf-ray
78e0d60c3bb0bb9d-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
gpt.js
securepubads.g.doubleclick.net/tag/js/
0
27 KB
Other
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27760
x-xss-protection
0
server
sffe
etag
"1460 / 568 of 1000 / last-modified: 1674475854"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 23 Jan 2023 13:22:04 GMT
sharebar.html
cdn.vuukle.com/widgets/ Frame 6A91
211 KB
77 KB
Document
General
Full URL
https://cdn.vuukle.com/widgets/sharebar.html?version=2.17.9
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a2b39fd81d9e5dfa7cd19122d29aae241c7dbab8e178b7e87640d27557085d1

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
age
452638
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=10800
cf-cache-status
HIT
cf-ray
78e0d60c4d659bf2-FRA
content-encoding
br
content-type
text/html
date
Mon, 23 Jan 2023 13:22:04 GMT
last-modified
Wed, 18 Jan 2023 07:34:57 GMT
server
cloudflare
vary
Accept-Encoding
cnsnt.platform.js
cdn.vuukle.com/
4 KB
2 KB
Script
General
Full URL
https://cdn.vuukle.com/cnsnt.platform.js
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee54185d227b97546b9516a4930f7e72a810488ab8bf9c9ba7f897a782bd0437

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:04 GMT
content-encoding
br
cf-cache-status
HIT
age
1421
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 20 Jan 2023 10:44:27 GMT
server
cloudflare
etag
W/"63ca708b-f2c"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=7200
cf-ray
78e0d60c6dad9bf2-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
bq-publish
publish.vuukle.com/
29 B
351 B
XHR
General
Full URL
https://publish.vuukle.com/bq-publish?callback=&{%22action%22:%22view_page%22,%22hashed_email%22:%22$46ae1a-6409-45ef-b52c-294c6f796370%22,%22hostname%22:%22255be353-1ccf-4eea-af0c-86d618375550%22,%22pubdomain%22:%22myjoyonline.com%22,%22refDomain%22:%22%22,%22sessionId%22:%2285a61fda-7bb0-4fd3-bb2a-02d403581e5c%22,%22version%22:%224.20%22,%22articleImg%22:%22%22,%22articleTitle%22:%22Crypto%20founder%20charged%20with%20$700m%20financial%20crimes%20-%20MyJoyOnline.com%22,%22article_id%22:%2210032247384%22,%22hashed_article_url%22:%22myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F%22,%22referrer%22:%22aduowusup9@gmail.com%22,%22tags%22:%22Technology%22,%22browser%22:%22Chrome%22,%22device%22:%22Desktop%22,%22os%22:%22Windows%22}&_=1489139930741
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97fd90ef746f6ef3dd8fca95e7876067f0886e31fa657470635fdeb136845ee1
Security Headers
Name Value
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.myjoyonline.com
access-control-allow-credentials
true
cf-ray
78e0d60cb83e904e-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1
pubads_impl_2023011901.js
securepubads.g.doubleclick.net/gpt/
385 KB
130 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
506232725b472834278e60634b4137a0358256051a6fb7f6f03582964e756de9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:19:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
132
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133253
x-xss-protection
0
last-modified
Thu, 19 Jan 2023 09:34:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 23 Jan 2024 13:19:52 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
323 B
165 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.myjoyonline.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
417243696703ca6611fd5dd126cb363fec95fd2246247d44cba683d956f9ba67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
140
x-xss-protection
0
expires
Mon, 23 Jan 2023 13:22:05 GMT
d3d3Lm15am95b25saW5lLmNvbQ==
tcheck.outbrainimg.com/tcheck/check/
15 B
462 B
XHR
General
Full URL
https://tcheck.outbrainimg.com/tcheck/check/d3d3Lm15am95b25saW5lLmNvbQ==
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.125.156 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-156.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 13:22:05 GMT
ETag
W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=35000
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
32ad9247141f24d3c711cdd1d15e3321
Content-Length
15
Expires
Mon, 23 Jan 2023 23:05:25 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/
43 B
341 B
Image
General
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.48.1.62 Warsaw, Poland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-1-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:05 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Wed, 22 Feb 2023 13:22:05 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-76317721-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 23 Jan 2023 12:21:46 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
3619
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20085
expires
Mon, 23 Jan 2023 14:21:46 GMT
collect
region1.google-analytics.com/g/
0
341 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-VVPMTF49Z0&gtm=2oe1i0&_p=775647698&cid=947933348.1674480125&ul=en-us&sr=1600x1200&_s=1&sid=1674480124&sct=1&seg=0&dl=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&dt=Crypto%20founder%20charged%20with%20%24700m%20financial%20crimes%20-%20MyJoyOnline.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VVPMTF49Z0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.myjoyonline.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
standard-player.html
tags.remixd.com/player/v5/players/
129 KB
30 KB
Fetch
General
Full URL
https://tags.remixd.com/player/v5/players/standard-player.html
Requested by
Host: tags.remixd.com
URL: https://tags.remixd.com/player/v5/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-115.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f5d73c848836745a93ff7aa540a8f83f9899e3668628f42e9ba0cc6ef5e0b32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:21:10 GMT
content-encoding
gzip
via
1.1 2037bc3d80050c91043b9acac67831a2.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-P1
age
56
x-cache
Hit from cloudfront
content-length
29730
last-modified
Tue, 21 Jun 2022 15:31:59 GMT
server
AmazonS3
etag
"9a2e807a291cbaccaab15c40f0629813"
access-control-max-age
60
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
cache-control
public,max-age=1800
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
u3hTfyXJ7FWz3KFyZ57AHdrzHFY47N1fLj4iotzUs7a1GeUYvFA2uA==
v1
lb.eu-1-id5-sync.com/lb/
33 B
406 B
XHR
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
8c082bece010e3d7fb4120f165a47bb64f589a22abcef2935485c58eb544f246
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.myjoyonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.myjoyonline.com
date
Mon, 23 Jan 2023 13:22:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/
54 B
234 B
XHR
General
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:701:1000::96f , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
933ecb1b27c4bc8c1890e2b98a1543407a563e72e4bb02d1a6602bf6f194e4aa

Request headers

Referer
https://www.myjoyonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.myjoyonline.com
date
Mon, 23 Jan 2023 13:22:05 GMT
content-length
54
vary
Origin
content-type
application/json
myjoyonline.com.json
cdn.vuukle.com/ads/
26 KB
2 KB
Fetch
General
Full URL
https://cdn.vuukle.com/ads/myjoyonline.com.json
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/static/prebid3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fb9344bf86f85a31d606c8c79ea79eadc775287a9f104756c48833b0b7b10b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 23 Jan 2023 10:04:35 GMT
server
cloudflare
etag
W/"63ce5bb3-679c"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cf-ray
78e0d60e8925bb9d-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
placement_invocation
rock.defybrick.com/
48 KB
18 KB
Script
General
Full URL
https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:4600:1a:ba5c:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Caddy /
Resource Hash
620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 09:10:03 GMT
content-encoding
gzip
via
1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
server
Caddy
x-amz-cf-pop
FRA56-P4
age
15122
etag
"bf8f-sbLSqLgrhMmD0M6HbtAQ/QtX6WE"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=43200
content-length
18460
x-amz-cf-id
e9U6cq-mfAHbpSpDRQNyv7nuOrMaPK3g3PHK7D1uAc3zjyUPCCTZ0Q==
expires
Mon, 23 Jan 2023 21:10:03 GMT
1065.json
id5-sync.com/g/v2/
216 B
629 B
XHR
General
Full URL
https://id5-sync.com/g/v2/1065.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
859a5565dd1dafd059d03416d2baf3ba77e068daa6eb4d6bae555d389c8a36bd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.myjoyonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.myjoyonline.com
date
Mon, 23 Jan 2023 13:22:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/
23 B
466 B
XHR
General
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&pid=jgWCSHxknjdZH&cb=0&ws=1600x1200&v=23.112.1442&t=2000&slots=%5B%7B%22sd%22%3A%22mjo-article-leaderboard_top%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F1002554%2FMyjoyonline%2Fmjo-article-leaderboard_top%22%7D%2C%7B%22sd%22%3A%22mjo-article-right_rectangle_top%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1002554%2FMyjoyonline%2Fmjo-article-right_rectangle_top%22%7D%2C%7B%22sd%22%3A%22mjo-article-right_rectangle_top1%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F1002554%2FMyjoyonline%2Fmjo-article-right_rectangle_top1%22%7D%2C%7B%22sd%22%3A%22mjo-article-right_rectangle_top2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1002554%2FMyjoyonline%2Fmjo-article-right_rectangle_top2%22%7D%2C%7B%22sd%22%3A%22mjo-article-left_rectangle_mid%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1002554%2FMyjoyonline%2Fmjo-article-left_rectangle_mid%22%7D%2C%7B%22sd%22%3A%22mjo-article-right_rectangle_mid%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F1002554%2FMyjoyonline%2Fmjo-article-right_rectangle_mid%22%7D%2C%7B%22sd%22%3A%22mjo-article-right_rectangle_mid1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1002554%2FMyjoyonline%2Fmjo-article-right_rectangle_mid1%22%7D%2C%7B%22sd%22%3A%22mjo-article-right_rectangle_mid2%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F1002554%2FMyjoyonline%2Fmjo-article-right_rectangle_mid2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1584539723739-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F1002554%2FMyjoyonline%2Fmjo-article-fluid%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1635764376135-0%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F1002554%2FMyjoyonline%2Fseedtag_myjoyonline_oop%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1649009341342-0%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F1002554%2FMyjoyonline%2Fmjo-article-1x1%22%7D%2C%7B%22sd%22%3A%22in-article%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1002554%2FMyjoyonline%2Fmjo-article-left_rectangle_mid1%22%7D%2C%7B%22sd%22%3A%22in-article1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1002554%2FMyjoyonline%2Fmjo-article-left_rectangle_mid1%22%7D%2C%7B%22sd%22%3A%22in-article2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1002554%2FMyjoyonline%2Fmjo-article-left_rectangle_mid1%22%7D%5D&pj=%7B%22adRefresh%22%3A%221%22%7D&schain=1.0%2C1!atunwadigital.com%2C1000000010%2C1%2C%2CAtunwa%2520Digital%2520LLC%2Catunwadigital.com&pubid=33ad62c7-3412-4428-a63e-5fe3c8ffc47f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-150.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:05 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
DTB3V1CK556JAN73WA04
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.myjoyonline.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
WvSlRSEhyGY26tlZC3C5JXfH2vfZBuuQEQ8sVpMO4yJ9R5G08ILl4w==
1002554
fundingchoicesmessages.google.com/i/
122 KB
42 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/1002554?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6428478a8cb8f9ac67a4dfad6358b39d3e6803467bb4fe2c0006cc3e55d8455c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pyvyRa8tjKkdXniQ3dYvNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:05 GMT
content-security-policy
script-src 'report-sample' 'nonce-pyvyRa8tjKkdXniQ3dYvNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
FUtg69tL.js
cdn.jwplayer.com/libraries/ Frame 402C
119 KB
42 KB
Script
General
Full URL
https://cdn.jwplayer.com/libraries/FUtg69tL.js
Requested by
Host: tags.remixd.com
URL: https://tags.remixd.com/player/v5/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:d200:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
6085e820b16a7d47586e305352bad56a4597d073ecf6ea2961c093ca3cb63fd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:03 GMT
content-encoding
gzip
via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P1
age
2
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
x-robots-tag
noindex, indexifembedded
content-length
42414
x-amz-cf-id
XtXFOblqu5sYA6X1H_7_iAibu8c4pH9266MOXgUk3h6_O_kIfJQvBw==
collect
www.google-analytics.com/j/
2 B
210 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=775647698&t=pageview&_s=1&dl=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ul=en-us&de=UTF-8&dt=Crypto%20founder%20charged%20with%20%24700m%20financial%20crimes%20-%20MyJoyOnline.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=856134104&gjid=2118457322&cid=947933348.1674480125&tid=UA-76317721-1&_gid=944302810.1674480125&_r=1&_slc=1&gtm=2ou1i0&z=1153263683
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.myjoyonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.myjoyonline.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_pla
flint.defybrick.com/
3 KB
2 KB
Script
General
Full URL
https://flint.defybrick.com/show_pla?id=65349&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&sf=0&k=&idx=0&ch=&ext=&np=win32&nv=google%20inc.&rand=64712127865517511180005117269876942516499880206302212902105574917108&nc=0&tsf=0&tsfmi=&pv=0&cb=1674480125458&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=981103988&at=&bid=e30%3D&di=W1siZWYiLDQ1Ml0sWzEyLCJ7XCJjdHhcIjpcIndlYmdsMlwiLFwidlwiOlwiaW50ZWwgaW5jLlwi%0D%0ALFwiclwiOlwiaW50ZWwgaXJpcyBvcGVuZ2wgZW5naW5lXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wg%0D%0AZXMgMy4wMCAob3BlbmdsIGVzIGdsc2wgZXMgMy4wIGNocm9taXVtKVwiLFwiZ3ZlclwiOlwid2Vi%0D%0AZ2wgMi4wIChvcGVuZ2wgZXMgMy4wIGNocm9taXVtKVwiLFwiZ3ZlblwiOlwid2Via2l0XCIsXCJi%0D%0AZW5cIjo3LFwid2dsXCI6MSxcImdyZW5cIjpcIndlYmtpdCB3ZWJnbFwiLFwic2VmXCI6MTA1MTY5%0D%0ANDA4OSxcInNlY1wiOlwiXCJ9Il0sWzM3LCJbMzMxNjIyNDA0OSxmdW5jdGlvbihuZXdWYWx1ZSkg%0D%0Ae1xuICAgICAgICAgICAgICBhZGRDb250ZW50V2luZG93UHJveHkodGhpcylcbiAgICAgICAgICAg%0D%0AICAgLy8gUmVzZXQgcHJvcGVydHksIHRoZSBob29rIGlzIG9ubHkgbmVlZGVkIG9uY2VcbiAgICAg%0D%0AICAgICAgICAgT2JqZWN0LmRlZmluZVByb3BlcnR5KGlmcmFtZSwgJ3NyY2RvYycsIHtcbiAgICAg%0D%0AICAgICAgICAgICBjb25maWd1cmFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHdyaXRhYmxl%0D%0AOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB2YWx1ZTogX3NyY2RvY1xuICAgICAgICAgICAgICB9%0D%0AKVxuICAgICAgICAgICAgICBfaWZyYW1lLnNyY2RvYyA9IG5ld1ZhbHVlXG4gICAgICAgICAgICB9%0D%0AXSJdLFstMSwiLSJdLFstMiwiNyxlWUc5WDEvWDF0WmxTMjJkNTF4OFlOWTlNeEpRRU1DZFVCSEpM%0D%0AODZMMjNBQ0dVaEJJd0lTU0VFQWNJSmZSZUFnUUlFRm9JbmRDeHdRWGpobzI3MTk2bU1qT3Yvcjg3%0D%0AMHV4cUZ4Il0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJtaGpmYm1kZ2NmamJicGFl%0D%0Ab2pvZm9ob2VmZ2llaGphaVwiLFwiaW50ZXJuYWwtbmFjbC1wbHVnaW5cIl0iXSxbLTQsIi0iXSxb%0D%0ALTUsIi0iXSxbLTYsIi0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIisiXSxbLTEwLCItIl0sWy0x%0D%0AMSwie1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3JpcHRpb25cIixcIm9nOnRpdGxlXCIsXCJvZzpk%0D%0AZXNjcmlwdGlvblwiLFwidHdpdHRlcjp0aXRsZVwiLFwidHdpdHRlcjpkZXNjcmlwdGlvblwiXX0i%0D%0AXSxbLTEyLCJudWxsIl0sWy0xMywiLSJdLFstMTQsIntcIm9cIjowLjAwODA2NDUxNjEyOTAzMjI1%0D%0AOH0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjQiXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTE5%0D%0ALCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIw%0D%0AMCwxNjAwLDEyMDAsMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxbLTIwLCI5NDc5MzMzNDguMTY3NDQ4%0D%0AMDEyNSJdLFstMjEsIjgwdU9wek5SIl0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstMjMsIisiXSxb%0D%0ALTI0LCJbXSJdLFstMjUsIi0iXSxbLTI2LCJ7XCJ0amhzXCI6MjMxMDAwMDAsXCJ1amhzXCI6MTgy%0D%0AMDAwMDAsXCJqaHNsXCI6Mzc2MDAwMDAwMH0iXSxbLTI3LCJbMCw5LjcsMCxcIjRnXCIsbnVsbF0i%0D%0AXSxbLTI4LCJlbi1VUyxlbiJdLFstMjksIntcInZcIjpbMiwyLDIsMiwwLDAsMCwyLDAsMiwwLDIs%0D%0AMCwwLDIsMiwyLDIsMF19Il0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCIt%0D%0AIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTY3NDQ4MDEyNTQyOSwwXSJdLFstMzYsIltc%0D%0AIjQvM1wiLFwiNC8zXCJdIl0sWy0zNywiLTE0NC02Ni0xODAtIl0sWy0zOCwiaSwtMSwtMSwxLDAs%0D%0AMSwwLDgzLDIyMSw5MTEsMjAzLDAsMTM4MywxMzgzLDIyMTksMjIxOSJdLFstMzksIltcIjIwMDMw%0D%0AMTA3XCIsNCxcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51bGwsbnVsbCx0cnVl%0D%0ALDgsZmFsc2UsbnVsbCwzXSJdLFstNDAsIjMzIl0sWy00MSwiLSJdLFstNDIsIjE3MjQyOTc2NTMi%0D%0AXSxbLTQzLCIwMDAwMDAwMTAxMDAwMDAxMDAxMTEwMTEwMCJdLFstNDQsIjAsMCwwLDUiXSxbLTQ1%0D%0ALCItIl0sWy00NiwiMCJdLFstNDcsIkV0Yy9Vbmtub3duLGVuLVVTLGxhdG4sZ3JlZ29yeSJdLFst%0D%0ANDgsIjAsMCJdLFstNDksIi0iXSxbImJuY2giLDY0XV0%3D&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A282%2C%22y%22%3A4349%2C%22w%22%3A680%2C%22h%22%3A0%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=LZu8WG0UCh&sdd=%7B%7D&pto=2248
Requested by
Host: rock.defybrick.com
URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
2f7f82329b522fa8cf2c5d82870970abd10cbc80097a5083d8e523a1d2d6b6f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
text/javascript
pragma
no-cache
date
Mon, 23 Jan 2023 13:22:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1550
expires
Fri, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ Frame 402C
3 KB
588 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600&display=swap
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5941bbcfc82fe73f86b9ae9564a319e9b39ece69f05473f767b85df011a208d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 23 Jan 2023 13:22:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 23 Jan 2023 13:11:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 23 Jan 2023 13:22:05 GMT
ping.gif
player-files.remixd.com/ Frame 402C
43 B
582 B
Image
General
Full URL
https://player-files.remixd.com/ping.gif?action=playerImpression&userId=null&referrerUrl=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&domain=myjoyonline.com&adDuration=&inViewDuration=&sessionDuration=1&sessionId=19073f48-f6ea-4de6-859b-56a1d992bc30&volume=null&speed=1&position=null&mediaLength=null&isAMP=false
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.38.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1d4a78769df11981630c482bfe090ec752e4a7401e15e79abd8d351f6e034903

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:05 GMT
x-guploader-uploadid
ADPycdvFLqlOt1lQLj3JWKiMlYTpEgilmkoKjc_DrCSVHmb4TuYDciMcK3In4ZKkxK-iJ89d7_u2OhP9Nyl4gjVpC_28hg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
last-modified
Wed, 23 Oct 2019 15:45:02 GMT
server
UploadServer
etag
"cc8f8e28fe4d3aa85ca835a029fe08a5"
x-goog-generation
1571845502045744
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=CskzBw==, md5=zI+OKP5NOqhcqDWgKf4IpQ==
access-control-expose-headers
Content-Type
cache-control
no-cache, no-store, must-revalidate
x-goog-stored-content-length
43
accept-ranges
bytes
expires
Tue, 23 Jan 2024 13:22:05 GMT
ping.gif
player-files.remixd.com/ Frame 402C
43 B
192 B
Image
General
Full URL
https://player-files.remixd.com/ping.gif?action=loading&userId=null&referrerUrl=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&domain=myjoyonline.com&adDuration=&inViewDuration=&sessionDuration=2&sessionId=19073f48-f6ea-4de6-859b-56a1d992bc30&volume=null&speed=1&position=null&mediaLength=null&isAMP=false
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.38.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1d4a78769df11981630c482bfe090ec752e4a7401e15e79abd8d351f6e034903

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:05 GMT
x-guploader-uploadid
ADPycdvY4g6BRTSF8UoM0VBDSb8QFFXU8AMU1Zwu5fOZ0So7kQD7O9B-fVDh566KX080ESbnbVrI66cl4B7Vz0dZQ4l7Ig
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
last-modified
Wed, 23 Oct 2019 15:45:02 GMT
server
UploadServer
etag
"cc8f8e28fe4d3aa85ca835a029fe08a5"
x-goog-generation
1571845502045744
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=CskzBw==, md5=zI+OKP5NOqhcqDWgKf4IpQ==
access-control-expose-headers
Content-Type
cache-control
no-cache, no-store, must-revalidate
x-goog-stored-content-length
43
accept-ranges
bytes
expires
Tue, 23 Jan 2024 13:22:05 GMT
ping.gif
player-files.remixd.com/ Frame 402C
43 B
198 B
Image
General
Full URL
https://player-files.remixd.com/ping.gif?action=loaded&userId=null&referrerUrl=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&domain=myjoyonline.com&adDuration=&inViewDuration=&sessionDuration=3&sessionId=19073f48-f6ea-4de6-859b-56a1d992bc30&volume=null&speed=1&position=null&mediaLength=null&isAMP=false
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.38.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1d4a78769df11981630c482bfe090ec752e4a7401e15e79abd8d351f6e034903

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:05 GMT
x-guploader-uploadid
ADPycdvJ000wyIqXJH9aQEs2eT33tw_9vKO-cWAbMHCzFX4HVN-eS7gH-wL0vG3yTnXSLWe4uXPSq6VWJgvOLjeZn16DSoND2s-Y
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
last-modified
Wed, 23 Oct 2019 15:45:02 GMT
server
UploadServer
etag
"cc8f8e28fe4d3aa85ca835a029fe08a5"
x-goog-generation
1571845502045744
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=CskzBw==, md5=zI+OKP5NOqhcqDWgKf4IpQ==
access-control-expose-headers
Content-Type
cache-control
no-cache, no-store, must-revalidate
x-goog-stored-content-length
43
accept-ranges
bytes
expires
Tue, 23 Jan 2024 13:22:05 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=775647698&t=event&_s=2&dl=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ul=en-us&de=UTF-8&dt=Crypto%20founder%20charged%20with%20%24700m%20financial%20crimes%20-%20MyJoyOnline.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Audio%20Article&ea=audio_article_loaded&el=Audio%20Article%20Player&_u=aDDAAUABAAAAACAAI~&jid=&gjid=&cid=947933348.1674480125&tid=UA-76317721-1&_gid=944302810.1674480125&gtm=2ou1i0&z=70291332
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 02:07:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
40466
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
config.js
cdn.confiant-integrations.net/RNw7xiqRu-6_97G1pl1Hr7_2fbE/gpt_and_prebid/
122 KB
26 KB
Script
General
Full URL
https://cdn.confiant-integrations.net/RNw7xiqRu-6_97G1pl1Hr7_2fbE/gpt_and_prebid/config.js
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/static/prebid3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:106b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19010c36352a100187dbd35498557c5bd23404d659bf471d2baa1f4f6d6c8e92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Jan 2023 12:50:43 GMT
server
cloudflare
x-amz-request-id
17DB97SPW5HSMM5K
age
776
etag
W/"7cc28ee443a78b485661070cae5f8b67"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
78e0d610a90f2bc2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
+XBmTtP1sWzVcysTB1xyQwboq5hNHhHSDhqKW4XiWvBbDH0Y41lYm85ufy1lawXq3rAvOUrFtWA=
/
id.a-mx.com/sync/
102 B
625 B
XHR
General
Full URL
https://id.a-mx.com/sync/?tagId=&ref=null&u=https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/&v=7.28.0&vg=vuuklehb&us_privacy=null&gdpr=0&gdpr_consent=
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/static/prebid3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e03a20d6832e6408f2a260d8ab5d3621d9ea64252e3a27cfe451be34064d23c

Request headers

Referer
https://www.myjoyonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 23 Jan 2023 13:22:05 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FdmEheKBN7yE7obRB9dTLwtQvaSUYo0yEOB%2FbhcIvlpDPtW%2B0quSIka%2Fp70%2F0tI3oai4aUWfpa%2BOBRt6OeQSmGGrQkxiOni9GzCpf3qnwqsLg2EjrbNeyVTsrFFEd%2BWehD93CcpWBh832A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,OPTIONS
access-control-allow-origin
*
content-type
application/json
cache-control
private,max-age=3600
access-control-allow-credentials
true
cf-ray
78e0d610dd5d917a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
7cHqv4kjgoGqM7E3_-gs51os.woff2
fonts.gstatic.com/s/barlow/v12/ Frame 402C
20 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51os.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.myjoyonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 23:51:41 GMT
x-content-type-options
nosniff
age
307824
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20960
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:18:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Jan 2024 23:51:41 GMT
7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/ Frame 402C
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.myjoyonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 22:12:41 GMT
x-content-type-options
nosniff
age
486564
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21144
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:43:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jan 2024 22:12:41 GMT
AGSKWxWcDh9EnYFydvXsdhvX046Wsgw1d9oXLT0HvL1QCofQ1kwqhqI0s1X79evh1jxBb9jcN7TZvXyfZOQ4SY1C8GU=
fundingchoicesmessages.google.com/f/
13 KB
7 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWcDh9EnYFydvXsdhvX046Wsgw1d9oXLT0HvL1QCofQ1kwqhqI0s1X79evh1jxBb9jcN7TZvXyfZOQ4SY1C8GU=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc0NDgwMTI1LDU5MzAwMDAwMF0sIjhCNUNBQjNGLUREM0EtNDE3RS04NDg2LTQ0ODQzMzQ2MDExQyIsbnVsbCxudWxsLFtudWxsLFs3XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsdHJ1ZSx0cnVlXSwiaHR0cHM6Ly93d3cubXlqb3lvbmxpbmUuY29tL2NyeXB0by1mb3VuZGVyLWNoYXJnZWQtd2l0aC03MDBtLWZpbmFuY2lhbC1jcmltZXMvIixudWxsLFtbOCwiVlFacE9OTkthNXMiXSxbOSwiZGUiXSxbMTYsIlt0cnVlLHRydWUsdHJ1ZV0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.VQZpONNKa5s.es5.O/d=1/rs=AJlcJMwAqzGD-EFp9fED4A54ILKgchR0Vw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4a412e9de773da78d40a223d25335fba0715c57771f69443827c9e7011db91bc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rxaoUQ9cB0vkpgBB4QFTbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:05 GMT
content-security-policy
script-src 'report-sample' 'nonce-rxaoUQ9cB0vkpgBB4QFTbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.myjoyonline.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.myjoyonline.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
116 KB
42 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2602712114810887&correlator=672848942894160&eid=31071524%2C31071681%2C31071770%2C31071578&output=ldjh&gdfp_req=1&vrg=2023011901&ptt=17&impl=fifs&iu_parts=22191989129%3A1002554%2CMGL%2Cmgl_atunwa_300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=41891436&sfv=1-0-40&eri=1&cust_params=amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1674480125640&lmt=1674480124&dlt=1674480124212&idt=1043&adxs=1005&adys=920&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&frm=20&vis=1&psz=355x1428&msz=325x0&fws=4&ohw=1600&ga_vid=947933348.1674480125&ga_sid=1674480126&ga_hid=775647698&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18c1cddb939e020253a96a4d082306be234da29c5068e7401ccd2b1607bce548
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLXRzcjk3fwCFdZIHQkdHKgH4g&gqi=&layout=/sadbundle/%24csp%253Der3%24/11699188833985797144/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLXRzcjk3fwCFdZIHQkdHKgH4g&gqi=&layout=/sadbundle/%24csp%253Der3%24/11699188833985797144/index.html
date
Mon, 23 Jan 2023 13:22:06 GMT
x-content-type-options
nosniff
content-encoding
br
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43068
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.myjoyonline.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C303
6 KB
3 KB
Document
General
Full URL
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 13:22:05 GMT
expires
Tue, 23 Jan 2024 13:22:05 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
930 KB
124 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2602712114810887&correlator=672848942894160&eid=31071524%2C31071681%2C31071770%2C31071578&output=ldjh&gdfp_req=1&vrg=2023011901&ptt=17&impl=fifs&iu_parts=1002554%2CMyjoyonline%2Cmjo-article-leaderboard_top%2Cmjo-article-right_rectangle_top%2Cmjo-article-right_rectangle_top1%2Cmjo-article-right_rectangle_top2%2Cmjo-article-left_rectangle_mid%2Cmjo-article-right_rectangle_mid%2Cmjo-article-right_rectangle_mid1%2Cmjo-article-right_rectangle_mid2%2Cmjo-article-fluid%2Cseedtag_myjoyonline_oop%2Cmjo-article-1x1%2Cmjo-article-left_rectangle_mid1&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7%2C%2F0%2F1%2F8%2C%2F0%2F1%2F9%2C%2F0%2F1%2F10%2C%2F0%2F1%2F11%2C%2F0%2F1%2F12%2C%2F0%2F1%2F13%2C%2F0%2F1%2F13%2C%2F0%2F1%2F13&prev_iu_szs=970x250%7C970x90%2C300x250%2C300x600%2C300x250%2C300x250%2C300x600%2C300x250%2C300x600%2C320x50%7C300x250%7C336x280%7C1x1%2C1x1%2C1x1%2C300x250%2C300x250%2C300x250&fluid=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2Cheight%2C0%2C0%2C0%2C0%2C0&ifi=2&adks=217630568%2C841315098%2C3967851544%2C2457191795%2C1507287477%2C3023427354%2C4171557308%2C885957586%2C1691924742%2C3033927387%2C1491190864%2C3122488463%2C2284752827%2C2284752826&sfv=1-0-40&ists=16&prev_scp=fold%3Datf%26refresh%3Dtrue%26page%3Darticle%26url%3Dhttps%253A%252F%252Fwww.myjoyonline.com%252Fcrypto-founder-charged-with-700m-financial-crimes%252F%26amznbid%3D2%26amznp%3D2%7Cfold%3Datf%26refresh%3Dtrue%26page%3Darticle%26url%3Dhttps%253A%252F%252Fwww.myjoyonline.com%252Fcrypto-founder-charged-with-700m-financial-crimes%252F%26amznbid%3D2%26amznp%3D2%7Cfold%3Datf%26refresh%3Dtrue%26page%3Darticle%26url%3Dhttps%253A%252F%252Fwww.myjoyonline.com%252Fcrypto-founder-charged-with-700m-financial-crimes%252F%26amznbid%3D2%26amznp%3D2%7Cfold%3Datf%26refresh%3Dtrue%26page%3Darticle%26url%3Dhttps%253A%252F%252Fwww.myjoyonline.com%252Fcrypto-founder-charged-with-700m-financial-crimes%252F%26amznbid%3D2%26amznp%3D2%7Cfold%3Datf%26refresh%3Dtrue%26page%3Darticle%26url%3Dhttps%253A%252F%252Fwww.myjoyonline.com%252Fcrypto-founder-charged-with-700m-financial-crimes%252F%26amznbid%3D2%26amznp%3D2%7Cfold%3Dbtf%26refresh%3Dtrue%26page%3Darticle%26url%3Dhttps%253A%252F%252Fwww.myjoyonline.com%252Fcrypto-founder-charged-with-700m-financial-crimes%252F%26amznbid%3D2%26amznp%3D2%7Cfold%3Dbtf%26refresh%3Dtrue%26page%3Darticle%26url%3Dhttps%253A%252F%252Fwww.myjoyonline.com%252Fcrypto-founder-charged-with-700m-financial-crimes%252F%26amznbid%3D2%26amznp%3D2%7Cfold%3Dbtf%26refresh%3Dtrue%26page%3Darticle%26url%3Dhttps%253A%252F%252Fwww.myjoyonline.com%252Fcrypto-founder-charged-with-700m-financial-crimes%252F%26amznbid%3D2%26amznp%3D2%7Cfold%3Dbtf%26refresh%3Dtrue%26page%3Darticle%26url%3Dhttps%253A%252F%252Fwww.myjoyonline.com%252Fcrypto-founder-charged-with-700m-financial-crimes%252F%26amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Cpage%3Darticle%26refresh%3Dtrue%26amznbid%3D2%26amznp%3D2%7Cpage%3Darticle%26refresh%3Dtrue%26amznbid%3D2%26amznp%3D2%7Cpage%3Darticle%26refresh%3Dtrue%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1674480125673&lmt=1674480124&dlt=1674480124212&idt=1043&adxs=315%2C1005%2C1005%2C1005%2C283%2C1005%2C1005%2C1005%2C473%2C0%2C298%2C473%2C473%2C473&adys=80%2C646%2C944%2C2075%2C1182%2C2340%2C3863%2C4128%2C3956%2C4942%2C3956%2C1583%2C2238%2C2762&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1%7C0%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10&ucis=2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&frm=20&vis=1&psz=1600x250%7C355x1428%7C355x1428%7C325x250%7C680x1995%7C325x250%7C325x250%7C325x250%7C680x1%7C1600x4941%7C680x1%7C680x1995%7C680x1995%7C680x1995&msz=1600x250%7C325x250%7C325x250%7C325x250%7C300x0%7C325x250%7C325x250%7C325x250%7C650x0%7C1600x0%7C650x0%7C680x250%7C680x250%7C680x250&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C680%2C1600%2C680%2C680%2C680%2C680&ga_vid=947933348.1674480125&ga_sid=1674480126&ga_hid=775647698&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b61872e07305758cb7bf21357aeaab35780b822cae04234b45d04ee6e2e4ae9
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKKW0sjk3fwCFV5GHQkdmeYMvw&gqi=&layout=/sadbundle/%24csp%253Der3%24/11082872204613916311/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ-W0sjk3fwCFV5GHQkdmeYMvw&gqi=&layout=/sadbundle/%24csp%253Der3%24/11699188833985797144/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10271607261087679227/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10271607261087679227/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKOW0sjk3fwCFV5GHQkdmeYMvw&gqi=&layout=/sadbundle/%24csp%253Der3%24/10271607261087679227/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ2W0sjk3fwCFV5GHQkdmeYMvw&gqi=&layout=/sadbundle/%24csp%253Der3%24/11082872204613916311/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4032645762797114999/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4032645762797114999/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ6W0sjk3fwCFV5GHQkdmeYMvw&gqi=&layout=/sadbundle/%24csp%253Der3%24/4032645762797114999/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18332568827419972199/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18332568827419972199/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKCW0sjk3fwCFV5GHQkdmeYMvw&gqi=&layout=/sadbundle/%24csp%253Der3%24/18332568827419972199/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKKW0sjk3fwCFV5GHQkdmeYMvw&gqi=&layout=/sadbundle/%24csp%253Der3%24/11082872204613916311/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ-W0sjk3fwCFV5GHQkdmeYMvw&gqi=&layout=/sadbundle/%24csp%253Der3%24/11699188833985797144/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10271607261087679227/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10271607261087679227/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKOW0sjk3fwCFV5GHQkdmeYMvw&gqi=&layout=/sadbundle/%24csp%253Der3%24/10271607261087679227/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ2W0sjk3fwCFV5GHQkdmeYMvw&gqi=&layout=/sadbundle/%24csp%253Der3%24/11082872204613916311/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4032645762797114999/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4032645762797114999/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ6W0sjk3fwCFV5GHQkdmeYMvw&gqi=&layout=/sadbundle/%24csp%253Der3%24/4032645762797114999/index.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18332568827419972199/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18332568827419972199/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKCW0sjk3fwCFV5GHQkdmeYMvw&gqi=&layout=/sadbundle/%24csp%253Der3%24/18332568827419972199/index.html
date
Mon, 23 Jan 2023 13:22:06 GMT
x-content-type-options
nosniff
content-encoding
br
google-mediationgroup-id
-2,-2,340929,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126503
x-xss-protection
0
google-lineitem-id
6175175416,6175175416,-1,-1,-1,-1,-1,-1,-1,-2,-2,5408961803,5408961803,5408961803
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138416545192,138415682436,-1,-1,-1,-1,-1,-1,-1,-2,-2,138365038434,138346473324,138346439009
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.myjoyonline.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
63 KB
13 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2602712114810887&correlator=3578210338927976&eid=31071524%2C31071681%2C31071770%2C31071578&output=ldjh&gdfp_req=1&vrg=2023011901&ptt=17&impl=fifs&npa=1&iu_parts=213794966%3A1002554%2Cvuukle-widget%2Cmyjoyonline.com&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=250x250%7C272x391%7C272x360%7C300x250%7C300x50%7C312x260%7C320x50%7C320x250%7C320x320%7C320x100%7C327x272%7C335x250%7C336x280%7C360x360%7C360x250%7C364x303%7C364x373%7C366x305%7C366x375%7C366x359%7C372x250%7C374x250%7C375x375%7C384x320%7C387x359%7C400x300%7C400x250%7C412x412%7C414x414%7C468x60%7C480x300%7C600x410%7C600x400%7C600x300&ifi=16&adks=109319723&sfv=1-0-40&prev_scp=adInView%3D0-24%2525%26impressionViewable%3D0%26refreshIteration%3D0&eri=5&cust_params=amznbid%3D0%26amznp%3D0%26url%3Dhttps%253A%252F%252Fwww.myjoyonline.com%252Fcrypto-founder-charged-with-700m-financial-crimes%252F%26words%3Dcrypto%252Cfounder%252Ccharged%252Cwith%252C700m%252Cfinancial%252Ccrimes%26commit%3Ddeb96a281ec490c4c1393b617ae56cb66fa48b5a%26unblockia%3D0%26source%3Ddirect_internal%26CMP_accepted%3D0%26geo%3DDE%26device%3DDesktop%26order%3D7%26api_key%3D255be353-1ccf-4eea-af0c-86d618375550&sc=1&cookie_enabled=1&abxe=1&dt=1674480125697&dlt=1674480124212&idt=1043&adxs=498&adys=3250&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=11&ucis=g&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&frm=20&vis=1&psz=680x330&msz=680x0&fws=4&ohw=680&ga_vid=947933348.1674480125&ga_sid=1674480126&ga_hid=775647698&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
295841dcb3717c382240924d7ce2faf520db231dc63bb4c57f13d2883e12eb90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13626
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.myjoyonline.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202212211045/
216 KB
68 KB
Script
General
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/RNw7xiqRu-6_97G1pl1Hr7_2fbE/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:106b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b59e31aeaca17f052e5e16fa1713cb48d45997454c26ae2876302420b77751c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 21 Dec 2022 15:47:15 GMT
server
cloudflare
x-amz-request-id
0FFB18QNAARP6GSD
age
934571
etag
W/"fa407ba001f2ac06196124f41d523471"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
78e0d611bb622bc2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
DW2dGSr5+LiEQqc+1WKQPOfVXNujKuX8uqkd/xboOZb5ctxwFbudPVObP6wNBnc0m1iDqmh1cug=
dwce_cheq_events
log.outbrainimg.com/loggerServices/
4 B
325 B
XHR
General
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1674480125716&sessionId=7f3f49cd-f30b-5806-25b8-fc122abdff2f&url=www.myjoyonline.com&cheqSource=1&cheqEvent=0&exitReason=3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 13:22:06 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
dc06550fe8311a73cdd24138c6c91db6
Content-Length
4
Expires
0
get
odb.outbrain.com/utils/
8 KB
3 KB
Script
General
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&srcUrl=https%3A%2F%2Fwww.myjoyonline.com%2Ffeed%2F&idx=0&rand=8754&key=NANOWDGT01&widgetJSId=AR_2&va=true&et=true&format=html&adblck=false&abwl=false&clid=7f3f49cd-f30b-5806-25b8-fc122abdff2f&fdu=www.myjoyonline.com&px=282&py=4379&vpd=3179&cw=680&activeTab=true&ab=0&wl=0&settings=true&recs=true&version=201093&sig=80uOpzNR&apv=false&&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
316848fd6864eac58855efabad3212d893c4a500088863360c9fa1aa5b51a5db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Mon, 23 Jan 2023 13:22:05 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1674480126.777781,VS0,VE171
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21947-LGA, cache-fra-eddf8230072-FRA
x-traceid
8ba33ec54129e4b56b188824ed2f5aad
accept-ranges
bytes
content-length
3035
expires
Thu, 01 Jan 1970 00:00:00 GMT
dwce_cheq_events
log.outbrainimg.com/loggerServices/
4 B
325 B
XHR
General
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1674480125836&sessionId=7f3f49cd-f30b-5806-25b8-fc122abdff2f&url=www.myjoyonline.com&cheqSource=1&cheqEvent=2&responseTime=625
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 13:22:06 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
4058b99e850a18a3ced38417c782db3b
Content-Length
4
Expires
0
imp.gif
flint.defybrick.com/tracker/
43 B
79 B
Image
General
Full URL
https://flint.defybrick.com/tracker/imp.gif?e=37dfbd8ee84e00136deac33dea4688989225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163312714793d75066f578afe6d6e54719bd488ebd39e821da61c45085052aae2d05f91e4604299e5b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c82c1108f77f6aac91107ae9dceb17de50ae04eb9b1dc148d5cc79d62427d4cc66ca6f8281bef68debe64f2ba72fb5eef22b0560efd737c5bc43e5114109d5540882d7d4888fbc9227c32c90c6f5ae53df5f5b1aa35e64c3c2c01e7285ba75ac57e3c5189526ae29111e0e9b65ee5786c0fc2abbdd69c05ca9cfcbcb69ce010478e84b585c654173dca16fba4ed8cbcb25a89128fc8037c894e4b17982a7eb59616ec7e85447cbb20e5c4de1e7f43eb93d9aea01f2b677ec2dfe62cc02880984ea659a4f64fbbc8e746b6a72092b174e55ffb0cf338c10bd4452516ba4a645b4990411ffbad8a6bf6ec4f1e7ff8fe4b2f74b4e20e64186b2457380456107ca605b7170eb7daf7474def992718072a35099b73e9faa0798671d647110761780d2a78e7e3d00d86b1ad08d9de2ee9d410fdaf2f8288add303bcad81271&cb=1674480125835&cri=LZu8WG0UCh
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
date
Mon, 23 Jan 2023 13:22:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
achoice.svg
widgets.outbrain.com/images/widgetIcons/
990 B
1 KB
Image
General
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.48.1.62 Warsaw, Poland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-1-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:05 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
990
expires
Wed, 22 Feb 2023 13:22:05 GMT
l
mcdp-nydc1.outbrain.com/
2 B
330 B
Fetch
General
Full URL
https://mcdp-nydc1.outbrain.com/l?token=bc3b0f716a0272525f69da6984c70d0c_4853_1674480125901&tm=1029&eT=0&widgetWidth=680&widgetHeight=40&widgetX=283&widgetY=4388&wRV=201093&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=2&rtt=239&oo=true&lo=1624&odbreq=2507&odbres=2745&cet=4g&to=1674480123212&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 23 Jan 2023 13:22:06 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
b8538ee6e80b57144b4d7f94766b0cce
Content-Length
2
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
streamFeed.js
widgets.outbrain.com/nanoWidget/201093/module/
254 B
487 B
Script
General
Full URL
https://widgets.outbrain.com/nanoWidget/201093/module/streamFeed.js?e=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.48.1.62 Warsaw, Poland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-1-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
29df7fd6da53951538dc5574ee2fe9c88b153ab07cc021935c79f240cc92e232

