urlscan.io logo urlscan.io
SecurityTrails logo

www.farfeshplus.online Open in urlscan Pro
185.18.205.182  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www2.farfesh.com/
Effective URL: https://www.farfeshplus.online/FP58.asp
Submission: On August 10 via manual from CZ — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 55 IPs in 8 countries across 40 domains to perform 577 HTTP transactions. The main IP is 185.18.205.182, located in Gan Yavne, Israel and belongs to INTERHOST, IL. The main domain is www.farfeshplus.online.
TLS certificate: Issued by R3 on July 27th 2022. Valid for: 3 months.
This is the only time www.farfeshplus.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 72 185.18.205.182 61102 (INTERHOST)
50 2a00:1450:400... 15169 (GOOGLE)
19 2606:4700::68... 13335 (CLOUDFLAR...)
3 205.185.216.10 20446 (STACKPATH...)
18 142.250.181.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (STACKPATH...)
13 2a00:1450:400... 15169 (GOOGLE)
7 185.18.205.174 61102 (INTERHOST)
47 2a00:1450:400... 15169 (GOOGLE)
7 52.222.209.55 16509 (AMAZON-02)
1 108.138.17.30 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 13.32.121.55 16509 (AMAZON-02)
1 18.119.62.241 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 45.133.44.4 7018 (ATT-INTER...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
165 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 2 52.94.222.140 16509 (AMAZON-02)
1 2a03:2880:f01... 32934 (FACEBOOK)
8 22 2a00:1450:400... 15169 (GOOGLE)
1 162.19.138.116 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
2 141.95.98.68 16276 (OVH)
9 19 142.250.186.162 15169 (GOOGLE)
5 11 104.18.19.126 13335 (CLOUDFLAR...)
4 7 185.89.210.90 29990 (ASN-APPNEX)
1 2 52.18.251.16 16509 (AMAZON-02)
41 2a00:1450:400... 15169 (GOOGLE)
25 2a00:1450:400... 15169 (GOOGLE)
2 2607:f8b0:402... 15169 (GOOGLE)
1 66.102.1.155 15169 (GOOGLE)
7 172.217.16.130 15169 (GOOGLE)
1 165.227.238.198 14061 (DIGITALOC...)
5 2a00:1450:400... 15169 (GOOGLE)
4 2600:9000:249... 16509 (AMAZON-02)
5 104.244.36.20 7415 (ADSAFE-1)
1 2.18.232.99 16625 (AKAMAI-AS)
1 2620:116:800d... 16509 (AMAZON-02)
1 1 52.57.93.199 16509 (AMAZON-02)
1 35.227.252.103 15169 (GOOGLE)
1 198.47.127.19 62713 (AS-PUBMATIC)
1 1 69.173.144.165 26667 (RUBICONPR...)
1 2a05:d01c:1d8... 16509 (AMAZON-02)
1 1 185.29.134.244 30419 (MEDIAMATH...)
1 2 2606:4700:440... 13335 (CLOUDFLAR...)
1 3.33.220.150 16509 (AMAZON-02)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
577 55
72    185.18.205.182 (Gan Yavne, Israel)

ASN61102 (INTERHOST, IL)
PTR: 182.205.interhost.co.il
www2.farfesh.com
www.farfeshplus.online
50    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
19    2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)
live.demand.supply
3    205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
jscdn.greeter.me
cdn.flashtalking.com
18    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
13    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
7    185.18.205.174 (Gan Yavne, Israel)

ASN61102 (INTERHOST, IL)
PTR: 174.205.interhost.co.il
images.farfeshplus.online
47    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
7    52.222.209.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-209-55.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    108.138.17.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-30.fra56.r.cloudfront.net
certify-js.alexametrics.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
4    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
7    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
1    13.32.121.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-55.fra60.r.cloudfront.net
certify.alexametrics.com
1    18.119.62.241 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-119-62-241.us-east-2.compute.amazonaws.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
2    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    45.133.44.4 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)
player.aplhb.adipolo.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
adipolo.com
7    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
165    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    52.94.222.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2a03:2880:f01c:800e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
web.facebook.com
22    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
lb.eu-1-id5-sync.com
2    2a00:1450:400e:810::200a (Ireland)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    141.95.98.68 (France)

ASN16276 (OVH, FR)
PTR: ns3216657.ip-141-95-98.eu
id5-sync.com
19    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
11    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
7    185.89.210.90 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    52.18.251.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-251-16.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
41    2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
25    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    2607:f8b0:4023::78 (Clarksville, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    66.102.1.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f155.1e100.net
bid.g.doubleclick.net
7    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
googleads4.g.doubleclick.net
1    165.227.238.198 (London, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)
vast.doubleverify.com
5    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2600:9000:2491:5400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
5    104.244.36.20 (United States)