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:05 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 11:45:53 GMT
server
AkamaiNetStorage
etag
"092494171901154cb7a1779f39bfb00a:1674476189.379743"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
158
expires
Mon, 30 Jan 2023 13:22:05 GMT
ob_logo.svg
widgets.outbrain.com/images/widgetIcons/
7 KB
8 KB
Image
General
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo.svg
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.48.1.62 Warsaw, Poland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-1-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
21a924ac651ba65e51a5c9b5ae4b51453eb9b957d5990001a85960df95603d13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:05 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"b79638966e0374c455e78107aee59bf4:1673369411.171576"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
7647
expires
Wed, 22 Feb 2023 13:22:05 GMT
get
mv.outbrain.com/Multivac/api/
40 KB
15 KB
Script
General
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&settings=true&recs=true&widgetJSId=AR_2&key=NANOWDGT01&version=201093&apv=false&sig=80uOpzNR&format=html&rand=80473&osLang=en-US&seid=null&va=true&et=true&cmpStat=0&ccpaStat=0&srcUrl=https%3A%2F%2Fwww.myjoyonline.com%2Ffeed%2F&scrW=1600&scrH=1200&t=YmMzYjBmNzE2YTAyNzI1MjVmNjlkYTY5ODRjNzBkMGM=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=0&lastCardIdx=0&fAB=11741-81572&layeredTestInfo=11741-81572-,12475-0-&clss=KQv0z%2BNeGhNzqz4x6SYAwzwh5tqFPNfX81kXWmBFV04p23eawu8E7%2FwYY%2FXCXBhL32QceWhlcaFskEjk&dpr=1&cw=680&activeTab=true&ogn=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&chs=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0442e583ad9a6d123e1e573251e6a59cc28e49dbb9a9fb7b6d22e2d206ba47e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Mon, 23 Jan 2023 13:22:06 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1674480126.013039,VS0,VE317
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21978-LGA, cache-fra-eddf8230072-FRA
x-traceid
a01ec962b16ce843829469750a738d3d
accept-ranges
bytes
content-length
14882
expires
Thu, 01 Jan 1970 00:00:00 GMT
esp.js
oa.openxcdn.net/
24 KB
8 KB
Script
General
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 20:50:09 GMT
content-encoding
gzip
age
1355517
x-guploader-uploadid
ADPycdt6iN4_QwReAjSC_LRG7vKFAXTDxCKMV2GXbUWI2CZkbUxvp16CdJB4GM5IU0zxTYK5GU9096eqDzRaDtbKrSxd5sgqSB-S
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sun, 07 Jan 2024 20:50:09 GMT
esp.js
cdn.id5-sync.com/api/1.0/
58 KB
17 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc871e89201aa44e7380e81e7f7846c4164e5a5d3374ba722a90e518ad48feae
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:06 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 18 Jan 2023 10:47:58 GMT
server
cloudflare
x-amz-request-id
NPZFXVM5EKAPNQ60
age
761
etag
W/"854d94282c6b6d99cd8ba33bb311e621"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
78e0d6147ed890d7-FRA
x-amz-id-2
OyThmasQo51MF69Vjk+l2Um7dOmTHgAYEBGdLRCRPp+Biw7SMcopnaufyud3BQfcwV8FrCH00ec=
publishertag.ids.js
static.criteo.net/js/ld/
39 KB
13 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
7ea9327b36f8ea3355ad8a33cf7bd5735cbf2e11ed96744279181a0fedd2401e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 18 Jan 2023 01:20:50 GMT
server
nginx
etag
W/"63c74972-9c1f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 24 Jan 2023 13:22:06 GMT
container.html
cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2E6E
6 KB
3 KB
Document
General
Full URL
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 13:22:05 GMT
expires
Tue, 23 Jan 2024 13:22:05 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
increment
id5-sync.com/api/esp/
0
328 B
XHR
General
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.myjoyonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.myjoyonline.com
date
Mon, 23 Jan 2023 13:22:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
syncframe
gum.criteo.com/ Frame 667D
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.myjoyonline.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 13:22:05 GMT
server
Kestrel
server-processing-duration-in-ticks
454912
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&rid=esp&cc=1
85 B
203 B
Fetch
General
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&rid=esp&cc=1
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
e59d3cc476240f7149f0e89f45fe8a0d9c2271a9d4c3d1e4eb112269a7b4292a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:06 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-Pgz13ipzThbHF8TwOvyLWO0xqNw"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.myjoyonline.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Mon, 23 Jan 2023 13:22:06 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.myjoyonline.com
location
/esp?url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/ Frame 5E97
5 KB
3 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/index.html
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb124e502b5c41e197d70daf1372272b4f6c7ebe8ce427f6921db3345b0eaeae
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
67564
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1667
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Sun, 22 Jan 2023 18:36:02 GMT
expires
Mon, 22 Jan 2024 18:36:02 GMT
last-modified
Mon, 19 Dec 2022 14:46:22 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
B29090062.355225907;dc_pre=CIe4-cjk3fwCFSPOEQgdL8ICbw;dc_trk_aid=546295868;dc_trk_cid=184451307;ord=1138718664;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/ Frame 2E6E
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355225907;dc_trk_aid=546295868;dc_trk_cid=184451307;ord=1138718664;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355225907;dc_pre=CIe4-cjk3fwCFSPOEQgdL8ICbw;dc_trk_aid=546295868;dc_trk_cid=184451307;ord=1138718664;dc_lat=;dc_rdid=;ta...
42 B
118 B
Fetch
General
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355225907;dc_pre=CIe4-cjk3fwCFSPOEQgdL8ICbw;dc_trk_aid=546295868;dc_trk_cid=184451307;ord=1138718664;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.180.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:06 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355225907;dc_pre=CIe4-cjk3fwCFSPOEQgdL8ICbw;dc_trk_aid=546295868;dc_trk_cid=184451307;ord=1138718664;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 2E6E
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C_4oL_YnOY_XeKtaR9fgPnNCekA76zKzObs38y97fENvZHhABIL2Lt39gleKQgqAHoAHF6pm5AsgBCakCh0FETJ02sj7gAgCoAwHIA0iqBNACT9DhD0YghBDdDZz-RULe80yAeiSsL7-oeVathA8XvXBf8MPjzVIeHY0ZOZ4MAHIGtri6-Md4iPvrj3NwQ9TKd8TnimBp0CXgRxJaRXyt6YSS8O2YRdX4QydoiM7_5f9vxUwHHvwtyOvBgmzfUP48YM8hWOvVkxDT6lK7wrjSyK-L94bUgnegUAUIMi0OyUfTHGM_0C-LTgaztYD7lVSL4JarjTPeYQTR2k0K_hUdXnBoUAfhz3Va3_WklAXZA_S1c8JcCyMkC1_X65389N0C1o6HovUsXkgYn0UHt2fDeGElEW6IjTePbFFFhXDIWgabVc0B98N5Pd6bgfTPBwZJBCsyspt_NevdoRBn2LcLl5lI47tDV1ZsSZ9edNaPVLAXfr49F-I6TH_5DEaPtuI0G_2eCHNpVMoWJ_R3S14KNxchhjU7W4SyT050D3rqCe-8wATdq8_JmgTgBAGgBi6AB6OV5sYBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQj8oV0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEwPQFQGYFgGAFwGyFx4KHAgAEhRwdWItMTUyMDk2MDMwNTgxNDA1NBju5nc&sigh=zq3sJ9sIaYU&uach_m=[UACH]&cid=CAQSSwDq26N9S4YUdO3BYO9XW3OtLTJ9t7Q_dTD-KrgRL8w9E-m2DGdJ2B5ZMBfptCzTJIYpOcNLc509WvRs7xYSTHvfgxea3YY2yF46phgBIBM&template_id=419
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/ Frame 2E6E
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite_fy2021.js
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:22:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
17950
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8872
x-xss-protection
0
server
cafe
etag
4731094640903799552
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:22:56 GMT
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/
1 KB
2 KB
Script
General
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 12:45:46 GMT
via
1.1 google
age
2180
x-guploader-uploadid
ADPycdthv8Nv40EZrivxwSLSEwgBVOXZnKuOrzMArf1n9Pg57odvJXG0tgli91vKrciZQdQ7JV-jFZ6RH9YDzodir6-FbxPYMZTs
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1258
last-modified
Fri, 29 Jul 2022 16:55:09 GMT
server
UploadServer
etag
"f5bc066f146e3dbb049aa6c86c7012e6"
x-goog-generation
1659113709880056
x-goog-hash
crc32c=6QojvA==, md5=9bwGbxRuPbsEmqbIbHAS5g==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
1258
accept-ranges
bytes
expires
Mon, 23 Jan 2023 13:45:46 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/
32 KB
10 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4ea737ac05e8ee5e490220d97b820834c18cd7c6f1da7d85007a51a5c64425df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 06:09:55 GMT
content-encoding
gzip
via
1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
last-modified
Thu, 05 Jan 2023 20:08:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
25939
x-amz-server-side-encryption
AES256
etag
W/"87ee016ad429d1c83712b8d81ccb3c59"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
rZ140LeUxStb6LDKqG8_r4xdlux6YNJVNBOZ2I2TMKHYypeCzlJFBg==
uid2SecureSignal.js
cdn.prod.uidapi.com/
2 KB
2 KB
Script
General
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:ea00:a:e047:752:5701 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 04:07:40 GMT
Via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
Last-Modified
Mon, 23 Jan 2023 04:07:36 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA6-C1
Age
33267
ETag
"aded621b17723f487b3c9d0e43cf2f94"
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1859
X-Amz-Cf-Id
EB-3VnfJgMyo7wxsZFa_hsEG2igECWtpOJbVQ7CYfOPuzkbkARQtEQ==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/
732 B
1 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
15973
x-jsd-version
master
content-encoding
br
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230064-FRA, cache-yyz4527-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HgwqIexlOnDshxplbFV1QmzPSoLxisvnT03MbqOGB1WMzohvPr3A3WiFDElw3xJBDBd9B1IcMEfARiYBZWkVNuKf7cSXud%2BUeyPJjXv13YQoxFr%2Fl693zHOBkBteKZKCbK4OtdZzNKHbV81drg4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
78e0d61588778fc5-FRA
sid
mug.criteo.com/ Frame 667D
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=myjoyonline.com&sn=ChromeSyncframe&so=0&topUrl=www.myjoyonline.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=JDtoYXwvM1Y0bE94N2xWRFJieGdYNnpMTUJGUGhDRDk2Q1JLSEhDMmR6cEw2UHQ0c3U3L3dUMUorYTlLZnJlSUFZN0ZkZlNYVFRSWEk2VFN2K1BkTXlOQndtUzhzdU4zWmVwanRIVVdlQlRWaHo3andkeEZZUy9XSCtjQV...
438 B
654 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=JDtoYXwvM1Y0bE94N2xWRFJieGdYNnpMTUJGUGhDRDk2Q1JLSEhDMmR6cEw2UHQ0c3U3L3dUMUorYTlLZnJlSUFZN0ZkZlNYVFRSWEk2VFN2K1BkTXlOQndtUzhzdU4zWmVwanRIVVdlQlRWaHo3andkeEZZUy9XSCtjQVpjMDhFYnRkTjVkdnNKWG83SVc4Q29PeW1ZK0czOFJEOFlpVVRUZnhvVlFmem4zQ1hYVTlxZEtOY04zRVdQTTN2MDF2VHhNMENaa2lkR0VtSFJrRnVzK0g4ZkFkTDY0UHZLZ3UzQ28vVkx1bkxmWk84R3gxekkvRlJJSHZDL1lzTDBKNFg3N0xsTW1MRk9oM3pYUE8rclBSTncybzl4dz09fA&cppv=2
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
02facac25a9b9aa870afbce0a2ecc154628feaba4da736208340e7335b775f30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:05 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2856601
expires
0

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:05 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=JDtoYXwvM1Y0bE94N2xWRFJieGdYNnpMTUJGUGhDRDk2Q1JLSEhDMmR6cEw2UHQ0c3U3L3dUMUorYTlLZnJlSUFZN0ZkZlNYVFRSWEk2VFN2K1BkTXlOQndtUzhzdU4zWmVwanRIVVdlQlRWaHo3andkeEZZUy9XSCtjQVpjMDhFYnRkTjVkdnNKWG83SVc4Q29PeW1ZK0czOFJEOFlpVVRUZnhvVlFmem4zQ1hYVTlxZEtOY04zRVdQTTN2MDF2VHhNMENaa2lkR0VtSFJrRnVzK0g4ZkFkTDY0UHZLZ3UzQ28vVkx1bkxmWk84R3gxekkvRlJJSHZDL1lzTDBKNFg3N0xsTW1MRk9oM3pYUE8rclBSTncybzl4dz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
568638
content-length
0
expires
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012301041800000/ Frame 1C49
221 KB
61 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012301041800000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4e7f21914210e4d6da2b44cc05a554cdd1e538ee43e1d4dc5d6e6a1f1ee1282
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 17 Jan 2023 18:07:13 GMT
age
501293
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61740
x-xss-protection
0
server
sffe
etag
"8e9029bac2b10828"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 17 Jan 2024 18:07:13 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012301041800000/v0/ Frame 1C49
15 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012301041800000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
885cb07503e088de00e0b1502940db47d59817caf2a3e35e1f92432d48d6f8fe
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 23 Jan 2023 04:30:41 GMT
age
31885
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5230
x-xss-protection
0
server
sffe
etag
"98e8559bf0300638"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Jan 2024 04:30:41 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012301041800000/v0/ Frame 1C49
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012301041800000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6629584f62feeb6b024b50fae7e99ed6bec9942ce434c8163e2d627f1253dbb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 17 Jan 2023 18:07:13 GMT
age
501293
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28829
x-xss-protection
0
server
sffe
etag
"80143a542ab189b2"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 17 Jan 2024 18:07:13 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012301041800000/v0/ Frame 1C49
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012301041800000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9ed6c0cdb54ddeb561369fa2f9748cd0dcba457ba2cd0cb1955cf48387bcf2a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 17 Jan 2023 18:07:13 GMT
age
501293
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1904
x-xss-protection
0
server
sffe
etag
"c26873ae23a2dfcc"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 17 Jan 2024 18:07:13 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012301041800000/v0/ Frame 1C49
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012301041800000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f239f3f5ba2fe8def7ffc52c0268cfb1cbd362214823676459daa279370a9cfa
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 17 Jan 2023 18:07:13 GMT
age
501293
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12956
x-xss-protection
0
server
sffe
etag
"a53f7d5e2894160e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 17 Jan 2024 18:07:13 GMT
css
fonts.googleapis.com/ Frame 1C49
8 KB
895 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 23 Jan 2023 13:22:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 23 Jan 2023 12:01:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 23 Jan 2023 13:22:06 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1C49
2 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 07:59:50 GMT
x-content-type-options
nosniff
server
cafe
age
19336
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 24 Jan 2023 07:59:50 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1C49
295 B
371 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 07:59:50 GMT
x-content-type-options
nosniff
server
cafe
age
19336
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 24 Jan 2023 07:59:50 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 1C49
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C9evI_YnOY8iJL6CE9fgP15Kj8AyBv_HKbsbIp9fSEIfRor3AARABIO7-ikpgleKQgqAHoAHI8OnmKMgBCeACAKgDAcgDCqoEkgJP0LnnHUgJR6fiNTWap1HHlNRjjfRC8shy29EEcor5OBAIHsLAkJGoHx-j8xdY7_PcJyrVHcoYvFcrIARv1WHSQuSvrnACIsJXK-Q7OASCk8Aoma3cVZ2NdPrrPPg6L2cS6lPEFUN2MHNdffwQxjTbfi7Ym90anVB073h7s-lPc1atf-IGVTUNAn3PY_nPrvqreLDhDqbmByv5zrAhenxS7jPxNKeFMVs_ltYDT0e5qoPgP7sb9prFGgbl2YhnY9Sm-7aykOxRHbPzygoztE0ObiAbDK3ZK7YG8nsomCCUMdeTuZ-Le3-lQ-dRk1W2JmC53dkt6_KqSta84KEs3-Qbm6qVgkOR62yc1l63l2hGyU32wATcgcL7mwTgBAGSBQQIBBgBkgUECAUYBKAGLoAHyKi6xgOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCP2AbSCBEIgOGAcBABGB0yAusCOgKAQPIIG2FkeC1zdWJzeW4tOTcxMzQ0MDg1Njk3OTM4OYAKA8gLAdgTDogUAtAVAYAXAbIXHgocCAASFHB1Yi0zNDk0NTIwNDY4Nzg4NTg5GIanJQ&sigh=mPf59Z3JDt4&uach_m=[UACH]&cid=CAQSSwDq26N9uY33tkKxDaibeQ83BWRyY_xO631X-qsrQ90jrcr4vfUwd4CT5I87yBW4zIP8Y-F9k_SbVQ5Yx3MnLeBl3GegXUydwe55VBgBIBM&template_id=5000
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

14763004658117789537
tpc.googlesyndication.com/simgad/3400002891777714959/ Frame 1C49
44 KB
44 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/3400002891777714959/14763004658117789537?w=600&h=314
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13e2b5e5c58a7a8cb3b129ecaa13d328281bde70bdf8c19b5cd49b153674aa89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 01:00:48 GMT
x-content-type-options
nosniff
age
476478
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44735
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 14:57:31 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 18 Jan 2024 01:00:48 GMT
truncated
/ Frame 1C49
206 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 1C49
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 1C49
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
79b650003f7c3ecf029f8ee7ec2f18aeeda579c0c2f3fc47ec54804b50d81a7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
map
bcp.crwdcntrl.net/6/
60 B
337 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.104.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-104-103.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
0bca4238f408dc08f0135616a2fefa2f9db2a40f387062b4c73c93fe7bd43719

Request headers

Referer
https://www.myjoyonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:06 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.myjoyonline.com
cache-control
no-cache
x-server
10.45.20.97
access-control-allow-credentials
true
content-length
60
expires
0
reel.js
widgets.outbrain.com/nanoWidget/201093/module/
27 KB
9 KB
Script
General
Full URL
https://widgets.outbrain.com/nanoWidget/201093/module/reel.js?e=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.48.1.62 Warsaw, Poland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-1-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
306ca3d9ad2199935025f75ce63e91d1dbfb943dce0209fecffb85b5fb1d85b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:06 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 11:45:53 GMT
server
AkamaiNetStorage
etag
"d177d86bab4321ee0c69fbf460750afd:1674476178.956175"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
8687
expires
Mon, 30 Jan 2023 13:22:06 GMT
l
mcdp-nydc1.outbrain.com/
2 B
330 B
Fetch
General
Full URL
https://mcdp-nydc1.outbrain.com/l?token=490fed35aa5c7fe97a36737150772229_4853_1674480126221&tm=1414&eT=0&widgetWidth=680&widgetHeight=453&widgetX=283&widgetY=4524&wRV=201093&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=342&oo=true&lo=1624&odbreq=2507&odbres=2745&mvreq=2786&mvres=3130&re=3132&cet=4g&cs=1&to=1674480123212&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 23 Jan 2023 13:22:06 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
db60949d0ebd07fc6cd2aaa143a6bb49
Content-Length
2
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/ Frame E4D5
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:22:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
17950
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8872
x-xss-protection
0
server
cafe
etag
4731094640903799552
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:22:56 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame E4D5
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:22:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
17950
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:22:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E4D5
155 KB
48 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 13:22:06 GMT
7766120503777531736
tpc.googlesyndication.com/simgad/ Frame E4D5
88 KB
88 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/7766120503777531736
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8dabbe9a72646731da94581f6de8704d4a020deb7a456aa868583d2020385c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 12:07:05 GMT
x-content-type-options
nosniff
age
4501
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
90110
x-xss-protection
0
last-modified
Fri, 09 Dec 2022 13:44:35 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 23 Jan 2024 12:07:05 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/ Frame D2AB
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:22:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
17950
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8872
x-xss-protection
0
server
cafe
etag
4731094640903799552
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:22:56 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame D2AB
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:22:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
17950
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:22:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D2AB
155 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 13:22:06 GMT
2863772282946991659
tpc.googlesyndication.com/simgad/ Frame D2AB
13 KB
13 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/2863772282946991659
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b759c4ab19d3efbd9690a76f96a8905734e104aaa98104f91c3fd3cfa0b154d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 11:19:54 GMT
x-content-type-options
nosniff
age
7332
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13276
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 09:53:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 23 Jan 2024 11:19:54 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 1C49
28 KB
28 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.myjoyonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 17:04:17 GMT
x-content-type-options
nosniff
age
73069
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 Jan 2024 17:04:17 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E4D5
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEkA17CjKZooF9hvuxd4-fJwvXJZrHw-lrZuECWhrw1auLzLicwVXtgC5uZAYFFGL0nz_uEpYWWLHRV0b_fKh3JuYEzfPC8tSEpDcWuSTJnzrBlZhN_H5n_pXj3rkIIdEX5c8lPWLHjrOPzlGWAGplmgRZLSlQn3kizeYAMhA22P5C2NvITbSeCm58_GYvX3C2cMHkwr-qlyi9b1yIGguhgmAu5eAazZVxCOSBLwvlT74S8ekNUyyuxJI826XeFTXlxTEb7jhWaeHVlGiuqmPov768WK0Zs-QAaGDJabQecu6zxPt0WxIp6bQF9pgXO-8wp2q9vfuMXhlDgeFEyqWECYNJzbLx9yw8AH9XbA0&sai=AMfl-YSPi1ou_tACCqD1m7vS8kxirw4ZEXDXL8VCiqktoE49wzLY8WFvLygPO3H9hs17meVROQlXojkn6UtXkiAi0zjH48nxB20TxLehVL4909hH3wnmMD6k6jWXutioeX-_M0O6nZhjUTHNZSEK76NvsBE&sig=Cg0ArKJSzNZ6y6I12PEUEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame D2AB
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1xWiDasjQyGFjd5m3jS7UFUZemaajFj5HDeaE3Q3Wcz_zvyXekdDoI6VzyK8oQMUkn0FwIqG0HrtkMhEsFGVha5DuAsfIiHUb94JgUJibI1lO6-BR4jARxzICh32v6C5-16jE1PdrP-NG3JvdDNgfEKwA51i0L0YKnMm2XWWK7u0ey9IFQq1ObkBnpbwXQ9ALYtkR0Z0l1TPPXwesrZy7dbHGEhOKYLILRzSWfx7kcqKpWxHMsBmtlKYeCiaXqEzWSxzsDxJ1l2lXL6YlENYtE8BG_BCWXbCP6QGn2-Qu9pMRPPRFcj-aWf_uAqvRpd6DVB6N9L_DV5l89SiWYNwVEsg9kVeKVqS1UnZssspTnFxr&sai=AMfl-YT23-hZzHiroshq6OUzn-z7wLerzesOFi1opetFKT8Y-J4T-4g5JMyTlH97FG7VelzbUMgArsztby9eDu7e66inbfC6U41olhOLyHDGgT1ZCZ2l5OakE1KK-da0-D4k3gL0t_2-cItx5j125zQAryw&sig=Cg0ArKJSzMkf0YxbPQCvEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 5E97
6 KB
3 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 21:29:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
57165
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2551
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 23 Jan 2023 21:29:21 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 5E97
34 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:16:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
18345
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 24 Jan 2023 08:16:21 GMT
tweenmax_2.1.2_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 5E97
113 KB
40 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.1.2_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39910
x-xss-protection
0
last-modified
Mon, 11 Mar 2019 14:29:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 Jan 2023 13:22:06 GMT
main.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/ Frame 5E97
6 KB
3 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/main.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43ea858dc40003ac8d46371ae15982f7c73c789baf54845c0b46f537eea5335e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 21 Jan 2023 01:52:28 GMT
age
214178
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2617
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 14:46:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 21 Jan 2024 01:52:28 GMT
container.html
cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9ACB
6 KB
3 KB
Document
General
Full URL
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 13:22:05 GMT
expires
Tue, 23 Jan 2024 13:22:05 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2730
6 KB
3 KB
Document
General
Full URL
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 13:22:05 GMT
expires
Tue, 23 Jan 2024 13:22:05 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame B35C
145 KB
49 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2500680891621702
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d6e787517953114e08766e46d5941979cd8d599478ccf48ebb400bd3752aee14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Origin
https://www.myjoyonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49781
x-xss-protection
0
server
cafe
etag
16402368305279763336
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 23 Jan 2023 13:22:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B35C
155 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 13:22:06 GMT
container.html
cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F9A9
6 KB
3 KB
Document
General
Full URL
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 13:22:05 GMT
expires
Tue, 23 Jan 2024 13:22:05 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 566D
6 KB
3 KB
Document
General
Full URL
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 13:22:05 GMT
expires
Tue, 23 Jan 2024 13:22:05 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B34D
6 KB
3 KB
Document
General
Full URL
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 13:22:05 GMT
expires
Tue, 23 Jan 2024 13:22:05 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E376
6 KB
3 KB
Document
General
Full URL
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 13:22:05 GMT
expires
Tue, 23 Jan 2024 13:22:05 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C06F
6 KB
3 KB
Document
General
Full URL
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 13:22:05 GMT
expires
Tue, 23 Jan 2024 13:22:05 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 12C2
6 KB
3 KB
Document
General
Full URL
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 13:22:05 GMT
expires
Tue, 23 Jan 2024 13:22:05 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 9B90
145 KB
49 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2500680891621702
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49e275caaee055806019f4c243af3f7be40d7b779ca9ab0fc29f72828c2e2a1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Origin
https://www.myjoyonline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49865
x-xss-protection
0
server
cafe
etag
7619243160112071788
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 23 Jan 2023 13:22:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9B90
155 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 13:22:06 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B35C
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvLZ4XQMJZ3zrTOdNLWgD7WAItYNjUNhePYvOEwQIIpG9pP8xET-BysXI5N8XdO0Nf9gViB-O2zUG7NJCAy0rZVF3FZdtOaoLPmtYz4queoZKgMYAOhSSeHiUH1HxIIiZkw-83MPf-HXER9NZK8HRO9RSO7prIJOAnmqMBBP8VwlciIkA7YbBHf7nErM1cQItiIgHf-7tdQqAxKIZORhcGBlWYjwMkO-DBo8U0t0R7R8JV54Y6bsbu0T55Gkin9w3QXceLzanaqaCQoURQrFYrzsRm32TklTeTqIgSzgxTmdBYOiTa3dDT-kJH96eh939ai6H0DH8u2Ol6mMysiQbCLqjdcL_virugK2JtUrFtETHCz&sai=AMfl-YQMPjnUME80sZ8LdZpYvGZBsS8aDqEgM0hQuytAuOJwheIqp7z-gPw2SgaTS8B97Kd8XkG8zMCB071Fiv-aDpy537hUEBkPso0ClQ-6iD9E2Z00rpTx7iATYbXv0J1KEg5VcJ-SVslWFLzxynM_T1c&sig=Cg0ArKJSzENhIv6AOA-mEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 9B90
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmCPPiaW_o1B4z6y4uFfI1xE1xsnH2iMSnwFIYbeBvVfl-VyFNAOpEslbhM5swM3POnf6KUTgWm5uArXvWf1_8xJVmTLwFvNL80oqh0shB0d41XewpOYTvp6-MI9OzCcobmfuhr5nvtENUK1b3zhsaNHYxm3Jd2O0H-tiLzHZqLUu7GzVADBEYcHaPRnAwygzXxPb8fpikEpBK-_FvmlpvsoVJjBPjyU_j2Amhr1_BKyBbNdLgXSO--cWrwSZ47714weOip_sms-3uHYPrtlNEoKcX82kMFfrlweT-L69BhwDrVEExH5i9jrwKK4s-qLj78u1Gr0L_xKr72mUeu_NsXi3xzi1etA7MDe4jxrbouf_S&sai=AMfl-YTYrPh-HSzxuvWORYmhLv6-OvYmuGYO_K1U3hxBVSBh7yMq2JHGeg0jVZwJA2qEG-cHQMROKU85Im9Imes8YR-IKSdeocak6bkisBYKLQmKJ8B72Q4NRhqbDNn2CfOoSfIyLvMQzt4JZD9n5FI8bVs&sig=Cg0ArKJSzPgEosoCjEj1EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
encrypt
esp.rtbhouse.com/
265 B
360 B
Fetch
General
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
f809897f96b55f10da7d6f752fcfd2a818611c9dc60e35e4c62789c3a2b958d5

Request headers

Referer
https://www.myjoyonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 23 Jan 2023 13:22:06 GMT
via
1.1 google
server
Google Frontend
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
3849246abf9ecda227369e14aa96640e
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
265
encrypt
esp.rtbhouse.com/ Frame
0
0
Preflight
General
Full URL
https://esp.rtbhouse.com/encrypt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.myjoyonline.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://www.myjoyonline.com
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Mon, 23 Jan 2023 13:22:06 GMT
server
Google Frontend
vary
Origin
via
1.1 google
x-cloud-trace-context
a9b16d952b7598320dd6f7d8996292ce
s
googleads.g.doubleclick.net/pagead/drt/ Frame 14D9
143 B
476 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1824
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 12:51:43 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 2E6E
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:22:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
17950
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:22:56 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 2E6E
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:22:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
17951
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7515
x-xss-protection
0
server
cafe
etag
5914713042212191929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:22:55 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 9ACB
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 07:30:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
107482
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 22 Jan 2024 07:30:44 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 9ACB
144 KB
49 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2500680891621702
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba3584761276f82a3dd827aa73faefcdad890c7472fdc47552af746cfe8a4198
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
Origin
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49643
x-xss-protection
0
server
cafe
etag
15240366181480384339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 23 Jan 2023 13:22:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9ACB
155 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 13:22:06 GMT
css
fonts.googleapis.com/ Frame 2730
8 KB
716 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 23 Jan 2023 13:22:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 23 Jan 2023 11:55:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 23 Jan 2023 13:22:06 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230111_RC00/ Frame 2730
14 KB
3 KB
Stylesheet
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230111_RC00/outstream.min.css
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 08:22:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
190752
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Wed, 11 Jan 2023 11:45:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Jan 2024 08:22:55 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230111_RC00/ Frame 2730
391 KB
132 KB
Script
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230111_RC00/outstream.min.js
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ba3de99116648e15b945f844918e44b4c409a558d28e20119538bea2eab41c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 08:22:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
190752
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
135245
x-xss-protection
0
last-modified
Wed, 11 Jan 2023 11:45:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Jan 2024 08:22:55 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 2730
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:22:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
17951
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7515
x-xss-protection
0
server
cafe
etag
5914713042212191929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:22:55 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2730
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 07:30:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
107482
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 22 Jan 2024 07:30:44 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/ Frame F8C8
5 KB
2 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/index.html
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfcf65d9367265634451d5ea043d0f33e1fef98d8595a7e86085dde04b392cab
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
323970
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1668
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Jan 2023 19:22:36 GMT
expires
Fri, 19 Jan 2024 19:22:36 GMT
last-modified
Mon, 19 Dec 2022 13:55:24 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/ Frame F9A9
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite_fy2021.js
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:22:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
17950
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8872
x-xss-protection
0
server
cafe
etag
4731094640903799552
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:22:56 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4032645762797114999/ Frame 3EE5
5 KB
2 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4032645762797114999/index.html
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb124e502b5c41e197d70daf1372272b4f6c7ebe8ce427f6921db3345b0eaeae
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
300083
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1667
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 02:00:43 GMT
expires
Sat, 20 Jan 2024 02:00:43 GMT
last-modified
Mon, 19 Dec 2022 14:46:25 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/ Frame 566D
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite_fy2021.js
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:22:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
17950
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8872
x-xss-protection
0
server
cafe
etag
4731094640903799552
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:22:56 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/ Frame B4E0
5 KB
2 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/index.html
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfcf65d9367265634451d5ea043d0f33e1fef98d8595a7e86085dde04b392cab
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
323970
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1668
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Jan 2023 19:22:36 GMT
expires
Fri, 19 Jan 2024 19:22:36 GMT
last-modified
Mon, 19 Dec 2022 13:55:24 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/ Frame B34D
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite_fy2021.js
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:22:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
17950
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8872
x-xss-protection
0
server
cafe
etag
4731094640903799552
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:22:56 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18332568827419972199/ Frame 3BFF
5 KB
2 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18332568827419972199/index.html
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfcf65d9367265634451d5ea043d0f33e1fef98d8595a7e86085dde04b392cab
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
323484
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1668
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Jan 2023 19:30:43 GMT
expires
Fri, 19 Jan 2024 19:30:43 GMT
last-modified
Mon, 19 Dec 2022 13:55:10 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/ Frame E376
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite_fy2021.js
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:22:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
17950
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8872
x-xss-protection
0
server
cafe
etag
4731094640903799552
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:22:56 GMT
truncated
/ Frame E4D5
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f47a168c119b80b9e37a9c4a111613a12a9421de72b76c6a3c619938c90b892

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D2AB
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b14b907fe270bf246c22573b3d013b17ad3414dd60718c152dfa6f872d62bc51

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
px.gif
fundingchoicesmessages.google.com/img/
43 B
69 B
Image
General
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=2.774866609628355
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HY4RD1a5r0lAxfaX_K0N8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:06 GMT
content-security-policy
script-src 'report-sample' 'nonce-HY4RD1a5r0lAxfaX_K0N8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="ContributorServingDetectionHttp"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorServingDetectionHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingDetectionHttp/external"}]}
content-type
image/gif
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/
43 B
68 B
Image
General
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=2.7643132824680654
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RXwcYEwFvMVFGBXpsTMvxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:06 GMT
content-security-policy
script-src 'report-sample' 'nonce-RXwcYEwFvMVFGBXpsTMvxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10271607261087679227/ Frame 63E9
5 KB
2 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10271607261087679227/index.html
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb124e502b5c41e197d70daf1372272b4f6c7ebe8ce427f6921db3345b0eaeae
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
42544
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1667
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 01:33:03 GMT
expires
Tue, 23 Jan 2024 01:33:03 GMT
last-modified
Mon, 19 Dec 2022 14:46:17 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/ Frame C06F
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite_fy2021.js
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:22:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
17950
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8872
x-xss-protection
0
server
cafe
etag
4731094640903799552
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:22:56 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/ Frame F93E
5 KB
2 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/index.html
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb124e502b5c41e197d70daf1372272b4f6c7ebe8ce427f6921db3345b0eaeae
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
67565
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1667
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Sun, 22 Jan 2023 18:36:02 GMT
expires
Mon, 22 Jan 2024 18:36:02 GMT
last-modified
Mon, 19 Dec 2022 14:46:22 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/ Frame 12C2
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite_fy2021.js
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:22:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
17951
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8872
x-xss-protection
0
server
cafe
etag
4731094640903799552
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:22:56 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E4D5
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstB3nY2dNVkveyLMT_xu5aHrexqroqxvAuf-i_mOktnHZQbkD64agjEmNk5pNUXXdAwru0RrkUAQwXboXWtmoO1d5IMBzIUhEIWMUs4fvfjq-F5QPwWdw50gOdKT19ho4KcAyZquHo185jxWc1PqJQShNLctZnH_mKRXKHguCsLWROjvFxBY5wVEGhcOhBp34yEuvlgan2pLOBlzU1DgiU1DVWV4Krq2hNUHtpgQkZqenXta689YaiX8x4NczG2ncu4E0ftiNGDG1-mm1XtYlJ6mTMrWrv6X-1fCOzHnm33PhJ6ZZU5worBBLBmByBNz4pXz-nafPEAImzbR2sT2eZyjUaraisyuyFkoT7acWi6mg&sai=AMfl-YSUfC_1ktccRYZbwwJ2mVT35xmZp_W44CtDR7YV9DjlOCyO0QpkaV8FZvUkzpC_uK66XgtvcVe7xAJSvjuCJl_DAQXw0pipKd4WC5O5lZZEsXFZpXvdSH7sRRGi_AUr8w0GVf2M-A4EN754S9CKVVA&sig=Cg0ArKJSzGWeuWAkreMPEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 23 Jan 2023 13:22:07 GMT
B29090062.355224557;dc_pre=CMqNo8nk3fwCFSrzEQgdcRgFXw;dc_trk_aid=546418159;dc_trk_cid=184123079;ord=2591882938;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/ Frame F9A9
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355224557;dc_trk_aid=546418159;dc_trk_cid=184123079;ord=2591882938;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355224557;dc_pre=CMqNo8nk3fwCFSrzEQgdcRgFXw;dc_trk_aid=546418159;dc_trk_cid=184123079;ord=2591882938;dc_lat=;dc_rdid=;ta...
42 B
63 B
Fetch
General
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355224557;dc_pre=CMqNo8nk3fwCFSrzEQgdcRgFXw;dc_trk_aid=546418159;dc_trk_cid=184123079;ord=2591882938;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.180.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:07 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355224557;dc_pre=CMqNo8nk3fwCFSrzEQgdcRgFXw;dc_trk_aid=546418159;dc_trk_cid=184123079;ord=2591882938;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame F9A9
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C1QIQ_YnOY-KjL96M9fgPmc2z-Av6zKzObt3_y97fENvZHhABIIL1siFgleKQgqAHoAHF6pm5AsgBCakC192DYntMsj7gAgCoAwHIA0iqBM8CT9Cd_FDQB6A7iLPexbTFsBCn7BPOueokva7VfihgkEtQ2pzCCtVZGRARi7eisjRnwiqPy7fdjfZIZGbjYE-ssvpHVrtzBG16GORhVuQPKZfwXY7MOVvMrRD3PWVceb4wCX0vFAZLYAo8OFa80rNe-_0n-_5j0zV7mrsyLKuvjlm3HW30h6WDLXnpPKjo87yrusMjYIDjAbLzxYxhdxZTp5bQlYs1sTFDou6JYLRPv31bKelhftuxcUxMPf4iON7tBfOKpWeh31-7sr3KbBVOnKIkUcGBiAIF96zKUGNfa0aiZ7bM7rEywYo2uvT9PCTTDCcULOkp4r_ZbBld1lWGdUbpKFj2XkdRvP2YRSlYiXNd_7UNdwW6VdkhKPBmhapuXSpzcRoa59kd3Td-cUJAOYFmYTmJaJas7WWweiCRS1c_KGYpnAi_EjJsFxLa0Y7ABJfzsfSbBOAEAaAGLoAHo5XmxgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCIlQbSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTA9AVAZgWAYAXAbIXHgocCAASFHB1Yi01MjM1NzUzNDI3OTc2NDYwGIrTBQ&sigh=eWLdTgiyw4g&uach_m=[UACH]&cid=CAQSTADq26N914XUl_9fiU0KU3N4jYGDWoQcNGbNvMnxCodAA3K8PPsEZ4L0xAU47wlpBBRiJHOXgaol7FgTNzyrVtV69b2mWpPRX-r-HJQYASAT&template_id=419&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

B29090062.355225907;dc_pre=CLmeo8nk3fwCFa-c_QcdCPMMNw;dc_trk_aid=546295868;dc_trk_cid=184452513;ord=2355410536;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/ Frame 566D
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355225907;dc_trk_aid=546295868;dc_trk_cid=184452513;ord=2355410536;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355225907;dc_pre=CLmeo8nk3fwCFa-c_QcdCPMMNw;dc_trk_aid=546295868;dc_trk_cid=184452513;ord=2355410536;dc_lat=;dc_rdid=;ta...
42 B
63 B
Fetch
General
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355225907;dc_pre=CLmeo8nk3fwCFa-c_QcdCPMMNw;dc_trk_aid=546295868;dc_trk_cid=184452513;ord=2355410536;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.180.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:07 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355225907;dc_pre=CLmeo8nk3fwCFa-c_QcdCPMMNw;dc_trk_aid=546295868;dc_trk_cid=184452513;ord=2355410536;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 566D
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CMyKZ_YnOY96jL96M9fgPmc2z-Av6zKzObqX8y97fENvZHhABIIL1siFgleKQgqAHoAHF6pm5AsgBCakC192DYntMsj7gAgCoAwHIA0iqBNICT9Da3ULhP7n78iyjjeRQWJi_1I8LGUCIN0SAUaleiO1V09LIeJUwqtIOrWl2x0CVQ9YIB_hhSRQMNkduhMbGfG9Q08dTA6GMbHLuTvtM_ipJT5QolzEG_R3wAssMzNyAa5jbQsRM9kMoFok5bXFx-L-EHIrm7-9vQb_VkafD_2uelB-pOL3Zgo-H17DLatjMiII_gVpZvZ10BM-9tLjb3TzqwWaM83CtZv7Ce7lpvMQCccO3x5nlXPeFbUC-Sa7UbWLK7v0x9npjEg6veL3Qn1cp_N6IDD8wcTgBcKeeRFeRBxs9pg55IHFLkbtCJW8KcOXveSh_rT0BQwlr_53302J-RVPd9r18ZmMbasPAlg9Hgr_vmaxuxuAGnw-3xKscvNtuWJ3E5Sxvy5-tXXXRU_1aijMcgchW6poR92uvIhFexdQMj8XdOLI0mZy4esbkaRHABN2rz8maBOAEAaAGLoAHo5XmxgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCpnQrSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTA9AVAZgWAYAXAbIXHgocCAASFHB1Yi01MjM1NzUzNDI3OTc2NDYwGIrTBQ&sigh=BddDy8q5lDI&uach_m=[UACH]&cid=CAQSTADq26N914XUl_9fiU0KU3N4jYGDWoQcNGbNvMnxCodAA3K8PPsEZ4L0xAU47wlpBBRiJHOXgaol7FgTNzyrVtV69b2mWpPRX-r-HJQYASAT&template_id=419&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pd
google-bidout-d.openx.net/w/1.0/ Frame 0B4F
0
176 B
Document
General
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Mon, 23 Jan 2023 13:22:07 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
truncated
/ Frame 9B90
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2284efff0f131f90c8371699557b94ee147730ea6e7b9f9dc473041fb45ecbc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
B29090062.355224557;dc_pre=CLTVpMnk3fwCFbST_QcdW08L9g;dc_trk_aid=546418159;dc_trk_cid=184123079;ord=2694559607;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/ Frame B34D
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355224557;dc_trk_aid=546418159;dc_trk_cid=184123079;ord=2694559607;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355224557;dc_pre=CLTVpMnk3fwCFbST_QcdW08L9g;dc_trk_aid=546418159;dc_trk_cid=184123079;ord=2694559607;dc_lat=;dc_rdid=;ta...
42 B
63 B
Fetch
General
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355224557;dc_pre=CLTVpMnk3fwCFbST_QcdW08L9g;dc_trk_aid=546418159;dc_trk_cid=184123079;ord=2694559607;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.180.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:07 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355224557;dc_pre=CLTVpMnk3fwCFbST_QcdW08L9g;dc_trk_aid=546418159;dc_trk_cid=184123079;ord=2694559607;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame B34D
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CuUcB_YnOY92jL96M9fgPmc2z-Av6zKzObt3_y97fENvZHhABIIL1siFgleKQgqAHoAHF6pm5AsgBCakC192DYntMsj7gAgCoAwHIA0iqBM8CT9BnfCUnhBBd1jB2Bcxwc5inxc6TVIXfvdC5xFi1yrsvptnfdAgEJEv6xweI9hIcparaqu6fGBz8trXtbnIlCWd4jZCO8a4D5x8ruwynGe7YKO7uBLEZ9mgVtbrSit1ajE-15vGZW4YAmj0GN7-FuYqnG0JDxNEMwrQEtJ-gzBw6K1c68KE_YJyuJ-n6LhirGeFDWud5jn7wJQEhfC2pfnc8vCeWfJhwVgcTWFaMT3k_XjjG1FwfXViFFephv9NUz_p35iDjl6mOPtNiu0JkhJKQ8BtI3AUtrm8pljm4j0Em-RXsOXvc4f79WaSf7rLJePrJCMrL6Rq6Bh2TC7EqpH31DPzhufPZnZ1uitYu1Iv1Lhb1GTAMkMS7P_J0IMMbsnn_R8-Nu9rpvAST-mXyMRnZ2wmhykIEThmLuo3MY8acgKYGhwICKMmLC2T0ha3ABJfzsfSbBOAEAaAGLoAHo5XmxgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCb9xDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTA9AVAZgWAYAXAbIXHgocCAASFHB1Yi01MjM1NzUzNDI3OTc2NDYwGIrTBQ&sigh=bfeTmsy0N1Y&uach_m=[UACH]&cid=CAQSTADq26N914XUl_9fiU0KU3N4jYGDWoQcNGbNvMnxCodAA3K8PPsEZ4L0xAU47wlpBBRiJHOXgaol7FgTNzyrVtV69b2mWpPRX-r-HJQYASAT&template_id=419&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame F8C8
6 KB
3 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 21:29:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
57166
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2551
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 23 Jan 2023 21:29:21 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame F8C8
34 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:16:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
18346
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 24 Jan 2023 08:16:21 GMT
tweenmax_2.1.2_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame F8C8
113 KB
39 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.1.2_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39910
x-xss-protection
0
last-modified
Mon, 11 Mar 2019 14:29:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 Jan 2023 13:22:07 GMT
main.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/ Frame F8C8
6 KB
3 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/main.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
339c431dbbfcf7b370b678aee1588f0543c767da987e8af97f5df6b907cfcf76
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 20 Jan 2023 02:04:37 GMT
age
299850
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2619
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 13:55:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 20 Jan 2024 02:04:37 GMT
B29090062.355224557;dc_pre=CJjEpcnk3fwCFRXVdwodnaoGLQ;dc_trk_aid=546418159;dc_trk_cid=184123406;ord=2545364839;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/ Frame E376
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355224557;dc_trk_aid=546418159;dc_trk_cid=184123406;ord=2545364839;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355224557;dc_pre=CJjEpcnk3fwCFRXVdwodnaoGLQ;dc_trk_aid=546418159;dc_trk_cid=184123406;ord=2545364839;dc_lat=;dc_rdid=;ta...
42 B
63 B
Fetch
General
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355224557;dc_pre=CJjEpcnk3fwCFRXVdwodnaoGLQ;dc_trk_aid=546418159;dc_trk_cid=184123406;ord=2545364839;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.180.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:07 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355224557;dc_pre=CJjEpcnk3fwCFRXVdwodnaoGLQ;dc_trk_aid=546418159;dc_trk_cid=184123406;ord=2545364839;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame E376
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CNoKg_YnOY-CjL96M9fgPmc2z-Av6zKzObq2AzN7fENvZHhABIIL1siFgleKQgqAHoAHF6pm5AsgBCakC192DYntMsj7gAgCoAwHIA0iqBM8CT9AI8NbGJxYHPnPxfIWLXAecqfux8AaYWccbLOJsckKLDfYuUYjPfmvwnvD3-_U7Og5wim38d_WdbZ3xFoizmBpBXGsQtNg0PTkdYLkgUnPuCOVBPfrLSLfpRS8Z8keHHenfe3NylMyM3S7H9hI3vxk6nEZlp4rfCTNWEC7npZ0tTzQ3bimPSdlOXvHwOMMcBOCwiQiH1vO4RpbZnr5VbvuysrTvYQlHDJ5emEmNLszeAvX8reCT-9142v66-DI8dhCuE3rLrKEtiZaBzL7m1FezSD0vGqurBX0-lvjlyIPcq1Y1QlFWDDsig8OEZmwE_PLV-7VDuGiUPswJK-Ep26xkF2yRfdkErpQiZnddsObg1L0p6bG-5Xy3KiX14iLxhd_DwU2s6LKztSJFDOOacVKPwR0scv185dvEtO-r1WTmpc89A4sI5YGHbVpS99nABJfzsfSbBOAEAaAGLoAHo5XmxgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCS4grSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTA9AVAZgWAYAXAbIXHgocCAASFHB1Yi01MjM1NzUzNDI3OTc2NDYwGIrTBQ&sigh=5W8OeNI2s9Y&uach_m=[UACH]&cid=CAQSTADq26N914XUl_9fiU0KU3N4jYGDWoQcNGbNvMnxCodAA3K8PPsEZ4L0xAU47wlpBBRiJHOXgaol7FgTNzyrVtV69b2mWpPRX-r-HJQYASAT&template_id=419&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

truncated
/ Frame B35C
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
78c4232b7d03656196bcd8466b06ce1f0b7e1f99796bc5126008e72593152c9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame D2AB
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4gfBlJYliphbr0niRTu41vvOzAgXaL7yZH5Lb7_Z8USfHtg5oMG8W-lguLqAu13eDQ4Z25tuFaCiYajNtRPtVC68DgBQh3iqA9MRqaQfN9UtxoXERt4OrbStbt3xUyVC76z7XgH-xRUQ9b3Xhd-Pwm3UDFGx75Qxu6W2lxnFj7YmgxSXR57wqreA1JZ9ryiE3jlpMW8x6wcheslbUJ61Pwm0KqnI4x6VDiiJz8yyd5Zsp8Er5WY6HouCKY4pG8BM8Wic0bAxOJcNFUZUiAp8wIwNEMbRgAd-AmpxeCOlhUnPz_3pEVrOugCurMxXLu9G-2xB2K4NiUGCV67nzcq3p-2ip518b31bCgAt42EzFcW6fld8&sai=AMfl-YTHVusQmp-tC9zOFsJvmGQWCIvHC-ERcnfmxXwDVZT7jV20H_tpHrzKNod4YNUZEICFlJ0LDJGi25cp7xX9leq4KCDcr2D5d79d_-lbryyZL4QXXNY022xbOumX8-R0vGns7wdtN4WsskLFMdC2hXE&sig=Cg0ArKJSzNsvxO6RsXsfEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 23 Jan 2023 13:22:07 GMT
B29090062.355225907;dc_pre=CO_iqMnk3fwCFWiTdwodsbsN2g;dc_trk_aid=546295868;dc_trk_cid=184452783;ord=268517420;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/ Frame C06F
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355225907;dc_trk_aid=546295868;dc_trk_cid=184452783;ord=268517420;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfu...
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355225907;dc_pre=CO_iqMnk3fwCFWiTdwodsbsN2g;dc_trk_aid=546295868;dc_trk_cid=184452783;ord=268517420;dc_lat=;dc_rdid=;tag...
42 B
63 B
Fetch
General
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355225907;dc_pre=CO_iqMnk3fwCFWiTdwodsbsN2g;dc_trk_aid=546295868;dc_trk_cid=184452783;ord=268517420;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.180.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:07 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355225907;dc_pre=CO_iqMnk3fwCFWiTdwodsbsN2g;dc_trk_aid=546295868;dc_trk_cid=184452783;ord=268517420;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame C06F
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Clu3i_YnOY-OjL96M9fgPmc2z-Av6zKzObu39y97fENvZHhABIIL1siFgleKQgqAHoAHF6pm5AsgBCakC192DYntMsj7gAgCoAwHIA0iqBM8CT9DgdyQGhNgRZ9eMxmO_OG8Pqr_XSmVpHqYMhz6l4hk2GM_hFkEw6eQ_TKw_mNnCjoNeO9Di7Cz98MCJy-Wsj9I4ts3ynAxr3DU3-hxl0DCzOJoU3auy9iZZ9-OTSQvzgid344dY5Hv4Y6o16c38U7OJsekI3hK6gskcaYGueogvCcEe3AlUoZrGLri3OEmVkd5HZQqrrIi69rc6jFXzOgln2emnFeWiuQdUQdebDXB0dxYtzPvH3dmBN1AtOeqzIBI5m_JUq_TWCqAQCflH54EH1Atq8Nu2GtmQpPks8u4l4jBNT__zT0M--uZRigAqALj73PtnwOUMrx_f1qvDe7L2fCdzpgu-C9qaBHVqaNPtxdsL33MdQ3PCAOYsdP7BeP3Jn8S2LLVMr-vPGNLCY6NNaDEEYTLrEmnlsk5wk1_Lweo4YwI0HauA6UZupBTABN2rz8maBOAEAaAGLoAHo5XmxgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCIlQbSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTA9AVAZgWAYAXAbIXHgocCAASFHB1Yi01MjM1NzUzNDI3OTc2NDYwGIrTBQ&sigh=FYMQQdTeVPg&uach_m=[UACH]&cid=CAQSTADq26N914XUl_9fiU0KU3N4jYGDWoQcNGbNvMnxCodAA3K8PPsEZ4L0xAU47wlpBBRiJHOXgaol7FgTNzyrVtV69b2mWpPRX-r-HJQYASAT&template_id=419&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1C49
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012301041800000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 07:59:50 GMT
x-content-type-options
nosniff
server
cafe
age
19337
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 24 Jan 2023 07:59:50 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1C49
295 B
323 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012301041800000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 07:59:50 GMT
x-content-type-options
nosniff
server
cafe
age
19337
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 24 Jan 2023 07:59:50 GMT
B29090062.355225907;dc_pre=CMHcqsnk3fwCFeHIuwgdzl0IWQ;dc_trk_aid=546295868;dc_trk_cid=184451307;ord=367337548;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/ Frame 12C2
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355225907;dc_trk_aid=546295868;dc_trk_cid=184451307;ord=367337548;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfu...
  • https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355225907;dc_pre=CMHcqsnk3fwCFeHIuwgdzl0IWQ;dc_trk_aid=546295868;dc_trk_cid=184451307;ord=367337548;dc_lat=;dc_rdid=;tag...
42 B
63 B
Fetch
General
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355225907;dc_pre=CMHcqsnk3fwCFeHIuwgdzl0IWQ;dc_trk_aid=546295868;dc_trk_cid=184451307;ord=367337548;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.180.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:07 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N1335164.4228069GOOGLEADS_/B29090062.355225907;dc_pre=CMHcqsnk3fwCFeHIuwgdzl0IWQ;dc_trk_aid=546295868;dc_trk_cid=184451307;ord=367337548;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 12C2
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CXoBY_YnOY9-jL96M9fgPmc2z-Av6zKzObs38y97fENvZHhABIIL1siFgleKQgqAHoAHF6pm5AsgBCakC192DYntMsj7gAgCoAwHIA0iqBNICT9CtSMcAgrGYxU7teCGitaIDIx1e2bmEEnMXn-GuLi8K_BRYOXc3vxS51ew7qLWPXpZZGM-XkWJSZFP8i3RcXNXp4UbVznhhU6H8VtBjx_a4oIjPeHn-RMoAwTy6lyjulJgZVcLMBsXRQ6bTWfMcKL0F2uyD5Y9hgmCCk5ZSyp2DO-UFHyo9ojIRj3D5b7DJ5T5Ub6lCBhAAcDYJqtn63gIRcEoQxv1mcY11TljWp6YBu5yd5XZhHYt5GICfzFgfjjYea17FdUqX-6CwGvxx6ehGhKzkGCLV2JpfD4L6aQjLn9FFI8_uq0_VRkhCmMDtdCQ-oFgAJgVtJvg9po7RE5m43_9QmNVR7HfwNSiwuk_2bscG4o83SeNHOJWoDBeFdYmtP-KzSrqo30SgKg00cnZVV47wc_QpK21texibX2GaojadwyIpzj9hL_5WNPgGsLbABN2rz8maBOAEAaAGLoAHo5XmxgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDmqAzSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTA9AVAZgWAYAXAbIXHgocCAASFHB1Yi01MjM1NzUzNDI3OTc2NDYwGIrTBQ&sigh=rx30HNFX8Tk&uach_m=[UACH]&cid=CAQSTADq26N914XUl_9fiU0KU3N4jYGDWoQcNGbNvMnxCodAA3K8PPsEZ4L0xAU47wlpBBRiJHOXgaol7FgTNzyrVtV69b2mWpPRX-r-HJQYASAT&template_id=419&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

commerzbank_affluent_passion_300x250_v3_js.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/ Frame 5E97
58 KB
58 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/commerzbank_affluent_passion_300x250_v3_js.png
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b5a2bb689f35dee671ce481c1a4eef5ca841fbffe7cad9c6518862d174054eb
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 19 Jan 2023 12:56:54 GMT
x-content-type-options
nosniff
age
347113
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59456
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 14:46:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 19 Jan 2024 12:56:54 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301100101/ Frame B35C
358 KB
118 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com&bust=31071714
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2500680891621702
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15f596dab746d15017962ccc0c8e366a1c4ef352da52f424a5e335d86745a19a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120586
x-xss-protection
0
server
cafe
etag
3128023825809178284
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 23 Jan 2023 13:22:07 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230118/r20190131/ Frame DA7E
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230118/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2500680891621702
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
58275
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 22 Jan 2023 21:10:52 GMT
etag
10353107486223812946
expires
Sun, 05 Feb 2023 21:10:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/ Frame 9B90
358 KB
118 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2500680891621702
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd3b62f1c4f188c40237a6234ce56981efaa64c22eea9c462aa57fd7d1bf8829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120547
x-xss-protection
0
server
cafe
etag
15676822806810104347
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 23 Jan 2023 13:22:07 GMT
AGSKWxWmMiSlbYCPlBCdA7RImhiwPgJhEAzrHNlSImFggaerjCK06nWUmxPZ8qorOKujhzT6qg-owhqGzYS_AInteQhAQ4yBJUREIBKwKxnYm_0eJnu4SyLL8NiCDye56V85q2JT3X-Q-g==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWmMiSlbYCPlBCdA7RImhiwPgJhEAzrHNlSImFggaerjCK06nWUmxPZ8qorOKujhzT6qg-owhqGzYS_AInteQhAQ4yBJUREIBKwKxnYm_0eJnu4SyLL8NiCDye56V85q2JT3X-Q-g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.VQZpONNKa5s.es5.O/d=1/rs=AJlcJMwAqzGD-EFp9fED4A54ILKgchR0Vw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-rfkoh-OloXU2RMmyx0zLXA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 23 Jan 2023 13:22:07 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-rfkoh-OloXU2RMmyx0zLXA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.myjoyonline.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 3EE5
6 KB
3 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4032645762797114999/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 21:29:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
57166
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2551
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 23 Jan 2023 21:29:21 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3EE5
34 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4032645762797114999/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:16:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
18346
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 24 Jan 2023 08:16:21 GMT
tweenmax_2.1.2_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 3EE5
113 KB
39 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.1.2_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4032645762797114999/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39910
x-xss-protection
0
last-modified
Mon, 11 Mar 2019 14:29:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 Jan 2023 13:22:07 GMT
main.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4032645762797114999/ Frame 3EE5
6 KB
3 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4032645762797114999/main.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4032645762797114999/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6121ef92638698a1efef6a524096e9bccc61a28b72f28695f50a2aa7369f4ac1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 19 Jan 2023 20:57:32 GMT
age
318275
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2622
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 14:46:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 19 Jan 2024 20:57:32 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame B4E0
6 KB
3 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 21:29:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
57166
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2551
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 23 Jan 2023 21:29:21 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame B4E0
34 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:16:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
18346
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 24 Jan 2023 08:16:21 GMT
tweenmax_2.1.2_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame B4E0
113 KB
39 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.1.2_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39910
x-xss-protection
0
last-modified
Mon, 11 Mar 2019 14:29:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 Jan 2023 13:22:07 GMT
main.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/ Frame B4E0
6 KB
3 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/main.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
339c431dbbfcf7b370b678aee1588f0543c767da987e8af97f5df6b907cfcf76
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 20 Jan 2023 02:04:37 GMT
age
299850
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2619
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 13:55:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 20 Jan 2024 02:04:37 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame B771
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1824
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 12:51:43 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame F9A9
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:22:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
17951
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:22:56 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame F9A9
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:22:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
17952
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7515
x-xss-protection
0
server
cafe
etag
5914713042212191929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:22:55 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 9896
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1824
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 12:51:43 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 566D
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:22:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
17951
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:22:56 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 566D
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:22:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
17952
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7515
x-xss-protection
0
server
cafe
etag
5914713042212191929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:22:55 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 3BFF
6 KB
3 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18332568827419972199/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 21:29:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
57166
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2551
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 23 Jan 2023 21:29:21 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3BFF
34 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18332568827419972199/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:16:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
18346
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 24 Jan 2023 08:16:21 GMT
tweenmax_2.1.2_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 3BFF
113 KB
39 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.1.2_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18332568827419972199/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39910
x-xss-protection
0
last-modified
Mon, 11 Mar 2019 14:29:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 Jan 2023 13:22:07 GMT
main.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18332568827419972199/ Frame 3BFF
6 KB
3 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18332568827419972199/main.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18332568827419972199/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ac327135346c0884a1d57517753fa13943c8de02e1cc11ca8e470ae65a47a47
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 20 Jan 2023 02:00:12 GMT
age
300115
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2614
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 13:55:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 20 Jan 2024 02:00:12 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 63E9
6 KB
3 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10271607261087679227/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 21:29:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
57166
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2551
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 23 Jan 2023 21:29:21 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 63E9
34 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10271607261087679227/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:16:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
18346
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 24 Jan 2023 08:16:21 GMT
tweenmax_2.1.2_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 63E9
113 KB
39 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.1.2_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10271607261087679227/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39910
x-xss-protection
0
last-modified
Mon, 11 Mar 2019 14:29:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 Jan 2023 13:22:07 GMT
main.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10271607261087679227/ Frame 63E9
6 KB
3 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10271607261087679227/main.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10271607261087679227/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8893201d22f593c535d23bc413757040c3c12bc17e54ac4aa8a8a386c9ef8f29
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 22 Jan 2023 10:38:03 GMT
age
96244
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2615
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 14:46:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 22 Jan 2024 10:38:03 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame F93E
6 KB
3 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 21:29:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
57166
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2551
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 23 Jan 2023 21:29:21 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame F93E
34 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:16:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
18346
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 24 Jan 2023 08:16:21 GMT
tweenmax_2.1.2_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame F93E
113 KB
39 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.1.2_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39910
x-xss-protection
0
last-modified
Mon, 11 Mar 2019 14:29:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 Jan 2023 13:22:07 GMT
main.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/ Frame F93E
6 KB
3 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/main.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43ea858dc40003ac8d46371ae15982f7c73c789baf54845c0b46f537eea5335e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 21 Jan 2023 01:52:28 GMT
age
214179
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2617
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 14:46:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 21 Jan 2024 01:52:28 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame A81D
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1824
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 12:51:43 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame B34D
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:22:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
17951
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:22:56 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame B34D
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:22:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
17952
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7515
x-xss-protection
0
server
cafe
etag
5914713042212191929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:22:55 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9ACB
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssa2kZD78kDrYazWmfoG5z39dnuJ0UzOCSX-EFheA1C2eqG1ffrJbw0-qpth9vzMshyMxzDuTR0f5BUseHX7hDIrdPQN2s4brdkEjZ8LhsEKWOzLcPylgT_3VKwDavJiaWvGXtIxquTvs1jLzlsevnxTRsSB9xgKmjgpNWxef5OSLAx82LnYPqsXQgFXODXK-y-qRyNAWGn_Pu-kid4_JRNrjqMX-wt3hSjw1ng89fUyFziTXhghkuLYor6AZJbHYGzHRMEs2-3d6uQkw9D0fRFqh5ALKNhK_d-kD9np91dtLArvP6g1QYaqUiLeYD2hkpRKNw7ndZCStpA0Ou585nw1__MOHuyUoKzCrmv_Sga6y4i&sai=AMfl-YSp4-UcOzMbBcD5UzGU1VD4noyELasNM2nJ8RJQ96sU_5ox4O09W5Hr-jo-XpZzrXB6PrzlKSLx0HN-pH1HP1Vpe8dlyGrwqJMq8PMFeZlWf32Nd2GNSBcK7o_PCSTcblqWnpOn5mP7-fdoXwK2i3U&sig=Cg0ArKJSzM2gjfs24fAoEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame 9ACB
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
048fb40b03a8e15295b8fb66a5c01f605ff45de3be704cb609da98332f18f367