ASN7415 (ADSAFE-1, US)
PTR: nyidt.adsafeprotected.com
dt.adsafeprotected.com
1    2.18.232.99 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-99.deploy.static.akamaitechnologies.com
secure.flashtalking.com
1    2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    52.57.93.199 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-93-199.eu-central-1.compute.amazonaws.com
d.agkn.com
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    2a05:d01c:1d8:8101:d7b0:e7f4:5b5e:7c21 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
1    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    2606:4700:4400::6812:230b (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    2a05:d018:d29:3602:ab6e:8189:a819:79f3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
Apex Domain
Subdomains		 Transfer
222 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 124
6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
2 MB
88 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 222
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
cm.g.doubleclick.net — Cisco Umbrella Rank: 208
bid.g.doubleclick.net — Cisco Umbrella Rank: 473
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 313
865 KB
77 farfeshplus.online
www.farfeshplus.online
images.farfeshplus.online
2 MB
41 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 289
568 KB
26 google.com
adservice.google.com — Cisco Umbrella Rank: 98
www.google.com — Cisco Umbrella Rank: 10
2 KB
25 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 374
506 KB
19 demand.supply
live.demand.supply — Cisco Umbrella Rank: 35573
41 KB
13 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 187
545 KB
11 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 801
static.adsafeprotected.com — Cisco Umbrella Rank: 594
dt.adsafeprotected.com — Cisco Umbrella Rank: 538
113 KB
11 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 453
10 KB
10 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 267
fonts.googleapis.com — Cisco Umbrella Rank: 67
imasdk.googleapis.com — Cisco Umbrella Rank: 448
151 KB
9 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 323
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1264
48 KB
8 gstatic.com
www.gstatic.com
csi.gstatic.com
fonts.gstatic.com
107 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 238
7 KB
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1443
id5-sync.com — Cisco Umbrella Rank: 541
26 KB
4 google.de
adservice.google.de — Cisco Umbrella Rank: 8117
1 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
region1.google-analytics.com — Cisco Umbrella Rank: 2742
20 KB
3 adipolo.com
player.aplhb.adipolo.com — Cisco Umbrella Rank: 194811
adipolo.com — Cisco Umbrella Rank: 122484
8 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 94
185 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 804
s.tribalfusion.com — Cisco Umbrella Rank: 2199
1 KB
2 flashtalking.com
secure.flashtalking.com — Cisco Umbrella Rank: 2023
cdn.flashtalking.com — Cisco Umbrella Rank: 913
2 MB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
web.facebook.com — Cisco Umbrella Rank: 239
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
87 KB
2 alexametrics.com
certify-js.alexametrics.com — Cisco Umbrella Rank: 9053
certify.alexametrics.com — Cisco Umbrella Rank: 5001
5 KB
2 greeter.me
jscdn.greeter.me — Cisco Umbrella Rank: 201180
16 KB
2 farfesh.com
www2.farfesh.com
264 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
1 KB
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 381
265 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 484
864 B
1 innovid.com
ag.innovid.com — Cisco Umbrella Rank: 1388
296 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 326
456 B
1 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 636
166 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1516
350 B
1 agkn.com
d.agkn.com — Cisco Umbrella Rank: 568
758 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1083
463 B
1 doubleverify.com
vast.doubleverify.com — Cisco Umbrella Rank: 2044
4 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1685
336 B
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
48 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 862
419 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 615
82 KB
577 40
Domain Requested by
165 tpc.googlesyndication.com googleads.g.doubleclick.net
6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
www.farfeshplus.online
tpc.googlesyndication.com
cdn.ampproject.org
imasdk.googleapis.com
pagead2.googlesyndication.com
s0.2mdn.net
70 www.farfeshplus.online 1 redirects www.farfeshplus.online
50 pagead2.googlesyndication.com www.farfeshplus.online
pagead2.googlesyndication.com
googleads.g.doubleclick.net
6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
s0.2mdn.net
44 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.farfeshplus.online
6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
41 s0.2mdn.net www.farfeshplus.online
s0.2mdn.net
6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
25 cdn.ampproject.org googleads.g.doubleclick.net
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
22 www.google.com 8 redirects googleads.g.doubleclick.net
www.farfeshplus.online
6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
tpc.googlesyndication.com
19 cm.g.doubleclick.net 9 redirects googleads.g.doubleclick.net
6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
19 live.demand.supply www.farfeshplus.online
live.demand.supply
client
17 securepubads.g.doubleclick.net www.farfeshplus.online
www.googletagservices.com
securepubads.g.doubleclick.net
13 www.googletagservices.com www.farfeshplus.online
googleads.g.doubleclick.net
6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
10 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
7 googleads4.g.doubleclick.net www.farfeshplus.online
7 ib.adnxs.com 4 redirects googleads.g.doubleclick.net
7 fonts.googleapis.com googleads.g.doubleclick.net
6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
7 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
7 c.amazon-adsystem.com live.demand.supply
c.amazon-adsystem.com
7 images.farfeshplus.online www.farfeshplus.online
5 dt.adsafeprotected.com googleads.g.doubleclick.net
5 fonts.gstatic.com fonts.googleapis.com
4 static.adsafeprotected.com googleads.g.doubleclick.net
srcdoc
4 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
4 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3 www.googletagmanager.com www.farfeshplus.online
www.googletagmanager.com
2 csi.gstatic.com imasdk.googleapis.com
2 fw.adsafeprotected.com 1 redirects www.farfeshplus.online
2 id5-sync.com cdn.id5-sync.com
2 imasdk.googleapis.com 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
2 aax-eu.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
2 player.aplhb.adipolo.com jscdn.greeter.me
2 cdn.id5-sync.com www.farfeshplus.online
securepubads.g.doubleclick.net
2 region1.google-analytics.com www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net www.farfeshplus.online
connect.facebook.net
2 jscdn.greeter.me www.farfeshplus.online
2 www2.farfesh.com 2 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 match.adsrvr.org 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
1 s.tribalfusion.com
1 a.tribalfusion.com 1 redirects
1 sync.mathtag.com 1 redirects
1 ag.innovid.com googleads.g.doubleclick.net
1 ssum-sec.casalemedia.com 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 image6.pubmatic.com googleads.g.doubleclick.net
1 rtb.openx.net googleads.g.doubleclick.net
1 d.agkn.com 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 cdn.flashtalking.com www.farfeshplus.online
1 secure.flashtalking.com www.farfeshplus.online
1 vast.doubleverify.com imasdk.googleapis.com
1 bid.g.doubleclick.net imasdk.googleapis.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 web.facebook.com connect.facebook.net
1 www.facebook.com connect.facebook.net
1 www.gstatic.com googleads.g.doubleclick.net
1 adipolo.com www.farfeshplus.online
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com www.farfeshplus.online
1 certify.alexametrics.com www.farfeshplus.online
1 partner.googleadservices.com pagead2.googlesyndication.com
1 certify-js.alexametrics.com www.farfeshplus.online
1 code.jquery.com www.farfeshplus.online
1 ajax.googleapis.com www.farfeshplus.online
577 63