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2E6E
155 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 13:22:07 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/ Frame 9ACB
358 KB
118 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2500680891621702
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01257797f7aa4ded30d131f49c0722369205e5079938567bb5dd6a07fe83e94d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120554
x-xss-protection
0
server
cafe
etag
18444689536482765337
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 23 Jan 2023 13:22:07 GMT
truncated
/ Frame 5E97
34 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81cc7fd7df22e0e62e9fe6cc340361b2287a93752604e162440708e12712e39f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 5E97
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48041bcb6dafadb3ecb47aacfec7f5e0e43262f9c6046c28460a38c51caeb8c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5E97
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c93dc84049ced06257c79f0b114862380a1964936f843f7c962076b4e107d58c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5E97
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dcfd81c9426baeb3821d227a40cd765d3df097fbb0df64913f7bdd414bf4a3a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5E97
992 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
650da9e6f05c29b40c5cf21e4ce0a863c81e6ea5234b23f4d9b93b51dc6cfc56

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5E97
852 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e5ec9d53f8d82f9d59a8e9157c213b7b9cf49ef83d6e068e22f63238f195aa15

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5E97
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea19606333339c1f788ee53fde82a94ed6d164673abe2e5939fd3aa081ab53eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5E97
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44b34578989a08119535b5c54623cab8c70a3ed38106e766784108ea3bd06949

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 2E6E
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2025312d980e2ac3f2eda70fdff05019589061193000e24f0ae8c50754b63b5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
csi
csi.gstatic.com/ Frame 2730
0
327 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~ld8u8fhi&c=3452751362134&slotId=1726375681067&qqid=CKGW0sjk3fwCFV5GHQkdmeYMvw&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230111_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:08 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2730
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 05:09:29 GMT
x-content-type-options
nosniff
age
288758
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 Jan 2024 05:09:29 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2730
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 13:14:53 GMT
x-content-type-options
nosniff
age
259634
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 Jan 2024 13:14:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2730
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CSlEj_YnOY-GjL96M9fgPmc2z-AuGyuWeXISB4PbOAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MjM1NzUzNDI3OTc2NDYwyAEF4AIAqAMByAMCqgTdAk_QiomNQTHGP_f-qOzk6qI3L2WTryvE-0tBodMfdjezCVVxL6lCRYSiXF1RfytGMxwHpttNU_QtC_-EqSm-PsMgD4EoI_XUBFkn_XfJUNLJwE3D0YWIjsxM168GCKobdiVtZyksPOPoHqqP7HmTBzK680CeK49A2NgxGMPBtJ8QGrfe97_RYQmmAyklzTKCK1lE-GqPSAonZau5QdltThFMImRIeirOCP1WqabJKS45QM2swbtkXl0wpBmGyUtKEDeTiJAlTFd3G5e7NvMD9nZK_4OJj6fN_ARTzdwVFWvXWcfBsXzZ0MdXY1CzfySeFR6XGVkbB0U1U4ZPCnZMEN20IHxdT180t4tSQNpHDoEAihUBTFy6i048qAl5E_VATAO45J5xtts6cqoUiRLm5WSx8hIOf4UyAsrYYponwgyTd5tXjrkIam4sck1SFw-vCf1ZwxqzV-RhanjVYP_gBAGABsLa27_3m_noQqAGKqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ&eventType=clickstring&clientTime=1674480127601&ai=CSlEj_YnOY-GjL96M9fgPmc2z-AuGyuWeXISB4PbOAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MjM1NzUzNDI3OTc2NDYwyAEF4AIAqAMByAMCqgTdAk_QiomNQTHGP_f-qOzk6qI3L2WTryvE-0tBodMfdjezCVVxL6lCRYSiXF1RfytGMxwHpttNU_QtC_-EqSm-PsMgD4EoI_XUBFkn_XfJUNLJwE3D0YWIjsxM168GCKobdiVtZyksPOPoHqqP7HmTBzK680CeK49A2NgxGMPBtJ8QGrfe97_RYQmmAyklzTKCK1lE-GqPSAonZau5QdltThFMImRIeirOCP1WqabJKS45QM2swbtkXl0wpBmGyUtKEDeTiJAlTFd3G5e7NvMD9nZK_4OJj6fN_ARTzdwVFWvXWcfBsXzZ0MdXY1CzfySeFR6XGVkbB0U1U4ZPCnZMEN20IHxdT180t4tSQNpHDoEAihUBTFy6i048qAl5E_VATAO45J5xtts6cqoUiRLm5WSx8hIOf4UyAsrYYponwgyTd5tXjrkIam4sck1SFw-vCf1ZwxqzV-RhanjVYP_gBAGABsLa27_3m_noQqAGKqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 2730
31 KB
17 KB
XHR
General
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BBcIjSkmnDPtju1VChWlMq96tT2gVa3iJ0ImyNPyU6I0N4qruExBhEUxY3PJPxcs9lW3vI_mWDZcQXdQaGzs6DE5-p9w&dbm_d=AKAmf-A7Y9wkrck2nNllW97woQAwAhmzexx_gVqcvb8oGP3G-_i39DXSjivZ5ByT0sq8pXdNE7LOYHN7xnIozoKVD2GOwnqJ4udFduE03Hz19uqaXKqx4Uw_JBCQ62JyEOV4wDv4E3-sv0scYh9G_6yu__71L6BZJpWkVrdpEIlHumLLD-Jvcvc2GkSvVquZxaOiQZwtbv_eehlO_WHmfii42zCu7r2a0-RyHyyFMXVSeHfli685tamOomp-KZTns_M5CPcfgDxnIruJ8Mg8x1qfXPJvRMJv4sELN2JJfuoyyiJTdQoR152cL3M1YgExUYLKd0Xvs_Pk5oFvc2VK2t_F3OfR3IUxkucGk0fdv8ykiclMuVAiV4WWp_qoaR2vG28DSVNZQP5KbkJ9AlqSlGyC6ZBSe8tVlTeLkQlWPxfh5yk9oA8ecp4n6G3vv6CBnJVnFWzfhl0dkaUdyeVavjKvITCLK9pfR1HM4QeFo7tP81HkkFIMiuaSKhhmlKZiPedvjpfHF-o3sPrtJjUpC2GWM8oecqLLAwoleyTqM8nMTjhq_jcykrWw_JOr-RCIxy0nyTUI1NuWTz2jufyKqzWJY4BpFFBTZu0J6DMNGtNwiaLUm4rrXS14S0Mid2FHz2b_G2ARptP1KIhBOTUaIiE27loyrneUL-st2fAGXf9lB2_G1N0XjovZVdC0nfQc-xrJnZIyQa9BOL07iEKz5uUx_KSez9KQe9izP-DM0bb-5Xa9mqadmTFTx8uJcu8OWnN83UTxJxivO6wCC6eax6FiVjCncMR8AWR5ED_D4d03KwTB5KHe0ddKqf2nVFcCoHrqDa1sCmsSduPA982o1WmYV2gHl81B5Fuv-8lowG74vX48I0BcPLTlFwDdZPMDmw-fGdhUQt2Ug9mdnovYFxa_ysV3Gw2HGhrnosgy9mEm6wB-Hu8wHUmuo6FIclM74QiHB6cfu-TdjuJM6ZFhQBbbYB4L3b_BJpKmfDadyiklhL-BU7oT9ckT5KqB3vJSDsExy5lVv6ysLCCyQZcbDYIa3hdilUMckx5v-PR6OeRCSriudZsEcXxUf2nU6cwvnymsBiH7Xn26QDXymaJFnabbEvVpMmiyF7rCsasTOsVv2ptLn8BXj1zX2IPb_zcFU4zUX35v6NKTCzUCm4kOdE3SQ1xyyrRBEisFm_O73t6UjkaXOXyyMUaO93DlE-SHY_pFeVHD1sXj83OI81wRK3nhnDweZfJie8ihclG2XCCcj8Y99ndncokZoRf7L9LgNlObLvf9xR0BHoHCVTYSXUdkP-06buLLol7DZKxoxWusr_NTL8W0LmRq2FNQYgxHGzuQF2BmnaGnHh1TyqfFwZICMAeA-jn5NUnzc7laQQZgQ39vF2-hJz3AF_WaoEb_fnJMGWNsTFQcdRfo6ff051tgRNh4mN1EWCTxCRf9erEh1CNxm9hg31mRdHfxTDo6co-4fe9Abu3FI1wAKSoWlUX1H0lj-mv-zoszWOWYhhnMOoxotvWEAtu1SLeJku-TtMBTwL3rLONi8meYEmXQuCfh0wx8MWwAONiNLT0HTbCj1nRSJtzm4ZnXcCb3ddEvKH90vCLUd7cr9MjaQdYLdWXteYqa7T8LAJM1vM5VhtRx_AsWtk1R3IYZ9eeYDjfVxjg1TOEkkiVqVDL6_eq2pqEA6NDiY06ZF2gmCiJYjmHLdWuEEtGPb0Xl23YYfzU1EroN9xveJZvVW6j9wQJKWrlzkpW0ryWGIR7bWK2-_QPY8_9XcxLPZq7uXzd8r4kaopQjL1SEMgHtUC_xL5vAjG8_MgAWcQIEy1m10Lfd5VcXiOdrtskv_LWlsmXnDXIptr0F6DZ6DSKCqPOHLFz2u9XcLZMBnHw4Wd9pLEYQ43XEYXjeQ3sRphFhf_9Be1uZt4pZIRtPi3WzD14Ho0wNQZhiMdpmZ_6R7Tkaxp-zuMlWV5AhC_4ACHhREiloMw6pBYMEYGkn2MVGth-k61sFh6m_CF64id1jbq2tBGIbitu6l-5Ux1p9oiC8HHmhDFFEtwokdKyeEteyXsh-afHMGtp-493djTsy4bTidZkciEOi0ETPSzPP66zJHvskz8P-zx0jiCnA3LpQ_3Bd83whBByD5eNrVpFGzrr2JDp-8EvBdfeRN_iwWjAdv31YsYa2PZp8XrCvURWkCEPF2HK-x270-oZ-BwrUcsWZSCVcZ4dN6wCUJHFHdke-YRLGsfzsBmiNtoUpN8B9ME8VUiqra1QewS8gwGYdm2_5i4Hn6K0lxlpYBZRLKOnKc1Kj3Kd9FRgPNrCHEvjx2CeppnjcBUqbIgzKJ2hrMqvYgjZ4E5P_NMkMvTcZhl8xBAIujSGTy3rKBFvi6Hi4PuJ3ex6IdhlN7n2TtKVnS-FACq-ca7O2tM7_F33MjiR9DJbkClmfbK9LuTAZCzI029xmQNkCgTCgiIwYSvhbb4dmC8MNpe8A70BKJKS6YJqlFtcQXGcRgMUHrvWLrsO8g2WvaFB9cVg735gUqQSbHp4mLaM4Ex8LG1Sl95HqiUEgxbFDxv20uTBFuBUxNG61N5lj3onOSKV3K91Cf6IulhCqMBP7-ipSgvuAUhkN4F2bD6E0TTmMy8yHG62rvKAFlME6YiqH9teayXUG8ZIr8Pd8XRSSWlMYxqJ5BbyPP3e5zAMATe-rTBiCRbPkiKP8Wus_7qJlr3F5x-UTI-DZnpXpMREnMF_ZVlCAteQpwlTvrnitOBNsN9pg-gODLFuuZw-Z5_chY4B_j3_N2sgpSqqbRhnqpsRY_j_hZYy-Tr_Y4ARWpl9BGR04I2u3JCaytF3XBA67XetafU0-AFoc3dSXLCSrMEPuUclKvTXH1Dahuu5Q_ZgKShTkDaCAVu7Vw6SMjlY94W53rq321sYSo5HhyThekrdDUKNCKbEdZEcbngvZkEz_f5G7igYc1t5V1Ff15g38qk_mpxq06plsG-9p4eo7pRZEk-Xfr5idf6Q-02IG81FgQcCtwushKkoUTrI4pRqQeK3mJkAtB7wkOlxnr3WFr-KrBkIlouQgkxu1KKuFEPyEPLupiq86LmPXffbqiRNddKmLtstCjFO_7LSdhBLo573bokavQhMq2P90NZyDiCJs4r09sQWr6eXBL6m-0vt4JBEroeUvjpZbCoUHxDePPNLje43PA0E4MRF8r__OJ87hx-nIzR7xSBoE8O4mTjvH1-teByTBeDa1SqTc1EC3qfR_mKKhqTyhJcgRd1wxBB4JZAGrtyIhq-Ua7FTfK1BVJO8flB_3FR3Hpyovz6tx2Q5yKryR7sgjCZ-R33rbiacY2_40uy2vRfkZNNBULISbxuFFHqcdWBxDuaujZ6XscOQPCT-nxVdxgZ9e2eBEXP8l9t6fEYqNWMTo9jamcBcm_rTaUm-z5fZ-Tf2wPbd2I0YnjadkP5f_vM9LNJ976a04ibqz6rGAJsZ-ASvvU854AEKkUbIH5AEjTYUeuBs4SosK-UPU91uo4AmVcnIoHc2wTITzfScohyCBVWSpDCYzdnje2XjuwUqBaNZ0qtfFxqMV9L_GnZI6_CCXoOGDJY4VvWNPhJw8k3bdzsIz_Tmp2nMpSxPrqny2l1b9BHUwsGVR-Rv7kdz5rJs&cid=CAQSGwDq26N9-3fq7SpERF7vwJZjY-E7qyZaU1IK3hgBIAo&pr=9%3AAAABhd7LCC7Le_c-LbF1g2cWesL3lQNDlj9YoQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230111_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.184.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f154.1e100.net
Software
cafe /
Resource Hash
2c7a2f8718a894f838b62a497f94eee6e1bc0156012ea6a4a1e48520010895b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16378
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 2730
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2085f087c46cc880637f3db18d9ff84e0456fc2f8a4a4633a7939d0564621cca

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame 234A
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1824
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 12:51:43 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame E376
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:22:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
17951
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:22:56 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame E376
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:22:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
17952
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7515
x-xss-protection
0
server
cafe
etag
5914713042212191929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:22:55 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 90D5
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1824
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 12:51:43 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame C06F
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:22:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
17951
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:22:56 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame C06F
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:22:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
17952
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7515
x-xss-protection
0
server
cafe
etag
5914713042212191929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:22:55 GMT
QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
pagead2.googlesyndication.com/bg/ Frame 5E97
36 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 07:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
192180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Jan 2024 07:59:07 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame AFE7
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1824
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 12:51:43 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 12C2
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:22:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
17951
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:22:56 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 12C2
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:22:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
17952
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7515
x-xss-protection
0
server
cafe
etag
5914713042212191929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:22:55 GMT
truncated
/ Frame 5E97
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3fc838e727e61e0527c90ca35a033aab703e75e9c6d04046702210d6bd18745e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5E97
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2263589ed89b297a57ab885c817e8c13cb0d3d36a581314298a39aafe2369c88

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5E97
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c35829b27cab8baa43d3fcab2264640c80df89151eee9391708049c39ddd368c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5E97
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93cb5925a330630f84012b5d56afe97a04dfed609ccf3c73203ef570624ce821

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5E97
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f18c40a3fd1a75d239b3598c66016b18faa6b559aafccc5aba1870fef6fb146

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5E97
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c0916f65ed64f655a33783c1340f634d26cd954009c0fbf5162784e68c529c33

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5E97
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87a26ed5fd2ef06513a60d162c6d4f0ddf062686222533f7321794343f0b5da0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5E97
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1fa693d2cd4a5db2635ceb147f1aa0b5d4d75691c093bd8848e1e4a7b8449e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 14D9
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 13:22:08 GMT
expires
Mon, 23 Jan 2023 13:22:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 13:22:07 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 2730
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CDxCp_YnOY-GjL96M9fgPmc2z-AuGyuWeXISB4PbOAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01MjM1NzUzNDI3OTc2NDYwyAEF4AIAqAMBqgTaAk_QiomNQTHGP_f-qOzk6qI3L2WTryvE-0tBodMfdjezCVVxL6lCRYSiXF1RfytGMxwHpttNU_QtC_-EqSm-PsMgD4EoI_XUBFkn_XfJUNLJwE3D0YWIjsxM168GCKobdiVtZyksPOPoHqqP7HmTBzK680CeK49A2NgxGMPBtJ8QGrfe97_RYQmmAyklzTKCK1lE-GqPSAonZau5QdltThFMImRIeirOCP1WqabJKS45QM2swbtkXl0wpBmGyUtKEDeTiJAlTFd3G5e7NvMD9nZK_4OJj6fN_ARTzdwVFWvXWcfBsXzZ0MdXY1CzfySeFR6XGVkbB0U1U4ZPCnZMEN20IHxdT180t4tSQNpHDoEAihUBTFy6i048qAl5E_VATAO45J5xtts6cqoUiRLm5WSx8hIOf8cwIlgG6Cx9ebqYxj1-OjelVkYlXFXfsbGGvXn93Tari0rPMMPgBAGABsLa27_3m_noQqAGKqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTIzNTc1MzQyNzk3NjQ2MBiK0wU&sigh=KoAIXxjhDng&uach_m=[UACH]&cid=CAQSTADq26N914XUl_9fiU0KU3N4jYGDWoQcNGbNvMnxCodAA3K8PPsEZ4L0xAU47wlpBBRiJHOXgaol7FgTNzyrVtV69b2mWpPRX-r-HJQYASAT&vt=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

commerzbank_affluent_perspektive_300x600_v3_js.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/ Frame F8C8
116 KB
117 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/commerzbank_affluent_perspektive_300x600_v3_js.png
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1acf66d71a58cce9c392b41311d0b1a72298ebf1cd1f0712ec5555e431935da5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 20 Jan 2023 05:21:36 GMT
x-content-type-options
nosniff
age
288031
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119271
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 13:55:24 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 20 Jan 2024 05:21:36 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 2730
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230111_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 08:22:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
190751
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Jan 2024 08:22:56 GMT
file.mp4
r1---sn-5hnednsz.c.2mdn.net/videoplayback/id/d6d592b36afed1d5/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818542020/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 2730
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/d6d592b36afed1d5/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818542020/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
  • https://r1---sn-5hnednsz.c.2mdn.net/videoplayback/id/d6d592b36afed1d5/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818542020/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0
Fetch
General
Full URL
https://r1---sn-5hnednsz.c.2mdn.net/videoplayback/id/d6d592b36afed1d5/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818542020/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0830CAB3A9637840C2B8C56513C492C9B19E5792.638DA4D7824FA0AB821C6544E09B0B15D4A51A9D/key/cms1/cms_redirect/yes/mh/1k/mip/2a03:1b20:6:f011::5e/mm/42/mn/sn-5hnednsz/ms/onc/mt/1674479107/mv/u/mvi/1/pl/48/file/file.mp4
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
2a00:1450:400e:11::6 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Mon, 23 Jan 2023 13:22:08 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
1312966
Last-Modified
Thu, 19 Jan 2023 02:06:25 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Mon, 23 Jan 2023 13:22:08 GMT

Redirect headers

date
Mon, 23 Jan 2023 13:22:07 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
650
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
location
https://r1---sn-5hnednsz.c.2mdn.net/videoplayback/id/d6d592b36afed1d5/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818542020/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0830CAB3A9637840C2B8C56513C492C9B19E5792.638DA4D7824FA0AB821C6544E09B0B15D4A51A9D/key/cms1/cms_redirect/yes/mh/1k/mip/2a03:1b20:6:f011::5e/mm/42/mn/sn-5hnednsz/ms/onc/mt/1674479107/mv/u/mvi/1/pl/48/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9B90
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstD7n-naqManLQJP6owpbmIEnONGJ-E6yizCqC33DTBr2LcUt4r4mYwv6DTj6XGVOEMZm9a_soqjng7OT_B7UwhiqdfyHi_S0y8hCvmj_e6nzYkVANLtrgR7pVgVRgfIkCzFSChASzSEbAQXzeICPlVmu8QMW0-XRltPoGohR83t0UqKjjmIR4OpHl6SWEHC9yv2Qb6JAfqubUyLlGnDLfjCQCHOWIc3Wo3Ou4nYXHRI2ODsgFos_6kmRMIj_eTGFm1AVcGfznIwVhS4ZHiOKyxAd5Lrcqxzo4mZPD2vmA1o0HypoPqZF_6zseZPBCzwlBzxblrS3uasTCqwh6jIy8c9xdymM5ZGHzuOyjNYk6Q1sZT1ng&sai=AMfl-YTVANfn-CL3PmPFr-z-e7Trc2V28kOoNfdDpR7q-J6u5vqC5iNRwq8lI3zG9f80YssqzxaaZc8T8llPvbNf1ChW9I2ZARPBQnuDTcZ-soQYPe7FwYepgHnBAF1WfR472O_QJCg2HXU6RhVGqs5DT4Y&sig=Cg0ArKJSzFHdeC_NQ1YzEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 23 Jan 2023 13:22:07 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B35C
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssAI4UMZe2pg9hDRlnrezoQulwY1CeElwLOPj3PbodqyjZX4rM1VMOnC_RWT7XlnU_A0WrY2L-3eLMKd-O7EcM0NCDCbrXMW429ZeHcV1b8QAL5mrux0rw5Q1Sm_dpZGbvZr6LHwAqRPlEs0sJttSTKkk5v2iU6Fzh6ZGHoUBUb5bqeEGMgiPhu4Bw74ZM1iiP-NoTT9RMGY13bhqU3WaHwcUUtRFQqzDIyFr8BNpt21rqvaoaPAx9pKQ0EZPybun31jVW-G0CCHIN_zFD_kazHHY86DlaGkJz2CCKZx-8nsbOtUOveVvLjZDJ5lA86tRbr1vqNUamZ29TgaZABBzZQMq4_zYsIfvGCxJhzOH6xPUEPrM4&sai=AMfl-YRu-0y9H-3qtZZ8sFdyxuv_yO8vDTPPsNSs072REUlDY4azBhuKO1uMaY1LdBMyU4nX5GsFX94QwvJo3XCqt7pUxxC1h0d8g2HFhY9jlADmpnM4wrMkLkwjDdE-bKrc4mJwftjwRo6BLmes3LOJ7OI&sig=Cg0ArKJSzFJQvAfPiLa5EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 23 Jan 2023 13:22:07 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame B771
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 13:22:08 GMT
expires
Mon, 23 Jan 2023 13:22:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 13:22:07 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 9896
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 13:22:08 GMT
expires
Mon, 23 Jan 2023 13:22:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 13:22:08 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame A81D
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 13:22:08 GMT
expires
Mon, 23 Jan 2023 13:22:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 13:22:08 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F8C8
30 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e2d0edad81d1e80cf1281c0bfd22761d1af8e9e7fe72bf0026ced4326cc94f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame F8C8
33 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95b3452ac86e83ba6a6beb3fb8541ba6611eed09ade37fa630d1a936129edebc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F8C8
38 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad934ad20c1854d2f78f9a30bd38d90cf32336d953f2fa31b510ebe954c435ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F8C8
26 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44e61cc406c936f5800d26fef8f75795624a8b2855929034b9cfb6cab6790a8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F8C8
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e527ed2aef39f2b9e64ae9ba09929961f15d93e35c16dcee8759f55214a982a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F8C8
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ed67d00b03ac454d09fe8823fd48765227f93e6b8a8a5e47a7ee6001f090ce8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F8C8
24 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02e35fe3331082c58fac80f0b6fe2b319bbb6643d02d283f7a27985c02d16def

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F8C8
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0e017de0b96508b616df4a4f200585fee7df1100ebfcf06a2d77acbf63b81bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
commerzbank_affluent_perspektive_300x250_v3_js.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4032645762797114999/ Frame 3EE5
80 KB
80 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4032645762797114999/commerzbank_affluent_perspektive_300x250_v3_js.png
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6866867696a98b0736707a8c2541821b7af25be5276ca8ac9de96025287e6183
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sun, 22 Jan 2023 10:07:36 GMT
x-content-type-options
nosniff
age
98072
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
82382
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 14:46:25 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 22 Jan 2024 10:07:36 GMT
commerzbank_affluent_perspektive_300x600_v3_js.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/ Frame B4E0
116 KB
117 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11082872204613916311/commerzbank_affluent_perspektive_300x600_v3_js.png
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1acf66d71a58cce9c392b41311d0b1a72298ebf1cd1f0712ec5555e431935da5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 20 Jan 2023 05:21:36 GMT
x-content-type-options
nosniff
age
288032
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119271
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 13:55:24 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 20 Jan 2024 05:21:36 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 566D
155 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 13:22:08 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F9A9
155 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 13:22:08 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 9B90
219 B
648 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.myjoyonline.com&callback=_gfp_s_&client=ca-pub-2500680891621702&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8f733e621286286772203c45042667f0f07153cf35044f2778bc52a60926078
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
204
x-xss-protection
0
truncated
/ Frame F9A9
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6512d30c6c193f381db289292adfa044a6d33b0196db5303fc74bf3aa579f481

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 566D
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eba6aa12aa6e1e2f52a99e1ccd97e4d682c1669a51ea7464bb697c7d97d9716f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.de/adsid/ Frame 9B90
107 B
165 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.myjoyonline.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 9B90
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.myjoyonline.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B90
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&tn=DIV&id=smart-nav&cls=container-fluid%20menu-gradient%20desktop-menu&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame AF43
15 KB
1 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&adk=1812271804&adf=2751418289&lmt=1674480128&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=260x810_l%7C260x810_r&format=0x0&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127301&bpp=6&bdt=753&idt=565&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA&nras=1&correlator=8068862756404&frm=23&ife=4&pv=2&ga_vid=947933348.1674480125&ga_sid=1674480128&ga_hid=209361048&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=250&ifk=3688579295&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071546%2C31071581%2C44779793&oid=2&pvsid=3280936135904142&tmod=363497309&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.c43lynr10gpo&btvi=1&fsb=1&dtd=876
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02c2d41188e6fa43df6a6e273453b280775270f1db9199e770fa4d1ab8d73813
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
1095
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 13:22:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9B90
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230118&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
34e9183eb598c83892c0f4aa5de27874e7a070fff75ff5f4870a6d7e3c026961
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11005
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6766
103 KB
34 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189485&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674480128&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127301&bpp=4&bdt=753&idt=645&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA&prev_fmts=0x0&nras=1&correlator=8068862756404&frm=23&ife=4&pv=1&ga_vid=947933348.1674480125&ga_sid=1674480128&ga_hid=209361048&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=1670&biw=1600&bih=1200&isw=300&ish=250&ifk=3688579295&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071546%2C31071581%2C44779793&oid=2&pvsid=3280936135904142&tmod=363497309&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.tto1jbwpffzd&btvi=2&fsb=1&dtd=885
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49136a69959cf3fcbe625d01b4b1f6e9d08b3eaa58ff230d5f91f5e9bff21e8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
34963
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 13:22:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame B35C
219 B
269 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.myjoyonline.com&callback=_gfp_s_&client=ca-pub-2500680891621702&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com&bust=31071714
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e5f11b04ecabb3a1cd571f83991c1a54fb7533964fafbafb77cd2ab80f72200
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
204
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame B35C
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&tn=DIV&id=smart-nav&cls=container-fluid%20menu-gradient%20desktop-menu&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com&bust=31071714
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ Frame B35C
107 B
165 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.myjoyonline.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com&bust=31071714
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame B35C
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.myjoyonline.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com&bust=31071714
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 698B
15 KB
1 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&adk=1812271804&adf=2751417949&lmt=1674480128&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=260x810_l%7C260x810_r&format=0x0&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127255&bpp=6&bdt=767&idt=659&shv=r20230118&mjsv=m202301100101&ptt=9&saldr=aa&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA&nras=1&correlator=8068862756404&frm=23&ife=4&pv=1&ga_vid=947933348.1674480125&ga_sid=1674480128&ga_hid=1940045243&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=250&ifk=2712454997&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071714%2C44774292%2C44779793&oid=2&pvsid=2760405362826837&tmod=1170705000&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.1dek23ns65hx&btvi=1&fsb=1&dtd=958
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com&bust=31071714
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02c2d41188e6fa43df6a6e273453b280775270f1db9199e770fa4d1ab8d73813
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
1095
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 13:22:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame B35C
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230118&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com&bust=31071714
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d43d17e090174065f5ddea2c246df2786d72606f1717b49046f013adc1701ee2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11055
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F15E
101 KB
34 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186305&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674480128&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127255&bpp=2&bdt=767&idt=701&shv=r20230118&mjsv=m202301100101&ptt=9&saldr=aa&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA&prev_fmts=0x0&nras=1&correlator=8068862756404&frm=23&ife=4&pv=1&ga_vid=947933348.1674480125&ga_sid=1674480128&ga_hid=1940045243&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=2848&biw=1600&bih=1200&isw=300&ish=250&ifk=2712454997&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071714%2C44774292%2C44779793&oid=2&pvsid=2760405362826837&tmod=1170705000&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.jbs1i9xeqep2&btvi=2&fsb=1&dtd=970
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com&bust=31071714
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0818ee22fedf28616433a9cc3acf32a81e826df3315bd538f9a2d1b20d55a667
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
34568
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 13:22:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
commerzbank_affluent_passion_300x600_v3_js.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18332568827419972199/ Frame 3BFF
86 KB
86 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18332568827419972199/commerzbank_affluent_passion_300x600_v3_js.png
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3db49d4f1467e70f1e51314336439550ec6678f9cf932d56bc37d7b816999df8
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 23 Jan 2023 12:11:11 GMT
x-content-type-options
nosniff
age
4257
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88009
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 13:55:10 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 23 Jan 2024 12:11:11 GMT
commerzbank_affluent_mut_300x250_v3_js.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10271607261087679227/ Frame 63E9
61 KB
61 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10271607261087679227/commerzbank_affluent_mut_300x250_v3_js.png
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d17a78f4d9779ae7353e2f0eb56d6d3b57eaf1bc2d3e4beb482ae693b00b37b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 19 Jan 2023 18:41:26 GMT
x-content-type-options
nosniff
age
326442
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62324
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 14:46:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 19 Jan 2024 18:41:26 GMT
commerzbank_affluent_passion_300x250_v3_js.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/ Frame F93E
58 KB
58 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11699188833985797144/commerzbank_affluent_passion_300x250_v3_js.png
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b5a2bb689f35dee671ce481c1a4eef5ca841fbffe7cad9c6518862d174054eb
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 19 Jan 2023 12:56:54 GMT
x-content-type-options
nosniff
age
347114
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59456
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 14:46:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 19 Jan 2024 12:56:54 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 234A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 13:22:08 GMT
expires
Mon, 23 Jan 2023 13:22:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 13:22:08 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B34D
155 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 13:22:08 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9ACB
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssNC4jhRavwzVZkWIYxyCLKimvueyWhXvJwEfqwSuv1F6fxm_1AmObLnr-ilxyCY5yAHh1V8cz8QGa66WC-Kjw_0PFTl2_JZrRkxpypn-U-IEiysns5v-mjhmPJK67IZd-s3NSVTlu_wpFS2CTyEf-wwXTjzkCjUuYX2QvggUFFyfshZFvrWxVfhtqwlUsoL2MivqSAxm0vK92iOb0gHh9-vqk53OK0NSgtwBoulKL-k_Tw-0MYOOC4TVsIgDMzoDKBvnLynGFHHZJSV2294C4hvs53fWi9egycgfAV3iZSotI4GxjbytpW-cudc3PgwVq-0gcVO9bMUy9av3gfimGK4c6rFuuBGsHwykcBuh8dBySumbM&sai=AMfl-YRORg1WxK-3u0yr_T4URCBcHGmdPYR10sBKE-BNGo5bqQknMPNlvb8zYIQJzckwCFLmyRwjLGdA69hrESdoWi5hM5OUzxZ5pjssmAToVhpLnA1UVe9JJtVjKaZIu3VujbSJyLu_A-7DPf7dqgze_UM&sig=Cg0ArKJSzPhUvUa_kPFJEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 23 Jan 2023 13:22:08 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 90D5
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 13:22:08 GMT
expires
Mon, 23 Jan 2023 13:22:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 13:22:08 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame AFE7
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 13:22:08 GMT
expires
Mon, 23 Jan 2023 13:22:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 13:22:08 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F8C8
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b38e47a0754cf33284eff286bd4a4b4e42bb75a1acebd2dd5a7589ca1d952ab5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F8C8
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e35bc74cf7e4af128e2bb83ed004693fd139abbb97c13f4b86b763802627965c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F8C8
6 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
347d077a1c34270efa6d6f8ef73ebc1fede681e42cff5cc392a88f573bb3b4eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F8C8
6 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9550654409f5e615f24c4f16d0323ac364e0ff1072f20eb18da70f146d53547c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F8C8
7 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ef93d501cce74569911272792bf7836af546536d914ca1b87de59e4aecf63ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F8C8
7 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a29cf168c7fed359190bde8541bc52ce4d3713e72b482a65ee882dce6a225374

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F8C8
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee0358b12d512e90cd120c27f96a4ff913c23c5a4f810ea5f9258ce03dadfac4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F8C8
7 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dbe5bdc0102e824f9f2a8b804a696f4b9b68459ed1a4f15516ff90d78c5f6fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F8C8
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ff1fd08b88f47dbb00f5a47a4686025700574019e591f2237a4b1a64a78aeb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B34D
207 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
31df1daeccab428602da1dd8051150c56f19eadd86ffa37db4cb0db1eb0941a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F8C8
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d32658fc01cb3bf428d18cf7912eb29f7f6e2902674775c65c9411f6cb2e9e57

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame E4D5
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvatuGHqoKkhnM_yfRAFdsY51kLjn6VYjWN6klmdO3Bn0g-Ah-bSD_jX5VIhqoHYnegaDNujX9pMIBuleGpRcqh71GAJhwEobE3wtakYypP2n7xAxs7&sig=Cg0ArKJSzLilfZxGgCwvEAE&id=lidar2&mcvt=1306&p=80,315,330,1285&mtos=1306,1306,1306,1306,1306&tos=1306,0,0,0,0&v=20230118&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=217630568&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674480126369&rpt=691&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E376
155 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 13:22:08 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D2AB
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv8VNO5WgnbENNj2hM9lp1qvoK4sCX5_0duDCaIwP8Q28Fxs3aNyioopprb0R1EJdvwPMYMsSSv_Ih-_KuJX9M55ixevfZGXmoTZ8wiA-K3GPYB6dG5&sig=Cg0ArKJSzEfw47h2kkIkEAE&id=lidar2&mcvt=1224&p=646,1005,896,1305&mtos=1224,1224,1224,1224,1224&tos=1224,0,0,0,0&v=20230118&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=841315098&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674480126390&rpt=769&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame EB57
23 KB
9 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
83771
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 22 Jan 2023 14:05:57 GMT
expires
Mon, 22 Jan 2024 14:05:57 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
pagead2.googlesyndication.com/bg/ Frame F8C8
36 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 07:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
192181
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Jan 2024 07:59:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C06F
155 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 13:22:08 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 12C2
155 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 13:22:08 GMT
truncated
/ Frame E376
206 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
836e3799af3ff01423838e23f10986a839509db5bd96ba941676b9102ffd42f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame C06F
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
643e8f1ab15544438a2b3e78f309c24ea1703590eb2f194b2316181fe067ce7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 12C2
207 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e65e514deb1b2440cd10ac345a073a959cdd4d713889c9abe03bd4b67af56d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.de/adsid/ Frame 9ACB
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 9ACB
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 997F
15 KB
1 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&adk=1812271804&adf=2751417939&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.myjoyonline.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127531&bpp=4&bdt=900&idt=445&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&nras=1&correlator=5654113976534&frm=24&ife=3&pv=2&ga_vid=1108797295.1674480128&ga_sid=1674480128&ga_hid=22970163&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3119401086&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44779794%2C31071262%2C31071663&oid=2&pvsid=2005410910370218&tmod=607883322&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.v0gxl9v55dyn&fsb=1&dtd=933
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02c2d41188e6fa43df6a6e273453b280775270f1db9199e770fa4d1ab8d73813
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
1095
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 13:22:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9ACB
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230118&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
96d32b81e5b0ef35f87ce1153d4ba9f8047c873f66f4f28b2c5a05c009794ec3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11053
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F736
98 KB
35 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186307&pi=t.ma~as.7074810865&w=300&fwrn=16&fwrnh=100&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127531&bpp=3&bdt=900&idt=724&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5654113976534&frm=24&ife=3&pv=1&ga_vid=1108797295.1674480128&ga_sid=1674480128&ga_hid=22970163&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3119401086&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44779794%2C31071262%2C31071663&oid=2&pvsid=2005410910370218&tmod=607883322&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.a1rcvohtmwn1&fsb=1&dtd=941
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7b1e6ee879f585d048b6605c5044e1b2ff00fbc1d3987de6fc169eccab8a804
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
35680
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 13:22:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3EE5
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c93dc84049ced06257c79f0b114862380a1964936f843f7c962076b4e107d58c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3EE5
992 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
650da9e6f05c29b40c5cf21e4ce0a863c81e6ea5234b23f4d9b93b51dc6cfc56

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3EE5
852 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e5ec9d53f8d82f9d59a8e9157c213b7b9cf49ef83d6e068e22f63238f195aa15

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3EE5
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea19606333339c1f788ee53fde82a94ed6d164673abe2e5939fd3aa081ab53eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3EE5
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44b34578989a08119535b5c54623cab8c70a3ed38106e766784108ea3bd06949

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3EE5
56 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e32b7c077a545e3ea7f97d38d5246474178e97c2bf99919960c7a92609aa506e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 3EE5
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb62c6d71dc6f167d5af0be1f0797652b5f318f0d2d15c7aa0291b6553e3a048

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3EE5
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dd050c99336bc560137e02ce87de80b8d105cc0ee0543f99272af36c30f27d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B4E0
30 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e2d0edad81d1e80cf1281c0bfd22761d1af8e9e7fe72bf0026ced4326cc94f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame B4E0
33 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95b3452ac86e83ba6a6beb3fb8541ba6611eed09ade37fa630d1a936129edebc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B4E0
38 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad934ad20c1854d2f78f9a30bd38d90cf32336d953f2fa31b510ebe954c435ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B4E0
26 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44e61cc406c936f5800d26fef8f75795624a8b2855929034b9cfb6cab6790a8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B4E0
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e527ed2aef39f2b9e64ae9ba09929961f15d93e35c16dcee8759f55214a982a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B4E0
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ed67d00b03ac454d09fe8823fd48765227f93e6b8a8a5e47a7ee6001f090ce8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B4E0
24 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02e35fe3331082c58fac80f0b6fe2b319bbb6643d02d283f7a27985c02d16def

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B4E0
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0e017de0b96508b616df4a4f200585fee7df1100ebfcf06a2d77acbf63b81bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3BFF
38 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad934ad20c1854d2f78f9a30bd38d90cf32336d953f2fa31b510ebe954c435ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3BFF
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e527ed2aef39f2b9e64ae9ba09929961f15d93e35c16dcee8759f55214a982a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3BFF
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ed67d00b03ac454d09fe8823fd48765227f93e6b8a8a5e47a7ee6001f090ce8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3BFF
24 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02e35fe3331082c58fac80f0b6fe2b319bbb6643d02d283f7a27985c02d16def

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3BFF
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0e017de0b96508b616df4a4f200585fee7df1100ebfcf06a2d77acbf63b81bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3BFF
27 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6a63c56ef9afea0434a45aea5b17b3bd9731bfd2f1aa98bd588d481345fe0e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 3BFF
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dbdbd5e3aec40a38eb3508b3ff8e1b2478e00c515108f4a46402db08c72f8445

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3BFF
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb63ea01905ce48550a69f026781efea4d406b3b0e99be21e1609f4c96bc09d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 63E9
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c93dc84049ced06257c79f0b114862380a1964936f843f7c962076b4e107d58c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 63E9
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dcfd81c9426baeb3821d227a40cd765d3df097fbb0df64913f7bdd414bf4a3a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 63E9
992 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
650da9e6f05c29b40c5cf21e4ce0a863c81e6ea5234b23f4d9b93b51dc6cfc56

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 63E9
852 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e5ec9d53f8d82f9d59a8e9157c213b7b9cf49ef83d6e068e22f63238f195aa15

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 63E9
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea19606333339c1f788ee53fde82a94ed6d164673abe2e5939fd3aa081ab53eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 63E9
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44b34578989a08119535b5c54623cab8c70a3ed38106e766784108ea3bd06949

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 63E9
38 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e27baa66e35f5d5adc061e7e1dde7ecc416a7ae08a15b8e0c6f36e7a2557e5a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame 63E9
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3062de421ab0dcb3f282bbbda8049e7aa250ef25eff9a9683e36c3108ee93d24

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F93E
34 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81cc7fd7df22e0e62e9fe6cc340361b2287a93752604e162440708e12712e39f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame F93E
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48041bcb6dafadb3ecb47aacfec7f5e0e43262f9c6046c28460a38c51caeb8c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F93E
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c93dc84049ced06257c79f0b114862380a1964936f843f7c962076b4e107d58c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F93E
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dcfd81c9426baeb3821d227a40cd765d3df097fbb0df64913f7bdd414bf4a3a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F93E
992 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
650da9e6f05c29b40c5cf21e4ce0a863c81e6ea5234b23f4d9b93b51dc6cfc56

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F93E
852 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e5ec9d53f8d82f9d59a8e9157c213b7b9cf49ef83d6e068e22f63238f195aa15

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F93E
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea19606333339c1f788ee53fde82a94ed6d164673abe2e5939fd3aa081ab53eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F93E
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44b34578989a08119535b5c54623cab8c70a3ed38106e766784108ea3bd06949

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
file.mp4
r1---sn-5hnednsz.c.2mdn.net/videoplayback/id/d6d592b36afed1d5/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818542020/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 2730
1 MB
1 MB
Media
General
Full URL
https://r1---sn-5hnednsz.c.2mdn.net/videoplayback/id/d6d592b36afed1d5/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818542020/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0830CAB3A9637840C2B8C56513C492C9B19E5792.638DA4D7824FA0AB821C6544E09B0B15D4A51A9D/key/cms1/cms_redirect/yes/mh/1k/mip/2a03:1b20:6:f011::5e/mm/42/mn/sn-5hnednsz/ms/onc/mt/1674479107/mv/u/mvi/1/pl/48/file/file.mp4
Requested by
Host: cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
URL: https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:11::6 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
be9012b0360c89cf45f6469fa51b491796f4fd5564b93c2c24256451f9db1310
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Range
bytes=0-

Response headers

expires
Mon, 23 Jan 2023 13:22:08 GMT
date
Mon, 23 Jan 2023 13:22:08 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-1312965/1312966
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
1312966
last-modified
Thu, 19 Jan 2023 02:06:25 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
client-protocol
quic
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9B90
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 13:22:09 GMT
truncated
/ Frame 3EE5
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c35829b27cab8baa43d3fcab2264640c80df89151eee9391708049c39ddd368c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3EE5
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93cb5925a330630f84012b5d56afe97a04dfed609ccf3c73203ef570624ce821

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3EE5
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87a26ed5fd2ef06513a60d162c6d4f0ddf062686222533f7321794343f0b5da0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3EE5
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1fa693d2cd4a5db2635ceb147f1aa0b5d4d75691c093bd8848e1e4a7b8449e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3EE5
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
64717556df2e07ac4f05802eb53909e17db19b8e174dd6dce31347477e1ca854

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3EE5
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2efa73a622b8782e93c6c2d2e8104860cfa688382f2fb00520c0ad32794cc199

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3EE5
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ed5b49fd22e45cda66721a93e279a4e5833c72f7097352a444a785d922f13190

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3EE5
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
16c9afb6ed90fb117a2f1f162e5d2db74efddb6e71d75bdf2009c176ead53cdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B35C
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=www.myjoyonline.com&bust=31071714
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 13:22:09 GMT
truncated
/ Frame B4E0
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b38e47a0754cf33284eff286bd4a4b4e42bb75a1acebd2dd5a7589ca1d952ab5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B4E0
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e35bc74cf7e4af128e2bb83ed004693fd139abbb97c13f4b86b763802627965c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B4E0
6 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
347d077a1c34270efa6d6f8ef73ebc1fede681e42cff5cc392a88f573bb3b4eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B4E0
6 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9550654409f5e615f24c4f16d0323ac364e0ff1072f20eb18da70f146d53547c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B4E0
7 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ef93d501cce74569911272792bf7836af546536d914ca1b87de59e4aecf63ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B4E0
7 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a29cf168c7fed359190bde8541bc52ce4d3713e72b482a65ee882dce6a225374

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B4E0
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee0358b12d512e90cd120c27f96a4ff913c23c5a4f810ea5f9258ce03dadfac4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B4E0
7 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dbe5bdc0102e824f9f2a8b804a696f4b9b68459ed1a4f15516ff90d78c5f6fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B4E0
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ff1fd08b88f47dbb00f5a47a4686025700574019e591f2237a4b1a64a78aeb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B4E0
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d32658fc01cb3bf428d18cf7912eb29f7f6e2902674775c65c9411f6cb2e9e57

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
11136232885258361822
tpc.googlesyndication.com/simgad/ Frame F15E
58 KB
58 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/11136232885258361822?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkbNpIfbBzSVhtBecu9R7kPxQfCvQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186305&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674480128&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127255&bpp=2&bdt=767&idt=701&shv=r20230118&mjsv=m202301100101&ptt=9&saldr=aa&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA&prev_fmts=0x0&nras=1&correlator=8068862756404&frm=23&ife=4&pv=1&ga_vid=947933348.1674480125&ga_sid=1674480128&ga_hid=1940045243&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=2848&biw=1600&bih=1200&isw=300&ish=250&ifk=2712454997&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071714%2C44774292%2C44779793&oid=2&pvsid=2760405362826837&tmod=1170705000&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.jbs1i9xeqep2&btvi=2&fsb=1&dtd=970
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c30ebef8622781f744afe92f1d1cc8678eede9f0dc43a2abdfb351474659f12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 18:49:47 GMT
x-content-type-options
nosniff
age
498742
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59271
x-xss-protection
0
last-modified
Sat, 18 Sep 2021 08:24:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 17 Jan 2024 18:49:47 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/ Frame F15E
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186305&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674480128&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127255&bpp=2&bdt=767&idt=701&shv=r20230118&mjsv=m202301100101&ptt=9&saldr=aa&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA&prev_fmts=0x0&nras=1&correlator=8068862756404&frm=23&ife=4&pv=1&ga_vid=947933348.1674480125&ga_sid=1674480128&ga_hid=1940045243&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=2848&biw=1600&bih=1200&isw=300&ish=250&ifk=2712454997&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071714%2C44774292%2C44779793&oid=2&pvsid=2760405362826837&tmod=1170705000&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.jbs1i9xeqep2&btvi=2&fsb=1&dtd=970
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:22:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
17953
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8872
x-xss-protection
0
server
cafe
etag
4731094640903799552
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:22:56 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame F15E
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186305&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674480128&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127255&bpp=2&bdt=767&idt=701&shv=r20230118&mjsv=m202301100101&ptt=9&saldr=aa&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA&prev_fmts=0x0&nras=1&correlator=8068862756404&frm=23&ife=4&pv=1&ga_vid=947933348.1674480125&ga_sid=1674480128&ga_hid=1940045243&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=2848&biw=1600&bih=1200&isw=300&ish=250&ifk=2712454997&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071714%2C44774292%2C44779793&oid=2&pvsid=2760405362826837&tmod=1170705000&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.jbs1i9xeqep2&btvi=2&fsb=1&dtd=970
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:22:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
17953
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:22:56 GMT
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame F15E
67 B
98 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186305&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674480128&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127255&bpp=2&bdt=767&idt=701&shv=r20230118&mjsv=m202301100101&ptt=9&saldr=aa&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA&prev_fmts=0x0&nras=1&correlator=8068862756404&frm=23&ife=4&pv=1&ga_vid=947933348.1674480125&ga_sid=1674480128&ga_hid=1940045243&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=2848&biw=1600&bih=1200&isw=300&ish=250&ifk=2712454997&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071714%2C44774292%2C44779793&oid=2&pvsid=2760405362826837&tmod=1170705000&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.jbs1i9xeqep2&btvi=2&fsb=1&dtd=970
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 20:30:09 GMT
x-content-type-options
nosniff
server
cafe
age
60720
etag
2462972746714251406
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
expires
Mon, 23 Jan 2023 20:30:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame F15E
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186305&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674480128&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127255&bpp=2&bdt=767&idt=701&shv=r20230118&mjsv=m202301100101&ptt=9&saldr=aa&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA&prev_fmts=0x0&nras=1&correlator=8068862756404&frm=23&ife=4&pv=1&ga_vid=947933348.1674480125&ga_sid=1674480128&ga_hid=1940045243&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=2848&biw=1600&bih=1200&isw=300&ish=250&ifk=2712454997&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071714%2C44774292%2C44779793&oid=2&pvsid=2760405362826837&tmod=1170705000&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.jbs1i9xeqep2&btvi=2&fsb=1&dtd=970
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:22:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
17954
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7515
x-xss-protection
0
server
cafe
etag
5914713042212191929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:22:55 GMT
l
www.google.com/ads/measurement/ Frame F15E
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR2u5D9NkpeHGdgVku3gSUPhXRhrKOIWinwRHs_C9VoaGODMLIun8oaEJlHq-w_HCh74--L_0LcWFFWMwruXTBF90EdhA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186305&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674480128&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127255&bpp=2&bdt=767&idt=701&shv=r20230118&mjsv=m202301100101&ptt=9&saldr=aa&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA&prev_fmts=0x0&nras=1&correlator=8068862756404&frm=23&ife=4&pv=1&ga_vid=947933348.1674480125&ga_sid=1674480128&ga_hid=1940045243&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=2848&biw=1600&bih=1200&isw=300&ish=250&ifk=2712454997&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071714%2C44774292%2C44779793&oid=2&pvsid=2760405362826837&tmod=1170705000&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.jbs1i9xeqep2&btvi=2&fsb=1&dtd=970
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F15E
155 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186305&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674480128&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127255&bpp=2&bdt=767&idt=701&shv=r20230118&mjsv=m202301100101&ptt=9&saldr=aa&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA&prev_fmts=0x0&nras=1&correlator=8068862756404&frm=23&ife=4&pv=1&ga_vid=947933348.1674480125&ga_sid=1674480128&ga_hid=1940045243&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=2848&biw=1600&bih=1200&isw=300&ish=250&ifk=2712454997&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071714%2C44774292%2C44779793&oid=2&pvsid=2760405362826837&tmod=1170705000&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.jbs1i9xeqep2&btvi=2&fsb=1&dtd=970
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 13:22:09 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame F15E
33 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186305&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674480128&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127255&bpp=2&bdt=767&idt=701&shv=r20230118&mjsv=m202301100101&ptt=9&saldr=aa&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA&prev_fmts=0x0&nras=1&correlator=8068862756404&frm=23&ife=4&pv=1&ga_vid=947933348.1674480125&ga_sid=1674480128&ga_hid=1940045243&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=2848&biw=1600&bih=1200&isw=300&ish=250&ifk=2712454997&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071714%2C44774292%2C44779793&oid=2&pvsid=2760405362826837&tmod=1170705000&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.jbs1i9xeqep2&btvi=2&fsb=1&dtd=970
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8651a1012bb35c2683162251b75438c3710bb12cf07288ef9322c271c44826af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 12:39:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
2561
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13507
x-xss-protection
0
server
cafe
etag
2920471824528828230
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 12:39:28 GMT
5522658930454909180
tpc.googlesyndication.com/simgad/ Frame 6766
20 KB
20 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/5522658930454909180
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189485&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674480128&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127301&bpp=4&bdt=753&idt=645&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA&prev_fmts=0x0&nras=1&correlator=8068862756404&frm=23&ife=4&pv=1&ga_vid=947933348.1674480125&ga_sid=1674480128&ga_hid=209361048&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=1670&biw=1600&bih=1200&isw=300&ish=250&ifk=3688579295&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071546%2C31071581%2C44779793&oid=2&pvsid=3280936135904142&tmod=363497309&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.tto1jbwpffzd&btvi=2&fsb=1&dtd=885
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28d276bc894cfd3cbf6bcb2c8245d566227df7e5f828932b935b715bfad0c17b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:14:25 GMT
x-content-type-options
nosniff
age
274064
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20225
x-xss-protection
0
last-modified
Wed, 30 Nov 2022 10:12:27 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 20 Jan 2024 09:14:25 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/ Frame 6766
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189485&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674480128&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127301&bpp=4&bdt=753&idt=645&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA&prev_fmts=0x0&nras=1&correlator=8068862756404&frm=23&ife=4&pv=1&ga_vid=947933348.1674480125&ga_sid=1674480128&ga_hid=209361048&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=1670&biw=1600&bih=1200&isw=300&ish=250&ifk=3688579295&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071546%2C31071581%2C44779793&oid=2&pvsid=3280936135904142&tmod=363497309&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.tto1jbwpffzd&btvi=2&fsb=1&dtd=885
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:22:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
17953
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8872
x-xss-protection
0
server
cafe
etag
4731094640903799552
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:22:56 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 6766
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189485&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674480128&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127301&bpp=4&bdt=753&idt=645&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA&prev_fmts=0x0&nras=1&correlator=8068862756404&frm=23&ife=4&pv=1&ga_vid=947933348.1674480125&ga_sid=1674480128&ga_hid=209361048&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=1670&biw=1600&bih=1200&isw=300&ish=250&ifk=3688579295&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071546%2C31071581%2C44779793&oid=2&pvsid=3280936135904142&tmod=363497309&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.tto1jbwpffzd&btvi=2&fsb=1&dtd=885
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:22:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
17953
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:22:56 GMT
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 6766
67 B
98 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189485&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674480128&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127301&bpp=4&bdt=753&idt=645&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA&prev_fmts=0x0&nras=1&correlator=8068862756404&frm=23&ife=4&pv=1&ga_vid=947933348.1674480125&ga_sid=1674480128&ga_hid=209361048&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=1670&biw=1600&bih=1200&isw=300&ish=250&ifk=3688579295&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071546%2C31071581%2C44779793&oid=2&pvsid=3280936135904142&tmod=363497309&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.tto1jbwpffzd&btvi=2&fsb=1&dtd=885
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 20:30:09 GMT
x-content-type-options
nosniff
server
cafe
age
60720
etag
2462972746714251406
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
expires
Mon, 23 Jan 2023 20:30:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 6766
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189485&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674480128&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127301&bpp=4&bdt=753&idt=645&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA&prev_fmts=0x0&nras=1&correlator=8068862756404&frm=23&ife=4&pv=1&ga_vid=947933348.1674480125&ga_sid=1674480128&ga_hid=209361048&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=1670&biw=1600&bih=1200&isw=300&ish=250&ifk=3688579295&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071546%2C31071581%2C44779793&oid=2&pvsid=3280936135904142&tmod=363497309&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.tto1jbwpffzd&btvi=2&fsb=1&dtd=885
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:22:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
17954
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7515
x-xss-protection
0
server
cafe
etag
5914713042212191929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:22:55 GMT
l
www.google.com/ads/measurement/ Frame 6766
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaReRDk9AxNBaUX-pdexXvY1VKxC0htanhLbirpQhOtUwxp3IYoMI8eG8Dko7jwLVz2-cwX3zwpupjw3pXHlrupU1u6AkQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189485&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674480128&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127301&bpp=4&bdt=753&idt=645&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA&prev_fmts=0x0&nras=1&correlator=8068862756404&frm=23&ife=4&pv=1&ga_vid=947933348.1674480125&ga_sid=1674480128&ga_hid=209361048&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=1670&biw=1600&bih=1200&isw=300&ish=250&ifk=3688579295&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071546%2C31071581%2C44779793&oid=2&pvsid=3280936135904142&tmod=363497309&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.tto1jbwpffzd&btvi=2&fsb=1&dtd=885
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6766
155 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189485&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674480128&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127301&bpp=4&bdt=753&idt=645&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA&prev_fmts=0x0&nras=1&correlator=8068862756404&frm=23&ife=4&pv=1&ga_vid=947933348.1674480125&ga_sid=1674480128&ga_hid=209361048&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=1670&biw=1600&bih=1200&isw=300&ish=250&ifk=3688579295&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071546%2C31071581%2C44779793&oid=2&pvsid=3280936135904142&tmod=363497309&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.tto1jbwpffzd&btvi=2&fsb=1&dtd=885
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 13:22:09 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 6766
33 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189485&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674480128&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127301&bpp=4&bdt=753&idt=645&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA&prev_fmts=0x0&nras=1&correlator=8068862756404&frm=23&ife=4&pv=1&ga_vid=947933348.1674480125&ga_sid=1674480128&ga_hid=209361048&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=1670&biw=1600&bih=1200&isw=300&ish=250&ifk=3688579295&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071546%2C31071581%2C44779793&oid=2&pvsid=3280936135904142&tmod=363497309&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.tto1jbwpffzd&btvi=2&fsb=1&dtd=885
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8651a1012bb35c2683162251b75438c3710bb12cf07288ef9322c271c44826af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 12:39:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
2561
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13507
x-xss-protection
0
server
cafe
etag
2920471824528828230
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 12:39:28 GMT
truncated
/ Frame 3BFF
6 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9550654409f5e615f24c4f16d0323ac364e0ff1072f20eb18da70f146d53547c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3BFF
7 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ef93d501cce74569911272792bf7836af546536d914ca1b87de59e4aecf63ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3BFF
7 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a29cf168c7fed359190bde8541bc52ce4d3713e72b482a65ee882dce6a225374

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3BFF
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ff1fd08b88f47dbb00f5a47a4686025700574019e591f2237a4b1a64a78aeb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3BFF
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d32658fc01cb3bf428d18cf7912eb29f7f6e2902674775c65c9411f6cb2e9e57

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3BFF
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
71c602a16b78bbeaacfe42eb8aa44decc029af0b2354c51e48006e0cd49aeb0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3BFF
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65c9043c2813ed372e81cf54ce9b7008a347a658acdf6873c313aa7a3be96a0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3BFF
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3bc8335d5923441bd343530244d911522aca7019631c749ceeac96370d4ceaa0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3BFF
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5af49e8a4b70e3c46dab9564cd55efc07ddbe8247e1bf8646d6b1c79f5e2b211

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3BFF
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23aa272969efe7620a7945e78d0de698004ec06b8882fb500cfacac8a6d76810

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 63E9
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c35829b27cab8baa43d3fcab2264640c80df89151eee9391708049c39ddd368c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 63E9
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93cb5925a330630f84012b5d56afe97a04dfed609ccf3c73203ef570624ce821

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 63E9
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f18c40a3fd1a75d239b3598c66016b18faa6b559aafccc5aba1870fef6fb146

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 63E9
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c0916f65ed64f655a33783c1340f634d26cd954009c0fbf5162784e68c529c33

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 63E9
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87a26ed5fd2ef06513a60d162c6d4f0ddf062686222533f7321794343f0b5da0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 63E9
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1fa693d2cd4a5db2635ceb147f1aa0b5d4d75691c093bd8848e1e4a7b8449e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 63E9
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
37b9a627674745ecd071e8ec6c13a61a868d34579812be5ccfb4ede29f863396

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 63E9
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b2a799b6550ce9540544ad8167eb69afca6b4478a996146262f63e077bc3d55

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
get-advert--prebid-
fundingchoicesmessages.google.com/f/AGSKWxWPSmLqvXJ784wA171DE74jjXNS5iz2u3z1kU_i2lZcAbaFECtk8twtI4M-1WfrNpUN8E5BWh7ZUoLeZrGF4lbq3uurLbuzru6M9XTFq1IgHSt8jsWHCUjcPIqOzclz0gSzlVyeki1PWXyOzlQ0yaeu1LjnJ...
54 B
109 B
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWPSmLqvXJ784wA171DE74jjXNS5iz2u3z1kU_i2lZcAbaFECtk8twtI4M-1WfrNpUN8E5BWh7ZUoLeZrGF4lbq3uurLbuzru6M9XTFq1IgHSt8jsWHCUjcPIqOzclz0gSzlVyeki1PWXyOzlQ0yaeu1LjnJN0qtUX6zpsg-LSvcxGP_62pqYAAHuxd/_/ads/beacon./adborder.-peel-ads-/get-advert--prebid-
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.VQZpONNKa5s.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwAqzGD-EFp9fED4A54ILKgchR0Vw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f9d0696d92d7edf43076ee89d8084a9389c728b94a31bfee4c7305dde4bd57e0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pVAsAovti5AY4dg80lKJtg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:09 GMT
content-security-policy
script-src 'report-sample' 'nonce-pVAsAovti5AY4dg80lKJtg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
144 KB
49 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.VQZpONNKa5s.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwAqzGD-EFp9fED4A54ILKgchR0Vw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7554638629f44ea08820074cbdce3e340089e8e3e619f3f9f5f501fd77e38dc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49703
x-xss-protection
0
server
cafe
etag
13197908095155989352
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 23 Jan 2023 13:22:09 GMT
AGSKWxWmMiSlbYCPlBCdA7RImhiwPgJhEAzrHNlSImFggaerjCK06nWUmxPZ8qorOKujhzT6qg-owhqGzYS_AInteQhAQ4yBJUREIBKwKxnYm_0eJnu4SyLL8NiCDye56V85q2JT3X-Q-g==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWmMiSlbYCPlBCdA7RImhiwPgJhEAzrHNlSImFggaerjCK06nWUmxPZ8qorOKujhzT6qg-owhqGzYS_AInteQhAQ4yBJUREIBKwKxnYm_0eJnu4SyLL8NiCDye56V85q2JT3X-Q-g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.VQZpONNKa5s.es5.O/d=1/rs=AJlcJMwAqzGD-EFp9fED4A54ILKgchR0Vw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-L90DNfTHDzFWPXhzO4oCGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 23 Jan 2023 13:22:09 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-L90DNfTHDzFWPXhzO4oCGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.myjoyonline.com
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame F93E
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3fc838e727e61e0527c90ca35a033aab703e75e9c6d04046702210d6bd18745e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F93E
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2263589ed89b297a57ab885c817e8c13cb0d3d36a581314298a39aafe2369c88

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F93E
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c35829b27cab8baa43d3fcab2264640c80df89151eee9391708049c39ddd368c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F93E
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93cb5925a330630f84012b5d56afe97a04dfed609ccf3c73203ef570624ce821

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F93E
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f18c40a3fd1a75d239b3598c66016b18faa6b559aafccc5aba1870fef6fb146

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F93E
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c0916f65ed64f655a33783c1340f634d26cd954009c0fbf5162784e68c529c33