This site contains links to these domains. Also see Links.

Domain
twitter.com
sulvo.com
Subject Issuer Validity Valid
www.farfeshplus.online
R3		 2022-07-27 -
2022-10-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
demand.supply
Cloudflare Inc ECC CA-3		 2022-03-21 -
2023-03-21		 a year crt.sh
greeter.me
E1		 2022-07-19 -
2022-10-17		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
images.farfeshplus.online
R3		 2022-07-29 -
2022-10-27		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
certify-js.alexametrics.com
Amazon		 2022-05-30 -
2023-06-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-05-19 -
2022-08-17		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
certify.alexametrics.com
Amazon		 2022-05-30 -
2023-06-28		 a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon		 2021-10-12 -
2022-11-10		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-07 -
2023-06-06		 a year crt.sh
player.aplhb.adipolo.com
R3		 2022-07-19 -
2022-10-17		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2022-06-01 -
2022-08-30		 3 months crt.sh
*.id5-sync.com
R3		 2022-05-31 -
2022-08-29		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
vast.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2022-06-13 -
2023-07-15		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
*.adsafeprotected.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-18 -
2023-06-18		 a year crt.sh
cdn.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-20 -
2023-05-20		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.innovid.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-15 -
2023-04-15		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh

This page contains 64 frames:

Primary Page: https://www.farfeshplus.online/FP58.asp
Frame ID: 633217EDB696A93A4C3360D1EB8C3BF3
Requests: 160 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20190131/zrt_lookup.html
Frame ID: 9D2A200C413D31944F69C80A81E0C281
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&adk=1812271804&adf=3025194257&lmt=1660112923&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922918&bpp=11&bdt=581&idt=175&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2329524702554&frm=20&pv=2&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=190
Frame ID: 29930F1C87CE4FF68F9D470514627B25
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=600&slotname=7260452004&adk=1988084761&adf=854766408&pi=t.ma~as.7260452004&w=120&lmt=1660112923&psa=0&format=120x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922943&bpp=1&bdt=606&idt=213&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2329524702554&frm=20&pv=2&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=25RoGZ341m&p=https%3A//www.farfeshplus.online&dtd=219
Frame ID: 2ED7CD52515C288D1372B3CB85B7A6CB
Requests: 9 HTTP requests in this frame