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F93E
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87a26ed5fd2ef06513a60d162c6d4f0ddf062686222533f7321794343f0b5da0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F93E
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1fa693d2cd4a5db2635ceb147f1aa0b5d4d75691c093bd8848e1e4a7b8449e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
pagead2.googlesyndication.com/bg/ Frame 3EE5
36 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 07:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
192182
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Jan 2024 07:59:07 GMT
QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
pagead2.googlesyndication.com/bg/ Frame B4E0
36 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 07:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
192182
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Jan 2024 07:59:07 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2E6E
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstmAz4oAACnTxFi9-95pMhtWvAhbt9qUEP_aIbOX_ajX4YdXnCAv6i5k7mLJ5W4SjO7MaoPDA0qwwRy3GggN5aknP7fMY7613I2a18DcVtKMIJhaCHGVN1s-8KQvBOblBFPOHitppNDKowrA-Fn7cOZbexdOCQAgcYwVL8y3jJ_036IlLc1BVVATFk6tUBOEx0YX0virWnw2rHXHLuZzY5IM1dv4SSf_1GGjO2Ylt_lO4B4qWXZIarWXpNhPfZwxxVz5aEV2ou7OjvsEf3UeYPoF0CmTeQ2yBNi9EtQzoZATwIXx3hGx-fL-tXeYc3muiVSwNOKvnyutSgUGz03fyPpRCDAzH_Aq1pJpnKnzPxpGOUT5AFBAEQZCdbCcahX12brEUGkDlxY1Qcg4oq3XsVI96KSie051xVs6ZItgdcTzh2HCNl6zlrCDfRLgfBoeGVSxEXeK82pJSojx5eRk5inDYYIHVP06aCmryRfCTEX5pzytkZSoAo9lAjky6FQd7IzN0xYNyj8UewltDb5PyddQ69hf9kH1hyPU60gXKiTkHHd5zKEBQG4ze8n8C0jsAUvyecsuvI66aQtGvPT4WJnZJ_wzt_xQxa3L3oCnAgfrxbDlfMbv4FypcwGiQK7-b69vBCmbm5SalUjMXxcfRsFbXq9LPEpFDAwc5q6-SfuGze6oHxoPdJSNCSZ0nFJULRlUec--e0wutgbq_6pMSSH22SVfBgfKv1cUH52gT1vMPKeUHkLvjnLtxRLhYvvHcz5iPqB9zB3nSUIRQRslnxOM5GPqXFejoph2U4lYmWZRQu7W01YIemENTV8tdDNNqguie6daNTtZkOjKHZane8qSJpBAzDmedYbwYE92xxj_abptHMaC_PNToqitULTr7z107fDIcobJqKSGWr4BuFWCFj1901j0RZO0dh_uc-JtKIUpbHt78uX8_okJ8a3YDMR4HnIcuW0ihpwwiFLqEVyLJa5CXJuUFvG7NUV8TEdyhyynx6WPgr1II9Lya2lhcByiHDI9d0uHogaTnRM0KltRW2-UgDg5_xj3I7CcvrO2whd7Vjiis3bBnuGnrHLrvnWOUzLe-nx245TW8JggyRU3qTE0ctfCWr-40Dlq_LEmyT6oaUeSeXxTXJGbbUz7Fm1PKvYZglaReeHFwiZ5ldJwk8I1cZW56hsFivLPDaZjyOGAk67kIVgQMXt0LH8_sLIVIzjXgZE&sai=AMfl-YREPwhjZfBvn7ZgLW4n_XOknpON6IhKiNRl0uakKocw-Yi-yceGMM49J4t-nZH1KrvzWZVq97qrVky5hL_SH5bXrbVwRBXfnAwDfyHqAyMdjLQloUKxvGmPVRZS9FGyuRp-o6xjJZRQDhiNAIINfOmg9GShoqNEs9_w&sig=Cg0ArKJSzGv_i3KPYVRCEAE&cid=CAQSSwDq26N9S4YUdO3BYO9XW3OtLTJ9t7Q_dTD-KrgRL8w9E-m2DGdJ2B5ZMBfptCzTJIYpOcNLc509WvRs7xYSTHvfgxea3YY2yF46phgBIBM&id=lidar2&mcvt=1393&p=920,1005,1170,1305&mtos=1393,1393,1393,1393,1393&tos=1393,0,0,0,0&v=20230118&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=41891436&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674480126164&rpt=1737&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame F736
8 KB
895 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186307&pi=t.ma~as.7074810865&w=300&fwrn=16&fwrnh=100&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127531&bpp=3&bdt=900&idt=724&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5654113976534&frm=24&ife=3&pv=1&ga_vid=1108797295.1674480128&ga_sid=1674480128&ga_hid=22970163&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3119401086&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44779794%2C31071262%2C31071663&oid=2&pvsid=2005410910370218&tmod=607883322&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.a1rcvohtmwn1&fsb=1&dtd=941
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 23 Jan 2023 13:22:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 23 Jan 2023 12:07:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 23 Jan 2023 13:22:09 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame F736
2 KB
776 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186307&pi=t.ma~as.7074810865&w=300&fwrn=16&fwrnh=100&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127531&bpp=3&bdt=900&idt=724&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5654113976534&frm=24&ife=3&pv=1&ga_vid=1108797295.1674480128&ga_sid=1674480128&ga_hid=22970163&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3119401086&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44779794%2C31071262%2C31071663&oid=2&pvsid=2005410910370218&tmod=607883322&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.a1rcvohtmwn1&fsb=1&dtd=941
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:22:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
17954
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:22:55 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/ Frame F736
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186307&pi=t.ma~as.7074810865&w=300&fwrn=16&fwrnh=100&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127531&bpp=3&bdt=900&idt=724&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5654113976534&frm=24&ife=3&pv=1&ga_vid=1108797295.1674480128&ga_sid=1674480128&ga_hid=22970163&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3119401086&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44779794%2C31071262%2C31071663&oid=2&pvsid=2005410910370218&tmod=607883322&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.a1rcvohtmwn1&fsb=1&dtd=941
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:22:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
17953
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8872
x-xss-protection
0
server
cafe
etag
4731094640903799552
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:22:56 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame F736
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186307&pi=t.ma~as.7074810865&w=300&fwrn=16&fwrnh=100&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127531&bpp=3&bdt=900&idt=724&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5654113976534&frm=24&ife=3&pv=1&ga_vid=1108797295.1674480128&ga_sid=1674480128&ga_hid=22970163&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3119401086&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44779794%2C31071262%2C31071663&oid=2&pvsid=2005410910370218&tmod=607883322&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.a1rcvohtmwn1&fsb=1&dtd=941
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:22:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
17953
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:22:56 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame F736
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186307&pi=t.ma~as.7074810865&w=300&fwrn=16&fwrnh=100&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127531&bpp=3&bdt=900&idt=724&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5654113976534&frm=24&ife=3&pv=1&ga_vid=1108797295.1674480128&ga_sid=1674480128&ga_hid=22970163&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3119401086&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44779794%2C31071262%2C31071663&oid=2&pvsid=2005410910370218&tmod=607883322&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.a1rcvohtmwn1&fsb=1&dtd=941
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 08:22:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
17954
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7515
x-xss-protection
0
server
cafe
etag
5914713042212191929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Feb 2023 08:22:55 GMT
l
www.google.com/ads/measurement/ Frame F736
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSLMz23Eaq8wNiBzZDKRvJwfRD57TgaTyr08HY86Bc9GvqSuOpfnw3bey6x1uDIFOUqLxaY54flgZB_kr7I7riNTvvyVQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186307&pi=t.ma~as.7074810865&w=300&fwrn=16&fwrnh=100&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127531&bpp=3&bdt=900&idt=724&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5654113976534&frm=24&ife=3&pv=1&ga_vid=1108797295.1674480128&ga_sid=1674480128&ga_hid=22970163&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3119401086&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44779794%2C31071262%2C31071663&oid=2&pvsid=2005410910370218&tmod=607883322&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.a1rcvohtmwn1&fsb=1&dtd=941
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F736
155 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186307&pi=t.ma~as.7074810865&w=300&fwrn=16&fwrnh=100&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127531&bpp=3&bdt=900&idt=724&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5654113976534&frm=24&ife=3&pv=1&ga_vid=1108797295.1674480128&ga_sid=1674480128&ga_hid=22970163&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3119401086&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44779794%2C31071262%2C31071663&oid=2&pvsid=2005410910370218&tmod=607883322&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.a1rcvohtmwn1&fsb=1&dtd=941
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 13:22:09 GMT
4486906364f6b2babc33c791099553dd.js
www.gstatic.com/mysidia/ Frame F736
33 KB
14 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/4486906364f6b2babc33c791099553dd.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186307&pi=t.ma~as.7074810865&w=300&fwrn=16&fwrnh=100&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127531&bpp=3&bdt=900&idt=724&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5654113976534&frm=24&ife=3&pv=1&ga_vid=1108797295.1674480128&ga_sid=1674480128&ga_hid=22970163&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3119401086&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44779794%2C31071262%2C31071663&oid=2&pvsid=2005410910370218&tmod=607883322&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.a1rcvohtmwn1&fsb=1&dtd=941
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da18ca5c0fcbb13b7cbcc303389199c34093913017249f2a8ba9a2f27049890a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 04:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
291033
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14016
x-xss-protection
0
last-modified
Wed, 18 Jan 2023 00:06:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 20 Apr 2023 04:31:36 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame F15E
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cw0S7AIrOY6DrD8OY1wa2w5PYDOTtreBtitaTh-MO29keEAEg3oifK2CV4pCCoAegAeef07cCyAECqAMByAPJBKoEpwJP0JPykhZurN829Yn4JcJ2kj3qGnjoVzx_VpyOqHN4oVJpOHuimIo36kSRe0rtNSwuKmyFpVyaDG1ByInDKLoI2T-x8TiCnM5DLhXVZ9quVVnwU5t8gWm_vU35MdxyaIrDn07OzjrXcB3HYbESXqRPg_xZQav3TxQVdtdum5V29sRPCUMnSo2Zx5YD4qFBi9-ae_eeH3U8jO8p6CIeuCAULu0fn-_GMonSuDPyVQEo7zH_wKAlPpVw-O-0LHHaO_CGiLf453h9c-ronA17xurYHqcpDdBOvHPphml_u02jkC5Z5LEdGNiIbDgUY1smqkFNrpExiueKt7LS_-3dH0QsXY69T4AOY_ZcitaMnnyCAMMESFw8sZHQaZ1tSxbFvkbNensnRUoKwAT0qqby-gOSBQQIBBgBkgUECAUYBKAGAoAHre33yAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDx-QPSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi0yNTAwNjgwODkxNjIxNzAyGAA&sigh=8s7Fe7peJe4&uach_m=[UACH]&cid=CAQSPADq26N9N0ZnnqRkAs96G7xS2tKLYrIGEIGBebNZodTwhOUbBqptqQ5xGrMOPToU9-ScgckQw30WOpSpaRgBIBM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186305&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674480128&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127255&bpp=2&bdt=767&idt=701&shv=r20230118&mjsv=m202301100101&ptt=9&saldr=aa&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA&prev_fmts=0x0&nras=1&correlator=8068862756404&frm=23&ife=4&pv=1&ga_vid=947933348.1674480125&ga_sid=1674480128&ga_hid=1940045243&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=2848&biw=1600&bih=1200&isw=300&ish=250&ifk=2712454997&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071714%2C44774292%2C44779793&oid=2&pvsid=2760405362826837&tmod=1170705000&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.jbs1i9xeqep2&btvi=2&fsb=1&dtd=970
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186305&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674480128&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127255&bpp=2&bdt=767&idt=701&shv=r20230118&mjsv=m202301100101&ptt=9&saldr=aa&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA&prev_fmts=0x0&nras=1&correlator=8068862756404&frm=23&ife=4&pv=1&ga_vid=947933348.1674480125&ga_sid=1674480128&ga_hid=1940045243&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=2848&biw=1600&bih=1200&isw=300&ish=250&ifk=2712454997&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071714%2C44774292%2C44779793&oid=2&pvsid=2760405362826837&tmod=1170705000&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.jbs1i9xeqep2&btvi=2&fsb=1&dtd=970
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 23 Jan 2023 13:22:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
pagead2.googlesyndication.com/bg/ Frame 3BFF
36 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 07:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
192182
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Jan 2024 07:59:07 GMT
QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
pagead2.googlesyndication.com/bg/ Frame 63E9
36 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 07:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
192182
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Jan 2024 07:59:07 GMT
QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
pagead2.googlesyndication.com/bg/ Frame F93E
36 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 07:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
192182
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Jan 2024 07:59:07 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9ACB
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2500680891621702&plah=cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 13:22:09 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B90
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-2500680891621702&warn=13&w=300&h=250&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=true&a=6%2C1%2C5%2C7&apv=20230118_093439&sat=1674414589442&afm=0&as_count=1&d_count=0&ng_count=0&am_count=0&atf_count=1&mdns=1&alldns=1&allp=43&pgh=250&abl=false&rr=n&su=www.myjoyonline.com&pvc=3280936135904142&r=0.1&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071546%2C31071581%2C44779793
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame F736
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C-jWoAIrOY86-HoXC1wbG6ptwrfGhxG6x2vym8xDc2R4QASDeiJ8rYJXikIKgB6AB7ceKhSnIAQmpAlNuIrwJT7I-qAMByAPLBKoEhgJP0HisfH_TMCwJKCHbeDhR-L5CII7yaToAbRZ3DXgCwHjCMnOeA2pXj6ZRCpp-A6cG65mlcjO4Q5-p_qFoxP0Rm60y5xSB0ZXlWg6udgDB4iObXhj-5VNCmadE9rLdzB8byolyargrGopAmCPO9bX1CEL-UZ8QNgP63Q6jLPdWetOsSn5h0qXYFuqpTvU3ZQj19ZeCl4mz9IV_qv-w3CBhyfMgUnZKl9xKe42Z7MflbZEyVkMt5IaW5G0p5zqvVzfYyiwov0kAF6vKhnng_bqbtVZau5Tx-xFOCH6AT1jTjZBCyc-rMsaePZUPNl9MjDT9wT5A2ssksVatWcZt_OPleVSJ_5wowASs4oCwnASgBi6AB-3_2uQDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ8u4G0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwPQFQGAFwGyFxwKGggAEhRwdWItMjUwMDY4MDg5MTYyMTcwMhgA&sigh=9dqjMdW6AL0&uach_m=[UACH]&cid=CAQSKQDq26N9oBi7LdMzlohzlqZ_ZFWJj941GB_GcPuLrq4Z2RLZeFmtMwlVGAEgEw&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186307&pi=t.ma~as.7074810865&w=300&fwrn=16&fwrnh=100&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127531&bpp=3&bdt=900&idt=724&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5654113976534&frm=24&ife=3&pv=1&ga_vid=1108797295.1674480128&ga_sid=1674480128&ga_hid=22970163&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3119401086&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44779794%2C31071262%2C31071663&oid=2&pvsid=2005410910370218&tmod=607883322&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.a1rcvohtmwn1&fsb=1&dtd=941
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186307&pi=t.ma~as.7074810865&w=300&fwrn=16&fwrnh=100&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127531&bpp=3&bdt=900&idt=724&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5654113976534&frm=24&ife=3&pv=1&ga_vid=1108797295.1674480128&ga_sid=1674480128&ga_hid=22970163&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3119401086&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44779794%2C31071262%2C31071663&oid=2&pvsid=2005410910370218&tmod=607883322&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.a1rcvohtmwn1&fsb=1&dtd=941
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 23 Jan 2023 13:22:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 6766
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CUk-JAIrOY_uUDcXAmLAP1eOMwATStO_Jbtj707v9EL_Zor3AARABIN6InytgleKQgqAHoAG2xue5KMgBA6kC7-BpnT9Nsj6oAwHIA8kEqgS3Ak_Qg2uRa1nQmefMTdPN4kFX42MgFInw0O4qZl_egPCqr_mAsQ4bk2_8H2IRmMXYy5cxXg-FIlMYMHkx0n7QrlXk29rE2aysdOzjUCG9G0_oM4SnKPw13HVxQYD_R5hqI7yl65GRDSvXAl5VcLPAjvIK7HGgLBFRL-j4lqsLKc5ogRq5LNr5YKP4nYiKV1YknhVneIIZyLjDSI5MmTtYWPzl5MBx4Wwbm6niES4jRcwxeFGWvwLOAMxLl6uhbBaj-kG3on16yKvthOUxkc_7cA813oq1g5WXiZK_Dt6vG0amlhshlHTC9vHrodX-rd08jmP0Z_jultn7J7O1DPig6Wvxg65Dmvz565U4-6Y0DGUXpOc5kR-2eYsbNnb6PItQbZiZqbdQCraC31RNujpM_nBPGJ7t4tzTwAS4qe-FlQSSBQQIBBgBkgUECAUYBKAGA4AHtv63mQOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDkswXSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi0yNTAwNjgwODkxNjIxNzAyGAA&sigh=g3sZNIU2h-E&uach_m=[UACH]&cid=CAQSPADq26N9whPOA1zSDqQBpZ2yT9g62JVU2xLiV8fVOXibphlQm5HOLnznT6nk8X3XSoL2bRvNoWTmremfsxgBIBM&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189485&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674480128&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127301&bpp=4&bdt=753&idt=645&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA&prev_fmts=0x0&nras=1&correlator=8068862756404&frm=23&ife=4&pv=1&ga_vid=947933348.1674480125&ga_sid=1674480128&ga_hid=209361048&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=1670&biw=1600&bih=1200&isw=300&ish=250&ifk=3688579295&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071546%2C31071581%2C44779793&oid=2&pvsid=3280936135904142&tmod=363497309&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.tto1jbwpffzd&btvi=2&fsb=1&dtd=885
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189485&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674480128&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127301&bpp=4&bdt=753&idt=645&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA&prev_fmts=0x0&nras=1&correlator=8068862756404&frm=23&ife=4&pv=1&ga_vid=947933348.1674480125&ga_sid=1674480128&ga_hid=209361048&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=1670&biw=1600&bih=1200&isw=300&ish=250&ifk=3688579295&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071546%2C31071581%2C44779793&oid=2&pvsid=3280936135904142&tmod=363497309&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.tto1jbwpffzd&btvi=2&fsb=1&dtd=885
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 23 Jan 2023 13:22:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
pagead2.googlesyndication.com/bg/ Frame EB57
36 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 07:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
192182
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Jan 2024 07:59:07 GMT
truncated
/ Frame F736
206 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame F736
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0cc7088b335b30f7b1fa0903bc8aa143b11cb8408032d62d28d5ab768cc68c88

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B19C
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
190754
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 21 Jan 2023 08:22:55 GMT
expires
Sun, 21 Jan 2024 08:22:55 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3E02
783 B
534 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
69dde83cac1a0faeaebb0fe5b2bba4e2027eb337be8ca2d76b506e92cc03c856
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Z9qln3PlUAsld8jhmssRQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-Z9qln3PlUAsld8jhmssRQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 13:22:09 GMT
expires
Mon, 23 Jan 2023 13:22:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
s
googleads.g.doubleclick.net/pagead/drt/ Frame 53FE
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189485&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674480128&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127301&bpp=4&bdt=753&idt=645&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA&prev_fmts=0x0&nras=1&correlator=8068862756404&frm=23&ife=4&pv=1&ga_vid=947933348.1674480125&ga_sid=1674480128&ga_hid=209361048&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=1670&biw=1600&bih=1200&isw=300&ish=250&ifk=3688579295&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071546%2C31071581%2C44779793&oid=2&pvsid=3280936135904142&tmod=363497309&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.tto1jbwpffzd&btvi=2&fsb=1&dtd=885
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189485&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674480128&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127301&bpp=4&bdt=753&idt=645&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA&prev_fmts=0x0&nras=1&correlator=8068862756404&frm=23&ife=4&pv=1&ga_vid=947933348.1674480125&ga_sid=1674480128&ga_hid=209361048&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=1670&biw=1600&bih=1200&isw=300&ish=250&ifk=3688579295&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071546%2C31071581%2C44779793&oid=2&pvsid=3280936135904142&tmod=363497309&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.tto1jbwpffzd&btvi=2&fsb=1&dtd=885
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1826
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 12:51:43 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 20DE
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189485&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674480128&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127301&bpp=4&bdt=753&idt=645&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA&prev_fmts=0x0&nras=1&correlator=8068862756404&frm=23&ife=4&pv=1&ga_vid=947933348.1674480125&ga_sid=1674480128&ga_hid=209361048&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=1670&biw=1600&bih=1200&isw=300&ish=250&ifk=3688579295&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071546%2C31071581%2C44779793&oid=2&pvsid=3280936135904142&tmod=363497309&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.tto1jbwpffzd&btvi=2&fsb=1&dtd=885
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
19488
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 07:57:21 GMT
etag
48472445140208031
expires
Tue, 24 Jan 2023 07:57:21 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame CE21
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186305&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674480128&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127255&bpp=2&bdt=767&idt=701&shv=r20230118&mjsv=m202301100101&ptt=9&saldr=aa&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA&prev_fmts=0x0&nras=1&correlator=8068862756404&frm=23&ife=4&pv=1&ga_vid=947933348.1674480125&ga_sid=1674480128&ga_hid=1940045243&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=2848&biw=1600&bih=1200&isw=300&ish=250&ifk=2712454997&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071714%2C44774292%2C44779793&oid=2&pvsid=2760405362826837&tmod=1170705000&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.jbs1i9xeqep2&btvi=2&fsb=1&dtd=970
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
19488
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 07:57:21 GMT
etag
48472445140208031
expires
Tue, 24 Jan 2023 07:57:21 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DC55
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
190754
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 21 Jan 2023 08:22:55 GMT
expires
Sun, 21 Jan 2024 08:22:55 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7F64
783 B
535 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8b00a4d6db9c00ec418a673405c9c3fcafa42fd838b2d94e1f594e0f8022a8fd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZW99vDTdGWzdOzXCE_QluA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-ZW99vDTdGWzdOzXCE_QluA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 13:22:09 GMT
expires
Mon, 23 Jan 2023 13:22:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
AGSKWxWmMiSlbYCPlBCdA7RImhiwPgJhEAzrHNlSImFggaerjCK06nWUmxPZ8qorOKujhzT6qg-owhqGzYS_AInteQhAQ4yBJUREIBKwKxnYm_0eJnu4SyLL8NiCDye56V85q2JT3X-Q-g==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWmMiSlbYCPlBCdA7RImhiwPgJhEAzrHNlSImFggaerjCK06nWUmxPZ8qorOKujhzT6qg-owhqGzYS_AInteQhAQ4yBJUREIBKwKxnYm_0eJnu4SyLL8NiCDye56V85q2JT3X-Q-g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.VQZpONNKa5s.es5.O/d=1/rs=AJlcJMwAqzGD-EFp9fED4A54ILKgchR0Vw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-cDGfU0BMq4wp-sWDz12ykg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 23 Jan 2023 13:22:09 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-cDGfU0BMq4wp-sWDz12ykg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.myjoyonline.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame F15E
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6fb787f393b2686b259555ee26fb1def728fb0a603fbe4b8509dd5af0b6912eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 6766
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0fc4be8b0e578bb98b93d13fe8234e936639e1adcfefd8d3123fd645ec344ca2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5471
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
190755
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 21 Jan 2023 08:22:55 GMT
expires
Sun, 21 Jan 2024 08:22:55 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3ED3
783 B
537 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
93465d6013f42c5d76159e93fc759ac3ae5e61bf3dc722b31b691509adcce35e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5yRh_jgUkJpBiSXq0xF95A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
515
content-security-policy
script-src 'report-sample' 'nonce-5yRh_jgUkJpBiSXq0xF95A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 13:22:10 GMT
expires
Mon, 23 Jan 2023 13:22:10 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
AGSKWxWmMiSlbYCPlBCdA7RImhiwPgJhEAzrHNlSImFggaerjCK06nWUmxPZ8qorOKujhzT6qg-owhqGzYS_AInteQhAQ4yBJUREIBKwKxnYm_0eJnu4SyLL8NiCDye56V85q2JT3X-Q-g==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWmMiSlbYCPlBCdA7RImhiwPgJhEAzrHNlSImFggaerjCK06nWUmxPZ8qorOKujhzT6qg-owhqGzYS_AInteQhAQ4yBJUREIBKwKxnYm_0eJnu4SyLL8NiCDye56V85q2JT3X-Q-g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.VQZpONNKa5s.es5.O/d=1/rs=AJlcJMwAqzGD-EFp9fED4A54ILKgchR0Vw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-PgSpcPGy1ffdw7sc_v6FNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 23 Jan 2023 13:22:10 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-PgSpcPGy1ffdw7sc_v6FNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.myjoyonline.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWmMiSlbYCPlBCdA7RImhiwPgJhEAzrHNlSImFggaerjCK06nWUmxPZ8qorOKujhzT6qg-owhqGzYS_AInteQhAQ4yBJUREIBKwKxnYm_0eJnu4SyLL8NiCDye56V85q2JT3X-Q-g==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWmMiSlbYCPlBCdA7RImhiwPgJhEAzrHNlSImFggaerjCK06nWUmxPZ8qorOKujhzT6qg-owhqGzYS_AInteQhAQ4yBJUREIBKwKxnYm_0eJnu4SyLL8NiCDye56V85q2JT3X-Q-g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.VQZpONNKa5s.es5.O/d=1/rs=AJlcJMwAqzGD-EFp9fED4A54ILKgchR0Vw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-HZG88E3nBK_c1-EncYdegg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 23 Jan 2023 13:22:10 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-HZG88E3nBK_c1-EncYdegg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.myjoyonline.com
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWVgU8tvQxUFLD_bM4Jvrl14kmiOc7Q0DoZEQlVwPggM9IMsGYmEaC3lxh5AawaO-DIIv0i200syB_zjJHdv0novKAW6S_RzbXK7wHEot-Uf0Ags_lqNhlZzgAVQBvrBoSU1t0bGA==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWVgU8tvQxUFLD_bM4Jvrl14kmiOc7Q0DoZEQlVwPggM9IMsGYmEaC3lxh5AawaO-DIIv0i200syB_zjJHdv0novKAW6S_RzbXK7wHEot-Uf0Ags_lqNhlZzgAVQBvrBoSU1t0bGA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc0NDgwMTMwLDE4MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDEsMSxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3Lm15am95b25saW5lLmNvbS9jcnlwdG8tZm91bmRlci1jaGFyZ2VkLXdpdGgtNzAwbS1maW5hbmNpYWwtY3JpbWVzLyIsbnVsbCxbWzgsIlZRWnBPTk5LYTVzIl0sWzksImRlIl0sWzE2LCJbdHJ1ZSx0cnVlLHRydWVdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.VQZpONNKa5s.es5.O/d=1/rs=AJlcJMwAqzGD-EFp9fED4A54ILKgchR0Vw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a45d82b764c0bdfe0ee98ccb12cdfa22b69d049b3d6e4cb925b92722cc611263
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-GDZ9Ju4FPzHlhY72SJwz6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:10 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-GDZ9Ju4FPzHlhY72SJwz6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 740E
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186307&pi=t.ma~as.7074810865&w=300&fwrn=16&fwrnh=100&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127531&bpp=3&bdt=900&idt=724&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5654113976534&frm=24&ife=3&pv=1&ga_vid=1108797295.1674480128&ga_sid=1674480128&ga_hid=22970163&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3119401086&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44779794%2C31071262%2C31071663&oid=2&pvsid=2005410910370218&tmod=607883322&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.a1rcvohtmwn1&fsb=1&dtd=941
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
19489
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 07:57:21 GMT
etag
48472445140208031
expires
Tue, 24 Jan 2023 07:57:21 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F736
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca6c16c6013cfe412256750240a45fca92436f20394d5a931b5925431467e4e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 20DE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDwdeTuRCYWsVjUxmRcxQiQ&google_cver=1&google_push=AavPq0N8G9t4YJo88Z9n2TV_0haIERAlg1raLNaLqAAjXcOkKh-lPIpG63GRTD5oQ3Qd0fo3B6g6A5Y6Ds3Ndlbz...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0N8G9t4YJo88Z9n2TV_0haIERAlg1raLNaLqAAjXcOkKh-lPIpG63GRTD5oQ3Qd0fo3B6g6A5Y6Ds3NdlbzJlZ29FYy3wwoCg
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0N8G9t4YJo88Z9n2TV_0haIERAlg1raLNaLqAAjXcOkKh-lPIpG63GRTD5oQ3Qd0fo3B6g6A5Y6Ds3NdlbzJlZ29FYy3wwoCg
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H2
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 23 Jan 2023 13:22:10 GMT
Server
MT3 357 2feb0b5 master cdg-pixel-x11 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0N8G9t4YJo88Z9n2TV_0haIERAlg1raLNaLqAAjXcOkKh-lPIpG63GRTD5oQ3Qd0fo3B6g6A5Y6Ds3NdlbzJlZ29FYy3wwoCg
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 23 Jan 2023 13:22:09 GMT
pixel
cm.g.doubleclick.net/ Frame 20DE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBUprFaBMA2II2Y700zOmvg&google_push=AavPq0OmLzVnVukNeY-JhdKJd0zRvcqpx23a_wE8NuLAko7RRxroNiZCfk...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBUprFaBMA2II2Y700zOmvg&google_push=AavPq0OmLzVnVukNeY-JhdKJd0zRvcqpx23a_wE8NuLAko7RRxroNiZCfkxG_98RUltjUh1e-0Jj6CqfJNrdgFXgRF0f3AzaY6Wto2Y
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H2
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-hhn-etou8220078-HHN
pragma
no-cache
date
Mon, 23 Jan 2023 13:22:10 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1674480130.322824,VS0,VE89
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBUprFaBMA2II2Y700zOmvg&google_push=AavPq0OmLzVnVukNeY-JhdKJd0zRvcqpx23a_wE8NuLAko7RRxroNiZCfkxG_98RUltjUh1e-0Jj6CqfJNrdgFXgRF0f3AzaY6Wto2Y
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 20DE
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEMZfslquJDeFp9__S5sLCiM&google_cver=1&google_push=AavPq0PcU-_UbQz2R4gf4GIQQKG-BvCQt_sytkl8FsnAs0FBbWP6rpZYSoKFx6YQbkFWHgCUcuEdXUXMBU0iaoON...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=k4VFk0CFQx6hc4mnJyPmfw2&google_push=AavPq0PcU-_UbQz2R4gf4GIQQKG-BvCQt_sytkl8FsnAs0FBbWP6rpZYSoKFx6YQbkFWHgCUcuEdXUXMBU0iaoONcwqpoKQ8-8STYKc
170 B
329 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=k4VFk0CFQx6hc4mnJyPmfw2&google_push=AavPq0PcU-_UbQz2R4gf4GIQQKG-BvCQt_sytkl8FsnAs0FBbWP6rpZYSoKFx6YQbkFWHgCUcuEdXUXMBU0iaoONcwqpoKQ8-8STYKc
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H2
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 23 Jan 2023 13:22:10 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=k4VFk0CFQx6hc4mnJyPmfw2&google_push=AavPq0PcU-_UbQz2R4gf4GIQQKG-BvCQt_sytkl8FsnAs0FBbWP6rpZYSoKFx6YQbkFWHgCUcuEdXUXMBU0iaoONcwqpoKQ8-8STYKc
x-host
tde-deliveryengine-production-fb497649f-qptn5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 20DE
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=LCgovRt7QFq4ftJDdnUDyA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=LCgovRt7QFq4ftJDdnUDyA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0P9nubESXMDGS8lQQ2iseVJWXTnmxkNOMUutO0XrUH051oT_pEGAyzPZSsgXBotUKZKe3ai5f1kk9AyAVwXN2EreiygChL82MI
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=LCgovRt7QFq4ftJDdnUDyA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0P9nubESXMDGS8lQQ2iseVJWXTnmxkNOMUutO0XrUH051oT_pEGAyzPZSsgXBotUKZKe3ai5f1kk9AyAVwXN2EreiygChL82MI
date
Mon, 23 Jan 2023 13:22:09 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 20DE
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP9YmCIm6St2shiz5b1mK2I&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEP9YmCIm6St2shiz5b1mK2I&google_push=Aa...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP9YmCIm6St2shiz5b1mK2I&google_hm=Y86KAv9GIrpLkSQleuCmOAAABI0AAAAB&google_nid=index&google_push=AavPq0P2cdh5yuRbg34bmwEqWKzEic4xUfIJ4...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP9YmCIm6St2shiz5b1mK2I&google_hm=Y86KAv9GIrpLkSQleuCmOAAABI0AAAAB&google_nid=index&google_push=AavPq0P2cdh5yuRbg34bmwEqWKzEic4xUfIJ46vaEV-m0wDdO9EAlLABxJBmsqSgQS6thbjcxcNOsTezHN1_b2U8q3yzqBnZZr6TB7A
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H2
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i5Zxmw0BVmzy5XUaOJLhHnDV992XGye8xC0P%2BFUOpyvKIa9FU4GuYprzGW3NhRxykY5JlwtCNcOO%2BHGhFW4xw%2BksoZ8%2FqHtTMFqsc9myIBKl6Tw2Z6pTomSA3ED3tROsetjmyh%2Fw3temww%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP9YmCIm6St2shiz5b1mK2I&google_hm=Y86KAv9GIrpLkSQleuCmOAAABI0AAAAB&google_nid=index&google_push=AavPq0P2cdh5yuRbg34bmwEqWKzEic4xUfIJ46vaEV-m0wDdO9EAlLABxJBmsqSgQS6thbjcxcNOsTezHN1_b2U8q3yzqBnZZr6TB7A
cache-control
no-cache
cf-ray
78e0d62ea9db2c2a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 20DE
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEL6-8EfR7jOAlLTegAI5UxM&google_cver=1&google_push=AavPq0Ps70Hvx7OCv96rBNZWy80eim9WcfUpwXRgxOyLRcIsXMTt0A4Tlea81oXUTaUbcaLbjSe91DiYVaB8DspJi...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEL6-8EfR7jOAlLTegAI5UxM&google_cver=1&google_push=AavPq0Ps70Hvx7OCv96rBNZWy80eim9WcfUpwXRgxOyLRcIsXMTt0A4Tlea81oXUTaUbcaLbjSe91DiYVaB8DspJi...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0Ps70Hvx7OCv96rBNZWy80eim9WcfUpwXRgxOyLRcIsXMTt0A4Tlea81oXUTaUbcaLbjSe91DiYVaB8DspJi-Ioc1SP-AlBGNg&google_hm=GCNirGZHj33VmJ02S3u...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0Ps70Hvx7OCv96rBNZWy80eim9WcfUpwXRgxOyLRcIsXMTt0A4Tlea81oXUTaUbcaLbjSe91DiYVaB8DspJi-Ioc1SP-AlBGNg&google_hm=GCNirGZHj33VmJ02S3urdZ1g
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H2
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 23 Jan 2023 13:22:10 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0Ps70Hvx7OCv96rBNZWy80eim9WcfUpwXRgxOyLRcIsXMTt0A4Tlea81oXUTaUbcaLbjSe91DiYVaB8DspJi-Ioc1SP-AlBGNg&google_hm=GCNirGZHj33VmJ02S3urdZ1g
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 20DE
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESENEgNjB04rtFRXUV_cof7po&google_cver=1&google_push=AavPq0P6Mlb88a-DhMBz8a6_Y0mszpgejt9D4S1_DPfxslGVJN5m5quGD9SRCpAxfkXpBQ29Z1tdcwlIVqsM0yLGgkUtZh...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESENEgNjB04rtFRXUV_cof7po&google_cver=1&google_push=AavPq0P6Mlb88a-DhMBz8a6_Y0mszpgejt9D4S1_DPfxslGVJN5m5quGD9SRCpAxfkXpBQ29Z1tdcwlIVqsM0yLG...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QoRb9sbrSy2g93GDSpAAVw&google_push=AavPq0P6Mlb88a-DhMBz8a6_Y0mszpgejt9D4S1_DPfxslGVJN5m5quGD9SRCpAxfkXpBQ29Z1tdcwlIVqsM0yL...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QoRb9sbrSy2g93GDSpAAVw&google_push=AavPq0P6Mlb88a-DhMBz8a6_Y0mszpgejt9D4S1_DPfxslGVJN5m5quGD9SRCpAxfkXpBQ29Z1tdcwlIVqsM0yLGgkUtZh7A3BJEwQ
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QoRb9sbrSy2g93GDSpAAVw&google_push=AavPq0P6Mlb88a-DhMBz8a6_Y0mszpgejt9D4S1_DPfxslGVJN5m5quGD9SRCpAxfkXpBQ29Z1tdcwlIVqsM0yLGgkUtZh7A3BJEwQ
access-control-allow-origin
*
date
Mon, 23 Jan 2023 13:22:10 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
attr
cm.g.doubleclick.net/pixel/ Frame 20DE
0
223 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J-rpzolUxrlG0wp7VdM62-NonFJR38AakS13CUdQOGMgfppO5uOfzi_yn2Rzc_pi7x3-hX
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189485&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674480128&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127301&bpp=4&bdt=753&idt=645&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA&prev_fmts=0x0&nras=1&correlator=8068862756404&frm=23&ife=4&pv=1&ga_vid=947933348.1674480125&ga_sid=1674480128&ga_hid=209361048&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=1670&biw=1600&bih=1200&isw=300&ish=250&ifk=3688579295&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071546%2C31071581%2C44779793&oid=2&pvsid=3280936135904142&tmod=363497309&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.tto1jbwpffzd&btvi=2&fsb=1&dtd=885
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:10 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
dpixel
cms.quantserve.com/ Frame CE21
35 B
463 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEggpnvIyJRLeLsOr43efLY&google_cver=1&google_push=AavPq0Nax8y6tRTSZbQceMGAZtArRfwtKtQRjC7Ds-9_I-_ETCSJHYMJdPOAPjKx4GLnkvrUnINLuWa3ri02Q7VKYHZ1tdEYxV1syPfT
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186305&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674480128&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127255&bpp=2&bdt=767&idt=701&shv=r20230118&mjsv=m202301100101&ptt=9&saldr=aa&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA&prev_fmts=0x0&nras=1&correlator=8068862756404&frm=23&ife=4&pv=1&ga_vid=947933348.1674480125&ga_sid=1674480128&ga_hid=1940045243&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=2848&biw=1600&bih=1200&isw=300&ish=250&ifk=2712454997&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071714%2C44774292%2C44779793&oid=2&pvsid=2760405362826837&tmod=1170705000&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.jbs1i9xeqep2&btvi=2&fsb=1&dtd=970
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:10 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame CE21
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEOcuxy7Xkc6PJQpxUVdTKxo&google_cver=1&google_push=AavPq0P8a7lof3AJoaSeu7_C2uP5zy_rrVPz7yC8MdcBgUeqpdh97mwuBAv9khpE8O6pC5IW54zpq7KlNV4Gt3evSHp6CMIH8MfjNAXd
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186305&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674480128&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127255&bpp=2&bdt=767&idt=701&shv=r20230118&mjsv=m202301100101&ptt=9&saldr=aa&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA&prev_fmts=0x0&nras=1&correlator=8068862756404&frm=23&ife=4&pv=1&ga_vid=947933348.1674480125&ga_sid=1674480128&ga_hid=1940045243&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=2848&biw=1600&bih=1200&isw=300&ish=250&ifk=2712454997&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071714%2C44774292%2C44779793&oid=2&pvsid=2760405362826837&tmod=1170705000&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.jbs1i9xeqep2&btvi=2&fsb=1&dtd=970
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 23 Jan 2023 13:22:10 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame CE21
0
173 B
Image
General
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEKTyt3l0dd7OVFgNvRg5A6w&google_cver=1&google_push=AavPq0POo3luZwoJ2ijEW0orApikJX6BMRJPRPLalCCoUMXrKanNjfJQ13m7KYWmFb4QTqFEbdco1IkqNDdyKL_i0m0D06SrI2qT_mms
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186305&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674480128&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127255&bpp=2&bdt=767&idt=701&shv=r20230118&mjsv=m202301100101&ptt=9&saldr=aa&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA&prev_fmts=0x0&nras=1&correlator=8068862756404&frm=23&ife=4&pv=1&ga_vid=947933348.1674480125&ga_sid=1674480128&ga_hid=1940045243&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=2848&biw=1600&bih=1200&isw=300&ish=250&ifk=2712454997&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071714%2C44774292%2C44779793&oid=2&pvsid=2760405362826837&tmod=1170705000&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.jbs1i9xeqep2&btvi=2&fsb=1&dtd=970
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:10 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame CE21
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIRrRijaV4MWBLrfddO1BDc&google_cver=1&google_push=AavPq0MofgaGV9xvtttPvxmQeoUFbQ4DcCz8PXPA8edksAVie_Le6xeRc-FNqhhi8aS9gKo6V3HXeX7tKHwmNx...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5MTgzNzM5NjE2MzU1NzUxOQ%3D%3D&google_push=AavPq0MofgaGV9xvtttPvxmQeoUFbQ4DcCz8PXPA8edksAVie_Le6xeRc-FNqhhi8aS9gKo6V3HXeX7tKHwmNx_XP3...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5MTgzNzM5NjE2MzU1NzUxOQ%3D%3D&google_push=AavPq0MofgaGV9xvtttPvxmQeoUFbQ4DcCz8PXPA8edksAVie_Le6xeRc-FNqhhi8aS9gKo6V3HXeX7tKHwmNx_XP3esoBIeIwPx-sD6
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H2
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5MTgzNzM5NjE2MzU1NzUxOQ%3D%3D&google_push=AavPq0MofgaGV9xvtttPvxmQeoUFbQ4DcCz8PXPA8edksAVie_Le6xeRc-FNqhhi8aS9gKo6V3HXeX7tKHwmNx_XP3esoBIeIwPx-sD6
Date
Mon, 23 Jan 2023 13:22:10 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame CE21
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDYJ6AC0osp43BZv1bfZ5tc&google_cver=1&google_push=AavPq0PoyCZTymnagK-Svp7IVGQUYVRiyCei1k4e4HxZYE4-Pg5xgGPgkx1AqrPMVf-PhF-Nnft0n-Iw...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDYJ6AC0osp43BZv1bfZ5tc&google_cver=1&google_push=AavPq0PoyCZTymnagK-Svp7IVGQUYVRiyCei1k4e4HxZYE4-Pg5xgGPgkx1AqrPMVf-PhF-Nnft...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk2NzA1MzYzNzA2Nzg5NzY0&google_push=AavPq0PoyCZTymnagK-Svp7IVGQUYVRiyCei1k4e4HxZYE4-Pg5xgGPgkx1AqrPMVf-PhF-Nnft0n-Iw...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk2NzA1MzYzNzA2Nzg5NzY0&google_push=AavPq0PoyCZTymnagK-Svp7IVGQUYVRiyCei1k4e4HxZYE4-Pg5xgGPgkx1AqrPMVf-PhF-Nnft0n-IwpX005P_ePdTnl0jw7nKHVT9C
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk2NzA1MzYzNzA2Nzg5NzY0&google_push=AavPq0PoyCZTymnagK-Svp7IVGQUYVRiyCei1k4e4HxZYE4-Pg5xgGPgkx1AqrPMVf-PhF-Nnft0n-IwpX005P_ePdTnl0jw7nKHVT9C
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame CE21
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEFALKgD_ZwT2FX-UzFPRVAQ&google_cver=1&google_push=AavPq0N6PrCOqfzIfTLZPrIjJ2wqpYEI4u4HEjDa--llVQGdrYcHhs4ipMcgZEGdQt5FqojMLP9Iho-bbYzSKrQf_dN6J73qc...
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE3NDgxNzMwODM5NzMzMjAwMFYxMA%3d%3d&mn_hm=MzE3NDgxNzMwODM5NzMzMjAwMFYxMA%3d%3d&google_sc=1&google_push=AavPq0N6PrCOqfzIfTLZPrIjJ2wqpYE...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE3NDgxNzMwODM5NzMzMjAwMFYxMA%3d%3d&mn_hm=MzE3NDgxNzMwODM5NzMzMjAwMFYxMA%3d%3d&google_sc=1&google_push=AavPq0N6PrCOqfzIfTLZPrIjJ2wqpYEI4u4HEjDa--llVQGdrYcHhs4ipMcgZEGdQt5FqojMLP9Iho-bbYzSKrQf_dN6J73qcNqnvExf&gdpr=&gdpr_consent=
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H2
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 23 Jan 2023 13:22:10 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE3NDgxNzMwODM5NzMzMjAwMFYxMA%3d%3d&mn_hm=MzE3NDgxNzMwODM5NzMzMjAwMFYxMA%3d%3d&google_sc=1&google_push=AavPq0N6PrCOqfzIfTLZPrIjJ2wqpYEI4u4HEjDa--llVQGdrYcHhs4ipMcgZEGdQt5FqojMLP9Iho-bbYzSKrQf_dN6J73qcNqnvExf&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
X-MNET-HL2
E
Expires
Mon, 23 Jan 2023 13:22:10 GMT
pixel
cm.g.doubleclick.net/ Frame CE21
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEJWTryLBEATBtHi07PNhKPY&google_cver=1&google_push=AavPq0P2LgQ7OKewa...
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEJWTryLBEATBtHi07PNhKPY%26goo...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzEwOTAxNjEzOTU3MTQxMDc5NA%3D%3D&google_gid=CAESEJWTryLBEATBtHi07PNhKPY&google_cver=1&google_push=AavPq0P2LgQ7OKewaAnP2zUVJn9glmP_GC...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzEwOTAxNjEzOTU3MTQxMDc5NA%3D%3D&google_gid=CAESEJWTryLBEATBtHi07PNhKPY&google_cver=1&google_push=AavPq0P2LgQ7OKewaAnP2zUVJn9glmP_GCNm2pbs4pgq0DJjrNdTEn3brl5qfWVARxR9sjFgLmUglt3JRNP5Dpsj0HMfLPkhhuGFrjWErg
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 23 Jan 2023 13:22:10 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
2553a68b-ec70-460a-945a-9da62acd06fb
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzEwOTAxNjEzOTU3MTQxMDc5NA%3D%3D&google_gid=CAESEJWTryLBEATBtHi07PNhKPY&google_cver=1&google_push=AavPq0P2LgQ7OKewaAnP2zUVJn9glmP_GCNm2pbs4pgq0DJjrNdTEn3brl5qfWVARxR9sjFgLmUglt3JRNP5Dpsj0HMfLPkhhuGFrjWErg
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame CE21
0
40 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JLUvLXu8aE8ycJ2gbTIVcUFsq97UK0hevr1YBJPd7fa6N3OS-LJQLrLRankGY_WUx1EhebVg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186305&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674480128&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127255&bpp=2&bdt=767&idt=701&shv=r20230118&mjsv=m202301100101&ptt=9&saldr=aa&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA&prev_fmts=0x0&nras=1&correlator=8068862756404&frm=23&ife=4&pv=1&ga_vid=947933348.1674480125&ga_sid=1674480128&ga_hid=1940045243&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=2848&biw=1600&bih=1200&isw=300&ish=250&ifk=2712454997&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071714%2C44774292%2C44779793&oid=2&pvsid=2760405362826837&tmod=1170705000&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.jbs1i9xeqep2&btvi=2&fsb=1&dtd=970
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:10 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame F736
28 KB
28 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 17:04:17 GMT
x-content-type-options
nosniff
age
73073
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 Jan 2024 17:04:17 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 53FE
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189485&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674480128&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127301&bpp=4&bdt=753&idt=645&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA&prev_fmts=0x0&nras=1&correlator=8068862756404&frm=23&ife=4&pv=1&ga_vid=947933348.1674480125&ga_sid=1674480128&ga_hid=209361048&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=1670&biw=1600&bih=1200&isw=300&ish=250&ifk=3688579295&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071546%2C31071581%2C44779793&oid=2&pvsid=3280936135904142&tmod=363497309&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.tto1jbwpffzd&btvi=2&fsb=1&dtd=885
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 13:22:10 GMT
expires
Mon, 23 Jan 2023 13:22:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 13:22:10 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 3E02
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230118&jk=3280936135904142&rc=
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame 7F64
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230118&jk=2760405362826837&rc=
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
pagead2.googlesyndication.com/bg/ Frame 416A
36 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186305&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674480128&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127255&bpp=2&bdt=767&idt=701&shv=r20230118&mjsv=m202301100101&ptt=9&saldr=aa&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA&prev_fmts=0x0&nras=1&correlator=8068862756404&frm=23&ife=4&pv=1&ga_vid=947933348.1674480125&ga_sid=1674480128&ga_hid=1940045243&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=2848&biw=1600&bih=1200&isw=300&ish=250&ifk=2712454997&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071714%2C44774292%2C44779793&oid=2&pvsid=2760405362826837&tmod=1170705000&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.jbs1i9xeqep2&btvi=2&fsb=1&dtd=970
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 07:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
192183
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Jan 2024 07:59:07 GMT
QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
pagead2.googlesyndication.com/bg/ Frame 6301
36 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776189485&pi=t.ma~as.7074810865&w=300&fwrn=3&fwrnh=100&lmt=1674480128&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127301&bpp=4&bdt=753&idt=645&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&cookie=ID%3D9665c659d3fdb0d7%3AT%3D1674480125%3AS%3DALNI_MZg9NJYVBUCwTmWKMcGZC2NdWJUag&gpic=UID%3D00000bc95528c4e7%3AT%3D1674480125%3ART%3D1674480125%3AS%3DALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA&prev_fmts=0x0&nras=1&correlator=8068862756404&frm=23&ife=4&pv=1&ga_vid=947933348.1674480125&ga_sid=1674480128&ga_hid=209361048&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=473&ady=1670&biw=1600&bih=1200&isw=300&ish=250&ifk=3688579295&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C31071546%2C31071581%2C44779793&oid=2&pvsid=3280936135904142&tmod=363497309&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.tto1jbwpffzd&btvi=2&fsb=1&dtd=885
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 07:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
192183
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Jan 2024 07:59:07 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3ED3
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230118&jk=2005410910370218&rc=
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
pagead2.googlesyndication.com/bg/ Frame B19C
36 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 07:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
192183
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Jan 2024 07:59:07 GMT
pixel
cm.g.doubleclick.net/ Frame 740E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDwdeTuRCYWsVjUxmRcxQiQ&google_cver=1&google_push=AavPq0P8md435FSJrfcDNRHIMPlYPwFWMWtjQIcFEsrAhOM9Y6uI-xT0OM83-g7qPPLzijrBpTVgIBBQ8qXDI6eP...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=0vNjzooCSACZqMWKR9hDAQ&google_push=AavPq0P8md435FSJrfcDNRHIMPlYPwFWMWtjQIcFEsrAhOM9Y6uI-xT0OM83-g7qPPLzijrBpTVgIBBQ8qXDI6ePL-XJi6C_...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=0vNjzooCSACZqMWKR9hDAQ&google_push=AavPq0P8md435FSJrfcDNRHIMPlYPwFWMWtjQIcFEsrAhOM9Y6uI-xT0OM83-g7qPPLzijrBpTVgIBBQ8qXDI6ePL-XJi6C_GiNu
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 23 Jan 2023 13:22:10 GMT
Server
MT3 377 f232435 master cdg-pixel-x10 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=0vNjzooCSACZqMWKR9hDAQ&google_push=AavPq0P8md435FSJrfcDNRHIMPlYPwFWMWtjQIcFEsrAhOM9Y6uI-xT0OM83-g7qPPLzijrBpTVgIBBQ8qXDI6ePL-XJi6C_GiNu
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 23 Jan 2023 13:22:09 GMT
pixel
cm.g.doubleclick.net/ Frame 740E
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIRrRijaV4MWBLrfddO1BDc&google_cver=1&google_push=AavPq0Pm93xbOuERrJ9tg-PMSKGSYvipfUGFoodh3DHjZOQRGRVWgWc_TWaueca2KG-B6B24Dfp_ZbGx_dmiqM...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5MTgzNzM5NjE2MzU1NzUxOQ%3D%3D&google_push=AavPq0Pm93xbOuERrJ9tg-PMSKGSYvipfUGFoodh3DHjZOQRGRVWgWc_TWaueca2KG-B6B24Dfp_ZbGx_dmiqMg5iu...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5MTgzNzM5NjE2MzU1NzUxOQ%3D%3D&google_push=AavPq0Pm93xbOuERrJ9tg-PMSKGSYvipfUGFoodh3DHjZOQRGRVWgWc_TWaueca2KG-B6B24Dfp_ZbGx_dmiqMg5iu2SicvOZKdN
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H2
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5MTgzNzM5NjE2MzU1NzUxOQ%3D%3D&google_push=AavPq0Pm93xbOuERrJ9tg-PMSKGSYvipfUGFoodh3DHjZOQRGRVWgWc_TWaueca2KG-B6B24Dfp_ZbGx_dmiqMg5iu2SicvOZKdN
Date
Mon, 23 Jan 2023 13:22:10 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 740E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEK58Vko8glCKtlyuNigXpQ&google_cver=1&google_push=AavPq0PUhQx4VdpoydQdcucQaO_oH4atzmamaxxkLfU0UFvTPvb_ZRuDO5mLjLppDmNeUBdslT1faqzx8bHG_U1cVHBM...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEEK58Vko8glCKtlyuNigXpQ&google_cver=1&google_push=AavPq0PUhQx4VdpoydQdcucQaO_oH4atzmamaxxkLfU0UFvTPvb_ZRuDO5mLjLppDmNeUBdslT1faqzx8bHG_U...
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=d7b4f2a8-2e85-4eb0-8d3e-a87295cef1f0&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0PUhQx4VdpoydQdcucQaO_oH4atzmamaxxkLfU0UFvTPvb_ZRuDO5mLjLppDmNeUBdslT1faqzx8bHG_U1cVHBMeGIl0Zrb&google_hm=Iepg9eUdStSoYu1nG9MNAw==
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0PUhQx4VdpoydQdcucQaO_oH4atzmamaxxkLfU0UFvTPvb_ZRuDO5mLjLppDmNeUBdslT1faqzx8bHG_U1cVHBMeGIl0Zrb&google_hm=Iepg9eUdStSoYu1nG9MNAw==
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0PUhQx4VdpoydQdcucQaO_oH4atzmamaxxkLfU0UFvTPvb_ZRuDO5mLjLppDmNeUBdslT1faqzx8bHG_U1cVHBMeGIl0Zrb&google_hm=Iepg9eUdStSoYu1nG9MNAw==
date
Mon, 23 Jan 2023 13:22:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 740E
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJCFISnesXG7XIA2CnAjUaE&google_cver=1&google_push=AavPq0N0XO9PGMvMtKXkZ0QfYiE4Z8QCaJ6Qz5H7ZkeL_v2W299faol-HB87-duI70XpojZdSFnEq4-5yc8_4ah4unxzRtX...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0N0XO9PGMvMtKXkZ0QfYiE4Z8QCaJ6Qz5H7ZkeL_v2W299faol-HB87-duI70XpojZdSFnEq4-5yc8_4ah4unxzRtXzqUcbmg&google_hm=eS03Z2xGcmlwRTJwR3BD...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0N0XO9PGMvMtKXkZ0QfYiE4Z8QCaJ6Qz5H7ZkeL_v2W299faol-HB87-duI70XpojZdSFnEq4-5yc8_4ah4unxzRtXzqUcbmg&google_hm=eS03Z2xGcmlwRTJwR3BDM1U2QXBEWUwxbTdpT0RhU2tsWX5B
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 23 Jan 2023 13:22:10 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0N0XO9PGMvMtKXkZ0QfYiE4Z8QCaJ6Qz5H7ZkeL_v2W299faol-HB87-duI70XpojZdSFnEq4-5yc8_4ah4unxzRtXzqUcbmg&google_hm=eS03Z2xGcmlwRTJwR3BDM1U2QXBEWUwxbTdpT0RhU2tsWX5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 740E
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEGH0YfByByKnFybtWARXx_U&google_cver=1&google_push=AavPq0MIUC1bYspUnRSVTMGgJs-V8LeJBMCKWbhzNSDZ3ZdNU2XRY_9_YTeKH36Ml1z_5yLsT1thwaCjzZUKSQp_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0MIUC1bYspUnRSVTMGgJs-V8LeJBMCKWbhzNSDZ3ZdNU2XRY_9_YTeKH36Ml1z_5yLsT1thwaCjzZUKSQp_msreMRj3OIq8
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0MIUC1bYspUnRSVTMGgJs-V8LeJBMCKWbhzNSDZ3ZdNU2XRY_9_YTeKH36Ml1z_5yLsT1thwaCjzZUKSQp_msreMRj3OIq8
Requested by
Host: www.myjoyonline.com
URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 23 Jan 2023 13:22:10 GMT
via
1.1 42c9dddb4e518a9ed3248bf50565b120.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
VIE50-C2
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0MIUC1bYspUnRSVTMGgJs-V8LeJBMCKWbhzNSDZ3ZdNU2XRY_9_YTeKH36Ml1z_5yLsT1thwaCjzZUKSQp_msreMRj3OIq8
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
84g69wnDC8Z8f6Vi956t3iFvKGtJEVT8wEjNZ__KA0w-e1GwyIcSZA==
pixel
cm.g.doubleclick.net/ Frame 740E
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESENEgNjB04rtFRXUV_cof7po&google_cver=1&google_push=AavPq0NqUZnm1qV0OFRe7cVwD0QX0_K6OxntcIYBrxb4RM0DOXk0cROzRVkhlBMh9prW-rnJB66fO-HL5ureSdoVL1tDfr...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESENEgNjB04rtFRXUV_cof7po&google_cver=1&google_push=AavPq0NqUZnm1qV0OFRe7cVwD0QX0_K6OxntcIYBrxb4RM0DOXk0cROzRVkhlBMh9prW-rnJB66fO-HL5ureSdoV...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QoRb9sbrSy2g93GDSpAAVw&google_push=AavPq0NqUZnm1qV0OFRe7cVwD0QX0_K6OxntcIYBrxb4RM0DOXk0cROzRVkhlBMh9prW-rnJB66fO-HL5ureSdo...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QoRb9sbrSy2g93GDSpAAVw&google_push=AavPq0NqUZnm1qV0OFRe7cVwD0QX0_K6OxntcIYBrxb4RM0DOXk0cROzRVkhlBMh9prW-rnJB66fO-HL5ureSdoVL1tDfrKGcMGuwQ
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QoRb9sbrSy2g93GDSpAAVw&google_push=AavPq0NqUZnm1qV0OFRe7cVwD0QX0_K6OxntcIYBrxb4RM0DOXk0cROzRVkhlBMh9prW-rnJB66fO-HL5ureSdoVL1tDfrKGcMGuwQ
access-control-allow-origin
*
date
Mon, 23 Jan 2023 13:22:10 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
googleredir
googlecm.hit.gemius.pl/ Frame 740E
0
0

attr
cm.g.doubleclick.net/pixel/ Frame 740E
0
49 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IgQW7AjHPVCqAKB7gbzuBdjG_hkEFr1ihFtwPA1NWpWPr3ig-QMpakNF40Fc5Ld84Fd1Ve9g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186307&pi=t.ma~as.7074810865&w=300&fwrn=16&fwrnh=100&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127531&bpp=3&bdt=900&idt=724&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5654113976534&frm=24&ife=3&pv=1&ga_vid=1108797295.1674480128&ga_sid=1674480128&ga_hid=22970163&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3119401086&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44779794%2C31071262%2C31071663&oid=2&pvsid=2005410910370218&tmod=607883322&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.a1rcvohtmwn1&fsb=1&dtd=941
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:10 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
pagead2.googlesyndication.com/bg/ Frame DC55
36 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 07:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
192183
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Jan 2024 07:59:07 GMT
AGSKWxVDb8ygqIhozbDlyepCRBIK3EbDiQyBnLjnbnH5ZPx-whrJ2MJgFaAZ94VJqyCkA5eZaDAA3veWh0QONvZH2YTQ6J6rtYkBQs2MTbXTXomeeV0acyltXr8QYK9rbrJN3f8C9WApQw==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVDb8ygqIhozbDlyepCRBIK3EbDiQyBnLjnbnH5ZPx-whrJ2MJgFaAZ94VJqyCkA5eZaDAA3veWh0QONvZH2YTQ6J6rtYkBQs2MTbXTXomeeV0acyltXr8QYK9rbrJN3f8C9WApQw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.VQZpONNKa5s.es5.O/d=1/rs=AJlcJMwAqzGD-EFp9fED4A54ILKgchR0Vw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ecBtcQ9MeVqFEMKsGauRJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 23 Jan 2023 13:22:10 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ecBtcQ9MeVqFEMKsGauRJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.myjoyonline.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
expires
Mon, 01 Jan 1990 00:00:00 GMT
QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
pagead2.googlesyndication.com/bg/ Frame 5471
36 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 07:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
192183
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Jan 2024 07:59:07 GMT
QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
pagead2.googlesyndication.com/bg/ Frame 89D2
36 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2500680891621702&output=html&h=200&slotname=7074810865&adk=204052202&adf=776186307&pi=t.ma~as.7074810865&w=300&fwrn=16&fwrnh=100&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.myjoyonline.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1674480127531&bpp=3&bdt=900&idt=724&shv=r20230118&mjsv=m202301030101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5654113976534&frm=24&ife=3&pv=1&ga_vid=1108797295.1674480128&ga_sid=1674480128&ga_hid=22970163&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3119401086&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44779794%2C31071262%2C31071663&oid=2&pvsid=2005410910370218&tmod=607883322&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=2.a1rcvohtmwn1&fsb=1&dtd=941
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 07:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
192183
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Jan 2024 07:59:07 GMT
collect
region1.google-analytics.com/g/
0
45 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-VVPMTF49Z0&gtm=2oe1i0&_p=775647698&cid=947933348.1674480125&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1674480124&sct=1&seg=0&dl=https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F&dt=Crypto%20founder%20charged%20with%20%24700m%20financial%20crimes%20-%20MyJoyOnline.com&en=audio_article_loaded&_ee=1&ep.event_category=Audio%20Article&ep.event_label=Audio%20Article%20Player&_et=523
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VVPMTF49Z0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.myjoyonline.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023011901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cfafe4c3dcd23c4839203bb5086f29ea67e5a0e29ac159fe5776817073d064ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10930
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 13:22:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 23 Jan 2023 13:22:10 GMT
csi
csi.gstatic.com/ Frame 2730
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~ld8u8fhv&c=3452751362134&slotId=1726375681067&qqid=CKGW0sjk3fwCFV5GHQkdmeYMvw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=851&mt=video%2Fmp4&vs=720x720&ulv=1&cll=0&vast_v=3.0&vmfc=11&vhc=0&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=346&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230111_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:10 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EB57
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BsHLs_4nOY8n1KpqX1ga77ajACwAAAAA4AeAEAg&bg=!BAelB0PNAAYDMoyoIzI7ACkAdvg8WmSqYmt-arnD3bPPG4a1G5vevYl_9gw4LcqQN7mOeQM6M_iVfwIAAAJHUgAAAARoAQeZAv159sKT90TVitRJySf7Hq6h5EAjsZM8lx6jWQDIeOEhalqSSSRY4dzQSvxtFVv7e74DRsoFvq6r0zNY8WYhVrrv8qjT-31RJQ26yswXGb_M1XlojNc9FAGja_V5Mvn1C9XvNSSKWf5Mt4W1LpC9C-ClPE0S906YGcVn34m96Ckx5y_Z7dCoMdX_oS8trSugTqhrK0o6z75XYpxQGqpV5F6MfMuvJqB3XPI7oVjUiF0afw2BxpSVy1fwmQdPO2vuE3nkZuJC4VLdbFpqJaqlgUNKyrhxALCUFM7WhTGdvhYx0vu8vZDPhdAtmpBmrjJF73S1s7UiTVSVpA5-tG46z0aRdXz2Zs4r7vb_neXF9z6cvOt4c-8D351xEnXjALseVXgZOYo4NipBcYC1Gi1o39kMR7qUtH7Ni3-zU6yhh4L_17Fx7MBXeJzx1aRPa53_Fg8rtbWL4UL08Nt3IDpJnjZjxbWVu0Pxqq9acFGM8OMrfCOiUin8fXu8WsLgEBMUykZhug4RyaWVSoCAKH5b-mCOAyUL1FIe3xqO62I1Jtnq7xiY-XI_Wx-Ay-r_SXSl0pWQUQaaWdR1gEAnG1DY8DsFrGVpUbhLag5ijmlKbWjgXBdnZe59bVMJfzIjgZqY1rBoRBrXGcEgl7w_i17VkOOOYaZL0ECp81WEvbCkrflclqMg0ztmkrgE8plT_EgNgOA6RFMzSKZoUeVlYcdCNzlF7IkFG6IggWmGAw2AJm3tXXHulFxPy3z0OGMLIRN8PE32KnpxOV8foUW0iKX0zpC1MLLmxJUSXd9zUZSVd9TPaFng0bUpQ_ncSiEmSatGkk4Unb6BDJiP9EVIuJobBbSV9QTpJY0DppInaZ73JbUEmMAJxfnK0sC3PdctKaEPSWR1Y58DNNYm-VEFhXrX9ZzcN4nzB898aFN2Onxub90Ha7kp-JECLfLiT3FvEbRyB4kTlIWgzLtGF_k20RkPzmGIPewSUG-iNYjALO9tZLBtLkW_mhY7aAZGZgyYNys
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Jan 2023 13:22:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EACD
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
190756
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 21 Jan 2023 08:22:55 GMT
expires
Sun, 21 Jan 2024 08:22:55 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 869C
783 B
534 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
690c2fc0be786a85a8332ef36dfa1c2dec2d8ad81abb21baaac54f030e2a75d4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_q8whu8g555ouc_PJpBkNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.myjoyonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-_q8whu8g555ouc_PJpBkNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 13:22:11 GMT
expires
Mon, 23 Jan 2023 13:22:11 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 869C
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023011901&jk=2602712114810887&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
pagead2.googlesyndication.com/bg/ Frame EACD
36 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/QkZn2XWhGLuUeJCWE_Zylly3qUWdX-KWqHVIqMIXcrk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 07:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
192184
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Jan 2024 07:59:07 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B35C
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230118&jk=2760405362826837&bg=!MzClMHTNAAYDMoyoIzI7ACkAdvg8WnNwD7eX3JGWGBZmhT0XIoiVHzY8zMOroR7cHKXcE3-5iiYQxAIAAAHIUgAAAANoAQeZAsTpI8wzBbtzJ9nvdVQurNZALksDF5ei9pYEx7mD2lYMf3_pgM3JwgGclSswN3k93_4evyy-8amvCqwhAEThhUgZ9UibkZELhJyNsTJ-w_DfnYS8FUh-KOmqktowpcjq-rYIg0cvmQakYqIUr-vphE3ko01eL9hY5JEWGkT-TPAAolStD9FzkhockcFedf9R8TwLe8D-QucSOKUrbI3pyWovMz9YifHL4bifuK7OhH-qZw5jU6_gdTCskcQkJOua_wZmYfD0eg_YZXl_DEKT49SKLbiiOj5CRI5oOgwgLbmgqFL2ZCIdeKjCq2-eFVvMn3pNIM7-dJttNHx7D416PtSEwtD8C1PlgjCqUtRcz57Ev6f8gGWQHaLytdjJhKsf2kGtK-m6uFrP1IDs9rLcouhL3yCAjfaYJF47AiOLKSnU7yjSCVN8iOByh86oH7AdYs2_d7ut47ZubDK7rxw4Ao8D77i1IZBHDUJhzztIIcBtxn29BFEA5VKRovUvECX_ODzr97CDHn3npG-e57aNBvARZAP0m3Bqe3o50Zz2fcMBVdDd5KDPN9pVecsm2X-0kIz2qAYWnvkeSXGvHbG1bV2XoZ-exgtfzZFmtIYH-bpMezcSbUiGy7E76ydI1zrBl5U54IzhH4IDaM-CfDkL1Ai3zHzC5ASxoJBZj65yKiN6MZgWvrkXEil2_mvxO49BpsgoKGEMz4PVAe3bPxtxbC8mqLxvEBYTpO5wJfn2vQEZbl8tXZN3N3250TEhb1hTA6ytDTpkyHi9C0iY6en0MmyGyiAaQOCdrzFyKxPbzkATKQ7Aasc0M-Mf65T7VKJjmDa_zHTIIEqXmb3NlDOPYz5ZtNLRTREodvcAMFzdHkxVEyZHmgaQf9lDnpiKicZ0c7C7jgXEGID0rwqYA898AG1cv6bu31NUfU2tmxcLoz4NSq97nAA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame 9B90
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230118&jk=3280936135904142&bg=!19Sl1JDNAAYDMoyoIzI7ACkAdvg8Wvv3lZ2JEWHtvsWh1cl84KqZp3RjzvvwyBASAc0SRV4OeD94sgIAAAIBUgAAAARoAQcKAMTVHHgqgOeek6oG8RWkyuT-7GNfzWFMgmff6v05-T4XtrzYjxiO0KVB5MHZYJzGk84x1xeormFxMByyE7sbm2UFq2ctw7sGYdfmNsdB8ERnvFAYd_H5Q0EKFKDXqkkiAdHQQaHTFBPy_f5YN8AKz9Lt4kN_BFeiMOyJCrdw22oRI7JdgdoOcqC4Ud4P8UkJ23htirNg8NSEszBnJcbUcfsXHUZf2AwA5BmeBFhIk6xaGJOm5Ycwh5JWtYGGuXxz2Ua8os8YmQK7C4nA6nkI_HehFjElK5u1jL1giHtiraee4FoPVEMESG2DbocjXRERK-lGwRj9rvRUIMjvbpayqp0QYjQpCaH95FfEOhm8nMxcw8HUI-McvE7G0WT3dmZOpxdjxGEW496Xp-Lkv6dn5xPwdyLuWBn43Y5G-_lf2bPaHaWoRa1lxZ9SFuG0Rmfek2M-qYwh8cDr--4bqmF0U4ArG2GXP6TEt6kqgQImePK52WxswbXB2oG3rsiRrjsTp3gQjLLpJeiRzxdOjEZWB2gIv7CONzJcqLJ62l6ASyRS-JRBS213XAKR6WPHfKB8UEBf1bZ3Nhqaa_gPtgXLYqQZA4XD-9iHGW8dNPwoGaaxcX5CGxIEKXt23PEiZ3UyU8DXfcXZx0gmr2GKKDfR1hFfGgbsmhkwuvacfuHGzvgD_aJy1bgtLUqmfvQTy2rz2gk7LUtxUC_XUTdJ_Q0oURrP6ta7mi5iXXvng9wrWZn07hPUG0ZrTU-j-XepKa7PAJ98D5J5kKFpu3IHACTcxdWR0WsckbT_wPN8er4khr2xi_7E27PhDgXh52Xli6IeNJveo3LzGIOzpgPkjV211LldV9w_eKJt8k2_Gr63wOrhMGu15bbteL8dmintGqmC_A5NE9H5jScEPYLIIkmzQoLMKt4KtJ7JrddYgpRxhGes8GeJK3t_PuNehoc-ICEZhlNXZW2_YHv1uzYFcoezyIH8bA40FqJG_FyDsPdhldVXHWh_8b3bYqLXt03B3hsdNM5kAIPWVrfgWCt7E5bGW1NoKaTNmrRY-DnQDqnYEzrxwvDiRFvODie6YNpYaOWsyHh4t4SMDlOKfrW90M5XSPbi5r0gKSDxdyuNWW_IJ3IA9jrRAXACIx07b0zYNY4Zzpb8CpVZqNwEetYs1zdZ-t3jm7bIDx20ETpNaPDap1U_oFJb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame 9ACB
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230118&jk=2005410910370218&bg=!YWKlYibNAAYDMoyoIzI7ACkAdvg8WkinoMiZLO205D8bQUurJ7BvthNjbuEQi5x0kPtpq2GemOmFiwIAAAHaUgAAAANoAQcKAB7g2KZu9ZyJirRzULFiOP5Lsqq8_A1eR6wVw-G3FM-ZAvnoDNDq8j1Vxhrf_UIV9TlFGpQsCUNSxH2Sc5lS54V3si6IML58Xw76fFwZlhBGPdb8RkPgMZceQeCqSo8dbdcyNThYUEktEkoLa9ifXZvoFcFmbtL7PkkgKtgqiQvb540bPz3qi0kuVXqhWHc1B2kuPHsNNn-pU13nKfCScIYviAPUcPiPX-sgcRsoQQm9yln_rEFX8fFrv7Srmc45wz4PdzQNej48lJyW1jie1YGR4dnhMQv1Dx1iXU5wYIuX06zjaWIW3kpMElM051-41wm5RU9-iYcBaW6DY5JacfNRc3tb8dOHiRHkZJthcrdXnWfA3KJeysHaMYUvfiwefezjVmu1AhsvBJcb4KdE3hbvOSLS_YQqHt6EUPejGK8lLIhugS7-ktZbgZ4CyNLZT62f-TiKYybCLjglpvwx3nKIX7qXmwWLe8b_3kJkPGQFeIfUMw_FMbAq95L8ckhTkytAQeSxWa7cpoTDa-OKr2Nt4wYVVdXNZyYqzDHb1ENbwMnff0AXfI6o-NlXVKburf4VoBE-i6DIH4mEYybognV5ErbC_WgLa7M5uf0zXg2BXHDwNOxRs2M31FHhjUoipmyvmhfKc_lZ23ZRrdUbDl40b2TFYjVtW6oLveWwME6p8PiHb2YOspNfJ5XMljUV2m7KdOVlIEuQDKhzWCCAMCvcT-0T5U9GR69pxFBcGC02SAf_7dQO9hOxcLbvsM33qx0cHnd3B7pRZCgaWWBqeVsTYeLgCG_RJfYGDKFMbJXGScf6ZY6jimeaWxJJJDJwlhxSFqLKBp_1lhJ3RvqbW99yS1tbFojXAxAd4qPoqXI1oJaVtNienhly6sd20e6r6w_K2QLqoSNigAvVBkczj7xVLdGdpddL8_Ra77t3tdAXF9xz8iOUOU8Z_CqQOnL04lbOemJ0tuC7ckt8smd-muy5Qrd7SO7PgIlNPjJRqP3GQoV1oN_pP_FnUwE1kMv8fBvuqQX6hfrx6OIpxwPxYu8oFqMv7xB3L18vMg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023011901&jk=2602712114810887&bg=!5uWl5aHNAAYDMoyoIzI7ACkAdvg8WmJC6u1iljKBJU6ZkpAljWyzytr153Y6DW3D22_TVENBj8mcegIAAACKUgAAAAZoAQcKAPHXe_mjTU2zy67KUDqkor0veJsU1uZkHIR7jGN8_vOR3KxnSzXbnxvSpAmbzyOOxKaANeZDfT8XSnbXarngklk5KoukTsuyIlRDDnUTri8nuVwbWyyEoaU1unNogpVh-uWIiHs5JfXHMHK76oK_LCnufMd8f0PwjEqU3BbiR4NZ1EBwDAvjduWMXHQZHkTxoMbLb236iF6TZPc5pQZBk7UjZ4Se2VjdvVl5Fv3AVikBRjcCYfStM0wb3cLxAhtNhWwpV9hbiMCeEXyhwA9aL2FKMpeVawyMjJXlNsSKD-_dMiLeY3a2tuJQieJrsitgT7KumQKn03jTUxtR7BDs4-Zpqiu8STS07_Bhbt-WZl6PX63-N9m_OXbTqU-wIBeKy_LTuEb9JMdmTRiCFm6NH6xhSSMm6URqTQgp2Ucu7JxQ3zz2cY1yuwg577cgISh65NPvCcyNT2K1lWOpok6Wjl_t0lPstbYc19AZdaHfHkCVs1C7-hZdjzHpJkxj_cZmoDe7OY6_MLqup3Ga-zWRQRaa-oBElc8fXUExONAGOSuHBo9ykhnUliJW9y9HAoQ8Sqess6oBqk17dudMz8xD3ErybhYq93XGz6CeTsfEoOZD_nSvTA3oj6Z8qyLaZn89-nC7F8Rf7gDEDiK0lmCUetYpbd9tswAnNQ0cxUbYFVNq3m5S2vPCaTwNQi_6zAhkPn0lhbtAyoeShM_iglApLydbkV0oJeEgBegw2686qp09EWWRtPoVEaMohRmxMYXcsSoVUBRcOLCA3D9sX3x75IR8wO-Us6bqt-Ot1QsMo9Z3AHVdYb7uWUZsvdCSDcBQ2y6JHILr81si-1jiwSN76pn6UP5TTIzkhB4xtlUzN1885t_QqD32cukGt_17KqLm9HbL3Vo_usQIJl-fM3cyNJeIvlAftJB_pnNoJh27pVPTszXiZOOxNKFN7AzHfgM7DNqiarrKqN7k0QsM2V1HuMZs-fIn9_EIheF63UiKnnSMFNHCDBT6Ds74ujbkSZNF28oMgWd81tq_yQFGc-T42KHGl5amYHQtE2k4KS53x5YRkIDBNVvvmCXWbp_hBg0cWGV-T4oajOdpwVCzFyUQYTUZEKkDZjuVBG9L_OOhvppCQ-L2QQVfpL3uJ7Ub7cCPYA2z20bgxh7WJo-AbyqcQrda0n-RUFzC0tqoe6UUxY5WsGdIyPfl19zWW9hSu4mmz-nf9ExNOq8lm9WTeA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.myjoyonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEPJlNQEzuWrxWejNCUrWFf0&google_cver=1&google_push=AavPq0PsKn2xFih2d3-jpNDVD2qHx1GTt_f0KO0sRB3Otrvh_8Op59t0-r-lBc2B8kmkI-4FrWzw8Rmo1YYexYjisOEmXSN5eJ7N2GU

Verdicts & Comments Add Verdict or Comment

275 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| oncontentvisibilityautostatechange object| _wpemojiSettings function| $ function| jQuery object| wpnmObject object| FOOBOX function| gtag object| dataLayer string| REFRESH_KEY string| REFRESH_VALUE object| apstag object| googletag object| _sf_async_config object| wpp_params object| WordPressPopularPosts number| chks number| chkc object| chkin object| chkra function| validatemsisdn function| validatecategory function| validatefreq function| check_data object| VUUKLE_CONFIG function| clswindow function| setCookie function| getCookie string| url function| w3tc_load_js function| watch_vid string| animation number| herog number| w3tc_lazyload object| lazyLoadOptions function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _extends function| _typeof function| LazyLoad boolean| apstagLOADED object| FooBox object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY function| $lvpl function| vuukleLogin function| newVuukleWidgets object| webpackChunk function| changeVuukleWidgetsTheme number| VUUKLE_PLATFORM function| removeVuukleWidgets function| generateVuukleAds function| vuukleAuthUser object| twemoji object| wp object| _vuukleGeo function| isInViewport function| lazyLoad function| cleanLazy function| loadMore number| ld function| LoadComments function| registerListener function| scroller function| requestPage function| horseShoearc function| fill_parliamentary_seats function| rectangulardisplay function| Glider object| bootstrap object| google_tag_manager object| _cbm function| setImmediate function| clearImmediate object| ID5 object| ggeac object| google_js_reporting_queue object| google_tag_data object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| _rmxd function| getLoadVuukleSettings function| vuukleLoader object| vuuklehbChunk object| vuuklehb object| _pbjsGlobals object| vuukleConsole object| vuukleSlots boolean| _VuukleDebug object| vuuklePlayerComponent number| vuukleLoaded object| _vuukleConfig boolean| google_measure_js_timing object| gaplugins object| gaData object| __ctcg_65349_0_exec object| confiant number| _nonPersonalizedAds object| default_ContributorServingResponseClientJs object| __googlefc object| googlefc string| __fcInvoked string| __fcexpdef string| OTNlOTkwNjBmNTNlOGNhN2xvYWRlcl9qcw== string| OTNlOTkwNjBmNTNlOGNhN2NhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_134 object| Criteo object| Criteo_identitytag_134 object| regeneratorRuntime object| ox_esp function| lotameIsCompatible function| sync16589_ba function| sync16589_b undefined| sync16589_c undefined| sync16589_ca undefined| sync16589_d function| sync16589_e object| sync16589_g function| sync16589_da function| sync16589_ea object| sync16589_ object| sync16589_ha object| sync16589_o object| sync16589_ta object| sync16589_K function| sync16589_aa function| sync16589_a function| sync16589_f function| sync16589_h function| sync16589_i function| sync16589_j function| sync16589_k function| sync16589_ga function| sync16589_fa function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_p function| sync16589_ia function| sync16589_ja function| sync16589_r function| sync16589_ka function| sync16589_s function| sync16589_t function| sync16589_q function| sync16589_u function| sync16589_la function| sync16589_v function| sync16589_w function| sync16589_x function| sync16589_y function| sync16589_z function| sync16589_A function| sync16589_B function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_C function| sync16589_ma function| sync16589_G function| sync16589_H function| sync16589_na function| sync16589_oa function| sync16589_I function| sync16589_J function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_L function| sync16589_M function| sync16589_N function| sync16589_O function| sync16589_P function| sync16589_Q function| sync16589_R function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_Z function| sync16589_X function| sync16589__ function| sync16589_Y function| sync16589_0 function| sync16589_1 function| sync16589_2 function| sync16589_3 function| sync16589_8 function| sync16589_ua function| sync16589_4 function| sync16589_6 function| sync16589_va function| sync16589_wa function| sync16589_9 function| sync16589_7 function| sync16589_5 function| sync16589_xa function| sync16589_ya function| sync16589_za function| sync16589_Aa function| sync16589_$ function| sync16589_Ba function| sync16589_Ca function| sync16589_Da function| sync16589_Ea object| lotame_sync_16589 object| __uid2SecureSignalProvider object| __uid2 object| pbjs object| signal_decrypted object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients boolean| 210ae074-4cb5-49fc-94a8-1b64af834ee3 number| google_srt object| google_logging_queue number| tmod object| google_persistent_state_async boolean| _gfp_a_ object| adsbygoogle string| google_user_agent_client_hint object| GoogleGcLKhOms object| google_image_requests

46 Cookies

Domain/Path Name / Value
.myjoyonline.com/ Name: _cb
Value: CF12pLCEKLuJCVG2ab
.myjoyonline.com/ Name: _chartbeat2
Value: .1674480124691.1674480124691.1.CDqPGbCBKBbEPFQ0B4HjwpCm75fs.1
.myjoyonline.com/ Name: _cb_svref
Value: null
www.myjoyonline.com/ Name: w3tc_referrer
Value: https%3A%2F%2Fwww.myjoyonline.com%2Fcrypto-founder-charged-with-700m-financial-crimes%2F
.myjoyonline.com/ Name: _ga
Value: GA1.2.947933348.1674480125
.myjoyonline.com/ Name: _gid
Value: GA1.2.944302810.1674480125
.myjoyonline.com/ Name: _gat_gtag_UA_76317721_1
Value: 1
.myjoyonline.com/ Name: _ga_VVPMTF49Z0
Value: GS1.1.1674480124.1.0.1674480125.0.0.0
www.myjoyonline.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.criteo.com/ Name: uid
Value: e2ef6b5c-7357-40ed-8903-937598ec9e87
.myjoyonline.com/ Name: lotame_domain_check
Value: myjoyonline.com
.myjoyonline.com/ Name: __gpi
Value: UID=00000bc95528c4e7:T=1674480125:RT=1674480125:S=ALNI_MZtWoWJwjFi-U3PVP9AlvU8rlJISA
.openx.net/ Name: i
Value: c8f0fd4f-71d5-4777-945d-f0d1dd055e51|1674480126
.doubleclick.net/ Name: IDE
Value: AHWqTUmYGVZARyvxDruWVO44uPAbvPJSXNk3b1MSRS2l9mkl9aNSZBvj9SemqOym2Fg
.myjoyonline.com/ Name: cto_bundle
Value: cnQb7V8xeElmUjYlMkJ4TU5CdzB3cFl0dTNEclZXJTJCMnVQcFRsMUMyJTJGMkNxSXJVdjl6RUxURXZFZW5MYzlkS1dPNlVMakd2OEQlMkIlMkZPS1Z0aGh3N0NpVnU5ZU11TEx1MDJ4Y1NtMWxoMHp1bEJIVjE1JTJGOHFodXRidEFuejU4TnRnNDlycnlzTnZGQnBXRm1SbXpQQUcyNG0zWnlLY0ElM0QlM0Q
.doubleclick.net/ Name: DSID
Value: NO_DATA
.myjoyonline.com/ Name: __gads
Value: ID=9665c659d3fdb0d7-22c37d725cdb00a2:T=1674480125:RT=1674480128:S=ALNI_MZA9G3AApxCPoYDH5chm8LeI_w6qA
.quantserve.com/ Name: d
Value: ED8BCQGPKIEA
.quantserve.com/ Name: mc
Value: 63ce8a02-489b2-66796-4b68e
.adfarm1.adition.com/ Name: UserID1
Value: 7191837396163557519
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%2293854593-4085-431E-A173-89A72723E67F%22%7D
.casalemedia.com/ Name: CMID
Value: Y86KAv9GIrpLkSQleuCmOAAA
.casalemedia.com/ Name: CMPS
Value: 1165
.casalemedia.com/ Name: CMPRO
Value: 1165
.mathtag.com/ Name: uuid
Value: d2f363ce-8a02-4800-99a8-c58a47d84301
.mathtag.com/ Name: mt_mop
Value: 4:1674480130
.lijit.com/ Name: ljt_reader
Value: GCNirGZHj33VmJ02S3urdZ1g
.blismedia.com/ Name: b
Value: 63CE8A020A64EAA28C5250BFBLIS
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.adnxs.com/ Name: uuid2
Value: 7109016139571410794
.myjoyonline.com/ Name: FCNEC
Value: %5B%5B%22AKsRol_68tYZtTZDar2pJ1nR-XspivHXkbIou1F7GzOSr9Jz1lwFKfpdLF8q_a7syt7AkZZ21HClTd5gxMvzaYRWWkiZx5izupOevTEYVWciXjkWENijq9I45W7fywQ-uxNaDLMN68B-AMfFVAhtNfI2m0YtTNzTgw%3D%3D%22%5D%2Cnull%2C%5B%5D%5D
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y86KAgABlI7OvwA_
.media.net/ Name: visitor-id
Value: 3174817308397332000V10
.media.net/ Name: data-g
Value: CAESEFALKgD_ZwT2FX-UzFPRVAQ~~3
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 2C2828BD-1B7B-405A-B87E-D243767503C8
.360yield.com/ Name: tuuid_lu
Value: 1674480130
.adform.net/ Name: uid
Value: 596705363706789764
.360yield.com/ Name: tuuid
Value: 42845bf6-c6eb-4b2d-a0f7-71834a900057
.bidswitch.net/ Name: tuuid
Value: 21ea60f5-e51d-4ad4-a862-ed671bd30d03
.bidswitch.net/ Name: c
Value: 1674480130
.bidswitch.net/ Name: tuuid_lu
Value: 1674480130
.yahoo.com/ Name: A3
Value: d=AQABBAKKzmMCEC9plsfMKIcR7l5HKutmKVcFEgEBAQHbz2PYYwAAAAAA_eMAAA&S=AQAAAlzlyNyqkI5wLIH0DGstCPQ
.scoota.co/ Name: tuuid
Value: d7b4f2a8-2e85-4eb0-8d3e-a87295cef1f0
.scoota.co/ Name: c
Value: 1674480130
.scoota.co/ Name: tuuid_lu
Value: 1674480130

3 Console Messages

Source Level URL
Text
other warning URL: https://cdn.ampproject.org/rtv/012301041800000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEPJlNQEzuWrxWejNCUrWFf0&google_cver=1&google_push=AavPq0PsKn2xFih2d3-jpNDVD2qHx1GTt_f0KO0sRB3Otrvh_8Op59t0-r-lBc2B8kmkI-4FrWzw8Rmo1YYexYjisOEmXSN5eJ7N2GU
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
javascript warning URL: https://www.myjoyonline.com/crypto-founder-charged-with-700m-financial-crimes/
Message:
The resource https://www.myjoyonline.com/wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-dtb-cf.amazon-adsystem.com
ad.doubleclick.net
ads.travelaudience.com
adservice.google.com
adservice.google.de
ap.lijit.com
api.vuukle.com
bcp.crwdcntrl.net
bid.g.doubleclick.net
c.amazon-adsystem.com
c1.adform.net
cb27746bdba170b9f16ca85336e10220.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.confiant-integrations.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.jwplayer.com
cdn.prod.uidapi.com
cdn.vuukle.com
cm.g.doubleclick.net
cms.quantserve.com
cs.media.net
csi.gstatic.com
dsp.adfarm1.adition.com
esp.rtbhouse.com
flint.defybrick.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gcdn.2mdn.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
gum.criteo.com
id.a-mx.com
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
invstatic101.creativecdn.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
log.outbrainimg.com
mab.chartbeat.com
match.360yield.com
match.adsrvr.org
mcdp-nydc1.outbrain.com
mug.criteo.com
mv.outbrain.com
oa.openxcdn.net
oajs.openx.net
odb.outbrain.com
pagead2.googlesyndication.com
partner.googleadservices.com
ping.chartbeat.net
player-files.remixd.com
pr-bh.ybp.yahoo.com
pubcast-files.remixd.com
publish.vuukle.com
r.scoota.co
r1---sn-5hnednsz.c.2mdn.net
region1.google-analytics.com
rock.defybrick.com
s.ad.smaato.net
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.chartbeat.com
static.criteo.net
sync-tm.everesttech.net
sync.mathtag.com
tags.crwdcntrl.net
tags.remixd.com
tcheck.outbrainimg.com
tpc.googlesyndication.com
tr.blismedia.com
use.fontawesome.com
vuukle.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.myjoyonline.com
x.bidswitch.net
googlecm.hit.gemius.pl
104.196.130.246
108.138.4.150
13.32.105.95
142.250.180.230
142.250.181.226
146.75.118.132
151.101.2.49
162.19.138.119
162.19.138.120
172.64.154.237
176.34.141.217
178.250.2.146
18.66.15.115
18.66.97.8
185.29.134.244
185.64.189.115
2001:41d0:701:1000::96f
2001:4860:4802:32::36
23.203.124.21
23.203.125.156
23.48.1.62
2404:6800:4003:c05::5e
2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
2600:9000:2057:ea00:a:e047:752:5701
2600:9000:211a:9200:1b:5138:8a40:93a1
2600:9000:223c:dc00:18:1fcd:351:7bc1
2600:9000:223e:4600:1a:ba5c:3900:93a1
2600:9000:2240:d200:1:a3fa:7cc0:93a1
2606:4700:10::6816:3456
2606:4700:10::6816:3ca8
2606:4700:10::6816:3da8
2606:4700::6810:5914
2606:4700::6812:106b
2606:4700:e2::ac40:840f
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:802::2008
2a00:1450:4001:808::200e
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::2006
2a00:1450:4001:812::2003
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2004
2a00:1450:400d:802::2002
2a00:1450:400d:806::2002
2a00:1450:400d:808::200a
2a00:1450:400d:80a::2001
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::200e
2a00:1450:400d:80d::2002
2a00:1450:400d:80e::2001
2a00:1450:400e:11::6
2a02:2638:1::13
2a02:2638:1::3
2a04:4e42:600::714
2a05:d018:d29:3601:d295:c4e8:8fc9:991a
2a06:98c1:3120::3
3.64.156.82
34.102.146.192
34.120.135.53
34.254.104.103
34.96.105.8
34.96.70.87
35.190.0.66
35.190.38.143
35.190.39.111
35.244.159.8
37.157.3.20
37.252.171.85
44.195.176.242
52.223.40.198
52.30.109.223
64.233.184.154
70.42.32.31
72.251.249.9
85.114.159.118
01257797f7aa4ded30d131f49c0722369205e5079938567bb5dd6a07fe83e94d
018326e7d55a2b60f35e0bcf4b00708cf66e6f25bc4fba2ac37c444b518f7286
01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c
02c2d41188e6fa43df6a6e273453b280775270f1db9199e770fa4d1ab8d73813
02e35fe3331082c58fac80f0b6fe2b319bbb6643d02d283f7a27985c02d16def
02facac25a9b9aa870afbce0a2ecc154628feaba4da736208340e7335b775f30
0442e583ad9a6d123e1e573251e6a59cc28e49dbb9a9fb7b6d22e2d206ba47e7
048fb40b03a8e15295b8fb66a5c01f605ff45de3be704cb609da98332f18f367
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0818ee22fedf28616433a9cc3acf32a81e826df3315bd538f9a2d1b20d55a667
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bca4238f408dc08f0135616a2fefa2f9db2a40f387062b4c73c93fe7bd43719
0cc7088b335b30f7b1fa0903bc8aa143b11cb8408032d62d28d5ab768cc68c88
0d4c7fd1d5fdd062669013eeee3b1322b8d5582bf1d731ab80a2c062261149b6
0e03a20d6832e6408f2a260d8ab5d3621d9ea64252e3a27cfe451be34064d23c
0ecdc6188a4b2ec48e2ebf84a2a6584e78473f1216d7119832b5dc109bec7492
0fc4be8b0e578bb98b93d13fe8234e936639e1adcfefd8d3123fd645ec344ca2
114c9b122b1fbf279d80b35358b673fc4e3dceb0b79f4601a12d9f753ffabd99
13e2b5e5c58a7a8cb3b129ecaa13d328281bde70bdf8c19b5cd49b153674aa89
15f596dab746d15017962ccc0c8e366a1c4ef352da52f424a5e335d86745a19a
16c9afb6ed90fb117a2f1f162e5d2db74efddb6e71d75bdf2009c176ead53cdd
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18c1cddb939e020253a96a4d082306be234da29c5068e7401ccd2b1607bce548
19010c36352a100187dbd35498557c5bd23404d659bf471d2baa1f4f6d6c8e92
1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367
1aae6af796749b4e50dfb211439d3bad2c858ac0e744908cbf969d0281f6c6a3
1acf66d71a58cce9c392b41311d0b1a72298ebf1cd1f0712ec5555e431935da5
1adf2bf874479961970a4306772735d4d8251a02ddda3fd01f952c703ea1273a
1b5a2bb689f35dee671ce481c1a4eef5ca841fbffe7cad9c6518862d174054eb
1d4a78769df11981630c482bfe090ec752e4a7401e15e79abd8d351f6e034903
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e5f11b04ecabb3a1cd571f83991c1a54fb7533964fafbafb77cd2ab80f72200
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2025312d980e2ac3f2eda70fdff05019589061193000e24f0ae8c50754b63b5a
2085f087c46cc880637f3db18d9ff84e0456fc2f8a4a4633a7939d0564621cca
21a924ac651ba65e51a5c9b5ae4b51453eb9b957d5990001a85960df95603d13
2263589ed89b297a57ab885c817e8c13cb0d3d36a581314298a39aafe2369c88
2284efff0f131f90c8371699557b94ee147730ea6e7b9f9dc473041fb45ecbc4
23aa272969efe7620a7945e78d0de698004ec06b8882fb500cfacac8a6d76810
23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28d276bc894cfd3cbf6bcb2c8245d566227df7e5f828932b935b715bfad0c17b
295841dcb3717c382240924d7ce2faf520db231dc63bb4c57f13d2883e12eb90
29df7fd6da53951538dc5574ee2fe9c88b153ab07cc021935c79f240cc92e232
2c7a2f8718a894f838b62a497f94eee6e1bc0156012ea6a4a1e48520010895b2
2dbe5bdc0102e824f9f2a8b804a696f4b9b68459ed1a4f15516ff90d78c5f6fc
2dd050c99336bc560137e02ce87de80b8d105cc0ee0543f99272af36c30f27d5
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2efa73a622b8782e93c6c2d2e8104860cfa688382f2fb00520c0ad32794cc199
2f47a168c119b80b9e37a9c4a111613a12a9421de72b76c6a3c619938c90b892
2f7f82329b522fa8cf2c5d82870970abd10cbc80097a5083d8e523a1d2d6b6f9
2fc0cea6c16f357f8746d85bedf59c0929f559a2224af3739d9b38641c00dfff
3062de421ab0dcb3f282bbbda8049e7aa250ef25eff9a9683e36c3108ee93d24
306ca3d9ad2199935025f75ce63e91d1dbfb943dce0209fecffb85b5fb1d85b9
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
316848fd6864eac58855efabad3212d893c4a500088863360c9fa1aa5b51a5db
31df1daeccab428602da1dd8051150c56f19eadd86ffa37db4cb0db1eb0941a7
339c431dbbfcf7b370b678aee1588f0543c767da987e8af97f5df6b907cfcf76
347d077a1c34270efa6d6f8ef73ebc1fede681e42cff5cc392a88f573bb3b4eb
34e9183eb598c83892c0f4aa5de27874e7a070fff75ff5f4870a6d7e3c026961
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37b9a627674745ecd071e8ec6c13a61a868d34579812be5ccfb4ede29f863396
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3bc8335d5923441bd343530244d911522aca7019631c749ceeac96370d4ceaa0
3c46b18a1ccba221be436881e1649ef1bfd1e656184fcd535e84bc77c77e8e5d
3db49d4f1467e70f1e51314336439550ec6678f9cf932d56bc37d7b816999df8
3e65e514deb1b2440cd10ac345a073a959cdd4d713889c9abe03bd4b67af56d3
3fc838e727e61e0527c90ca35a033aab703e75e9c6d04046702210d6bd18745e
417243696703ca6611fd5dd126cb363fec95fd2246247d44cba683d956f9ba67
424667d975a118bb9478909613f672965cb7a9459d5fe296a87548a8c21772b9
43ea858dc40003ac8d46371ae15982f7c73c789baf54845c0b46f537eea5335e
442f149347e0cc694a8fa36e3627b1dbd3ecfb37896331001280d4bed933da82
44b34578989a08119535b5c54623cab8c70a3ed38106e766784108ea3bd06949
44e61cc406c936f5800d26fef8f75795624a8b2855929034b9cfb6cab6790a8e
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48041bcb6dafadb3ecb47aacfec7f5e0e43262f9c6046c28460a38c51caeb8c0
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
49136a69959cf3fcbe625d01b4b1f6e9d08b3eaa58ff230d5f91f5e9bff21e8f
49e275caaee055806019f4c243af3f7be40d7b779ca9ab0fc29f72828c2e2a1c
4a412e9de773da78d40a223d25335fba0715c57771f69443827c9e7011db91bc
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4ac327135346c0884a1d57517753fa13943c8de02e1cc11ca8e470ae65a47a47
4ea737ac05e8ee5e490220d97b820834c18cd7c6f1da7d85007a51a5c64425df
4ef93d501cce74569911272792bf7836af546536d914ca1b87de59e4aecf63ac
506232725b472834278e60634b4137a0358256051a6fb7f6f03582964e756de9
5390e9facc0ddb3ebb2236c1c797ba47be28e4173b948f172d133e4f8ce5748e
53f98bb0b288d162a288ce2caf8406c00c1fd474f0c73a58b5893098271621a9
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
5941bbcfc82fe73f86b9ae9564a319e9b39ece69f05473f767b85df011a208d7
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a2b39fd81d9e5dfa7cd19122d29aae241c7dbab8e178b7e87640d27557085d1
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5af49e8a4b70e3c46dab9564cd55efc07ddbe8247e1bf8646d6b1c79f5e2b211
5ba3de99116648e15b945f844918e44b4c409a558d28e20119538bea2eab41c5
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
5fb9344bf86f85a31d606c8c79ea79eadc775287a9f104756c48833b0b7b10b7
6085e820b16a7d47586e305352bad56a4597d073ecf6ea2961c093ca3cb63fd6
6121ef92638698a1efef6a524096e9bccc61a28b72f28695f50a2aa7369f4ac1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a
6428478a8cb8f9ac67a4dfad6358b39d3e6803467bb4fe2c0006cc3e55d8455c
643e8f1ab15544438a2b3e78f309c24ea1703590eb2f194b2316181fe067ce7a
64717556df2e07ac4f05802eb53909e17db19b8e174dd6dce31347477e1ca854
650da9e6f05c29b40c5cf21e4ce0a863c81e6ea5234b23f4d9b93b51dc6cfc56
6512d30c6c193f381db289292adfa044a6d33b0196db5303fc74bf3aa579f481
65c9043c2813ed372e81cf54ce9b7008a347a658acdf6873c313aa7a3be96a0a
6713389ea14cc05e4e8cb02088d80e6eca8bf94c9528b5e43fe3bd5011b5df4a
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6866867696a98b0736707a8c2541821b7af25be5276ca8ac9de96025287e6183
690c2fc0be786a85a8332ef36dfa1c2dec2d8ad81abb21baaac54f030e2a75d4
69dde83cac1a0faeaebb0fe5b2bba4e2027eb337be8ca2d76b506e92cc03c856
6b759c4ab19d3efbd9690a76f96a8905734e104aaa98104f91c3fd3cfa0b154d
6ed67d00b03ac454d09fe8823fd48765227f93e6b8a8a5e47a7ee6001f090ce8
6efad1e6bd5fdd0ba9e23498896aa5b19bee073f1a880b427260e4bac3658b94
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
6fb787f393b2686b259555ee26fb1def728fb0a603fbe4b8509dd5af0b6912eb
71c602a16b78bbeaacfe42eb8aa44decc029af0b2354c51e48006e0cd49aeb0c
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0
7554638629f44ea08820074cbdce3e340089e8e3e619f3f9f5f501fd77e38dc3
78c4232b7d03656196bcd8466b06ce1f0b7e1f99796bc5126008e72593152c9f
79b650003f7c3ecf029f8ee7ec2f18aeeda579c0c2f3fc47ec54804b50d81a7c
7b2a799b6550ce9540544ad8167eb69afca6b4478a996146262f63e077bc3d55
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7b61872e07305758cb7bf21357aeaab35780b822cae04234b45d04ee6e2e4ae9
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
7e2d0edad81d1e80cf1281c0bfd22761d1af8e9e7fe72bf0026ced4326cc94f1
7e61b98cfd48dd5fda2b67045ebc64812e2125be27b1b8f699672567ae2d9ed3
7ea9327b36f8ea3355ad8a33cf7bd5735cbf2e11ed96744279181a0fedd2401e
7f5d73c848836745a93ff7aa540a8f83f9899e3668628f42e9ba0cc6ef5e0b32
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7ff1fd08b88f47dbb00f5a47a4686025700574019e591f2237a4b1a64a78aeb6
81cc7fd7df22e0e62e9fe6cc340361b2287a93752604e162440708e12712e39f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
836e3799af3ff01423838e23f10986a839509db5bd96ba941676b9102ffd42f1
859a5565dd1dafd059d03416d2baf3ba77e068daa6eb4d6bae555d389c8a36bd
8651a1012bb35c2683162251b75438c3710bb12cf07288ef9322c271c44826af
87a26ed5fd2ef06513a60d162c6d4f0ddf062686222533f7321794343f0b5da0
885cb07503e088de00e0b1502940db47d59817caf2a3e35e1f92432d48d6f8fe
8893201d22f593c535d23bc413757040c3c12bc17e54ac4aa8a8a386c9ef8f29
8b00a4d6db9c00ec418a673405c9c3fcafa42fd838b2d94e1f594e0f8022a8fd
8c082bece010e3d7fb4120f165a47bb64f589a22abcef2935485c58eb544f246
8ca8a4feeb61ae9e7c5b6dc7a7918cf9c214c601be52f73231bb20cec8861c00
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e8add0c0316a42e776f9ceb5d9b6af087ae2e99f8474d45456e44aaff268597
8f18c40a3fd1a75d239b3598c66016b18faa6b559aafccc5aba1870fef6fb146
8f7d41310435064aa15d0620251c2a473a016576e68136531c0a7e959b621bf4
91bcc65a1a6bb4755e48576889ae27c2f620e49d126b8127dd16c1a99945b9d5
933ecb1b27c4bc8c1890e2b98a1543407a563e72e4bb02d1a6602bf6f194e4aa
93465d6013f42c5d76159e93fc759ac3ae5e61bf3dc722b31b691509adcce35e
93cb5925a330630f84012b5d56afe97a04dfed609ccf3c73203ef570624ce821
9550654409f5e615f24c4f16d0323ac364e0ff1072f20eb18da70f146d53547c
95b3452ac86e83ba6a6beb3fb8541ba6611eed09ade37fa630d1a936129edebc
96d32b81e5b0ef35f87ce1153d4ba9f8047c873f66f4f28b2c5a05c009794ec3
97fd90ef746f6ef3dd8fca95e7876067f0886e31fa657470635fdeb136845ee1
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a3d1f5824ad4bd991a67acab64088920e43d25545ca6b4cb78736dc35b696a3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9bfe7ab04384a675f2c6e493fb40e3b6ad557b20ec30b5738db4f52c2dd89665
9c30ebef8622781f744afe92f1d1cc8678eede9f0dc43a2abdfb351474659f12
9d17a78f4d9779ae7353e2f0eb56d6d3b57eaf1bc2d3e4beb482ae693b00b37b
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1a74eef6e94e2e8414e313d3dac9c34b11fccf52909e9eb833ce2cf70ced650
a29cf168c7fed359190bde8541bc52ce4d3713e72b482a65ee882dce6a225374
a45d82b764c0bdfe0ee98ccb12cdfa22b69d049b3d6e4cb925b92722cc611263
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6a63c56ef9afea0434a45aea5b17b3bd9731bfd2f1aa98bd588d481345fe0e6
a6b14f19ff1b6305699bc9e066c2b354a7b4c9c538098baa40bbd27075c1a4f7
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
a8dabbe9a72646731da94581f6de8704d4a020deb7a456aa868583d2020385c4
a9ed6c0cdb54ddeb561369fa2f9748cd0dcba457ba2cd0cb1955cf48387bcf2a
ad934ad20c1854d2f78f9a30bd38d90cf32336d953f2fa31b510ebe954c435ca
addec199fcf7a538b4b38ab5464ee3c8f69c0af9bbd0485943029382338ace12
b14b907fe270bf246c22573b3d013b17ad3414dd60718c152dfa6f872d62bc51
b1fa693d2cd4a5db2635ceb147f1aa0b5d4d75691c093bd8848e1e4a7b8449e9
b38e47a0754cf33284eff286bd4a4b4e42bb75a1acebd2dd5a7589ca1d952ab5
b59e31aeaca17f052e5e16fa1713cb48d45997454c26ae2876302420b77751c2
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
ba3584761276f82a3dd827aa73faefcdad890c7472fdc47552af746cfe8a4198
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
be9012b0360c89cf45f6469fa51b491796f4fd5564b93c2c24256451f9db1310
c0916f65ed64f655a33783c1340f634d26cd954009c0fbf5162784e68c529c33
c35829b27cab8baa43d3fcab2264640c80df89151eee9391708049c39ddd368c
c515abea3632e11f7febff0522cfc2632cbbe1d4aacc03a455571ee6d6e68e52
c6629584f62feeb6b024b50fae7e99ed6bec9942ce434c8163e2d627f1253dbb
c7b1e6ee879f585d048b6605c5044e1b2ff00fbc1d3987de6fc169eccab8a804
c93dc84049ced06257c79f0b114862380a1964936f843f7c962076b4e107d58c
c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763
ca6c16c6013cfe412256750240a45fca92436f20394d5a931b5925431467e4e5
cb124e502b5c41e197d70daf1372272b4f6c7ebe8ce427f6921db3345b0eaeae
cbec7579d8c2963f13b8ef90847bef861b534371bfd2dab99ebb09ff1528b0e9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfafe4c3dcd23c4839203bb5086f29ea67e5a0e29ac159fe5776817073d064ba
cfcf65d9367265634451d5ea043d0f33e1fef98d8595a7e86085dde04b392cab
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d32658fc01cb3bf428d18cf7912eb29f7f6e2902674775c65c9411f6cb2e9e57
d43d17e090174065f5ddea2c246df2786d72606f1717b49046f013adc1701ee2
d4e7f21914210e4d6da2b44cc05a554cdd1e538ee43e1d4dc5d6e6a1f1ee1282
d6e787517953114e08766e46d5941979cd8d599478ccf48ebb400bd3752aee14
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8f733e621286286772203c45042667f0f07153cf35044f2778bc52a60926078
da18ca5c0fcbb13b7cbcc303389199c34093913017249f2a8ba9a2f27049890a
dbdbd5e3aec40a38eb3508b3ff8e1b2478e00c515108f4a46402db08c72f8445
dcfd81c9426baeb3821d227a40cd765d3df097fbb0df64913f7bdd414bf4a3a4
e0e017de0b96508b616df4a4f200585fee7df1100ebfcf06a2d77acbf63b81bf
e27baa66e35f5d5adc061e7e1dde7ecc416a7ae08a15b8e0c6f36e7a2557e5a7
e32b7c077a545e3ea7f97d38d5246474178e97c2bf99919960c7a92609aa506e
e35bc74cf7e4af128e2bb83ed004693fd139abbb97c13f4b86b763802627965c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e527ed2aef39f2b9e64ae9ba09929961f15d93e35c16dcee8759f55214a982a4
e59d3cc476240f7149f0e89f45fe8a0d9c2271a9d4c3d1e4eb112269a7b4292a
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
e5ec9d53f8d82f9d59a8e9157c213b7b9cf49ef83d6e068e22f63238f195aa15
ea19606333339c1f788ee53fde82a94ed6d164673abe2e5939fd3aa081ab53eb
eaa653af5e2a278672661f05d1af722339924fc64dc6d314f85a644e1d3e52a1
eb62c6d71dc6f167d5af0be1f0797652b5f318f0d2d15c7aa0291b6553e3a048
eba6aa12aa6e1e2f52a99e1ccd97e4d682c1669a51ea7464bb697c7d97d9716f
ed5b49fd22e45cda66721a93e279a4e5833c72f7097352a444a785d922f13190
ee0358b12d512e90cd120c27f96a4ff913c23c5a4f810ea5f9258ce03dadfac4
ee54185d227b97546b9516a4930f7e72a810488ab8bf9c9ba7f897a782bd0437
eeb399f1789ed52132e5a180555cc0e24bf966b03cd0e97792bae7c637e4e229
eed474a49bdbf745c19e463f070e67977c1ab27835603eb749d9e5c249cf81f8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f239f3f5ba2fe8def7ffc52c0268cfb1cbd362214823676459daa279370a9cfa
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5347c4105095bfd7a60d36cebf6326aa7be3c361650fb65db295b6062389ba7
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f809897f96b55f10da7d6f752fcfd2a818611c9dc60e35e4c62789c3a2b958d5
f9d0696d92d7edf43076ee89d8084a9389c728b94a31bfee4c7305dde4bd57e0
fb63ea01905ce48550a69f026781efea4d406b3b0e99be21e1609f4c96bc09d1
fc871e89201aa44e7380e81e7f7846c4164e5a5d3374ba722a90e518ad48feae
fd3b62f1c4f188c40237a6234ce56981efaa64c22eea9c462aa57fd7d1bf8829
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48