Frame: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E27E39D70C59C8ECEBF307BA303F4C9F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=3827245123&adk=203976336&adf=54630664&pi=t.ma~as.3827245123&w=120&lmt=1660112923&psa=0&format=120x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922944&bpp=1&bdt=607&idt=331&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IHvfmFgPD1&p=https%3A//www.farfeshplus.online&dtd=333
Frame ID: 3A55DD4D767071BECBAF49FA5E95234F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=280&slotname=9134183485&adk=3378407940&adf=438727914&pi=t.ma~as.9134183485&w=336&lmt=1660112923&psa=0&format=336x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923300&bpp=1&bdt=963&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=3262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=39&uci=a!13&btvi=1&fsb=1&xpc=4MUJuJ2tiO&p=https%3A//www.farfeshplus.online&dtd=4
Frame ID: A0FD7C8331D0FD468BEF8CE182E8AC0A
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=8400035594&adk=833794805&adf=3132389021&pi=t.ma~as.8400035594&w=160&lmt=1660112923&psa=0&format=160x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922945&bpp=1&bdt=608&idt=362&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600%2C336x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mE4KS0So69&p=https%3A//www.farfeshplus.online&dtd=366
Frame ID: 25031B991E9608A355CE3D392373E451
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=250&slotname=2097210043&adk=239546933&adf=1297813666&pi=t.ma~as.2097210043&w=300&lmt=1660112923&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923349&bpp=1&bdt=1012&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1760ac1a23b33a3-228f92b8e9cd00b3%3AT%3D1660112923%3ART%3D1660112923%3AS%3DALNI_MYsepQxJ79h40_6v6XfVTRdIlpAyw&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=40&uci=a!14&btvi=2&fsb=1&xpc=JXW3qJF5H0&p=https%3A//www.farfeshplus.online&dtd=5
Frame ID: D25A7576C062B424B3C193665E3B6E7C
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=2065248459&adk=1530395088&adf=1056458448&pi=t.ma~as.2065248459&w=300&lmt=1660112923&psa=0&format=300x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922945&bpp=1&bdt=607&idt=412&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1760ac1a23b33a3-228f92b8e9cd00b3%3AT%3D1660112923%3ART%3D1660112923%3AS%3DALNI_MYsepQxJ79h40_6v6XfVTRdIlpAyw&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ZhN9XgVK8W&p=https%3A//www.farfeshplus.online&dtd=415
Frame ID: BEED604DBA1F84FAA5BEB66DD9CF5F8D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=250&slotname=6076681977&adk=2278793534&adf=3181854402&pi=t.ma~as.6076681977&w=300&lmt=1660112923&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923419&bpp=1&bdt=1082&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600&nras=1&correlator=2329524702554&frm=20&pv=2&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4778&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=43&uci=a!17&btvi=3&fsb=1&xpc=S9xagpeohj&p=https%3A//www.farfeshplus.online&dtd=4
Frame ID: 20D54635004A627A86C4762F2199CB2B
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1738279810&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1660112923&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922966&bpp=2&bdt=629&idt=464&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=ZnV6vXKrNG&p=https%3A//www.farfeshplus.online&dtd=467
Frame ID: 5885B18F4781CBB60EA5161ED581E0B7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3713237092&pi=t.ma~as.5788561387&w=728&lmt=1660112923&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922975&bpp=3&bdt=637&idt=491&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=963&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ip6Eyayggw&p=https%3A//www.farfeshplus.online&dtd=493
Frame ID: 3EEBC0253DDA056837FCAEB6665E66FE
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3622919201&pi=t.ma~as.5788561387&w=728&lmt=1660112923&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922989&bpp=3&bdt=651&idt=522&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280%2C728x90&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1563&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=SoA8VOiTCe&p=https%3A//www.farfeshplus.online&dtd=525
Frame ID: 490708A5EAD5160878EDD721BD0FFD56
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1966580796&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1660112923&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923008&bpp=7&bdt=670&idt=527&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280%2C728x90%2C728x90&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=2497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=RIA4frzf2s&p=https%3A//www.farfeshplus.online&dtd=535
Frame ID: 08DE2F07E30F5388E582650FF73D46F9
Requests: 2 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_cnv_n-Outbrain&dcc=t
Frame ID: AD31040A16FFBC27365B98D9B704CCBA
Requests: 1 HTTP requests in this frame

Frame: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 46762D4FE6837CD242A739FF08755E28
Requests: 3 HTTP requests in this frame

Frame: https://web.facebook.com/plugins/like.php?action=like&app_id=382287608570983&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df21dfa9d84cc45%26domain%3Dwww.farfeshplus.online%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.farfeshplus.online%252Ff1d88958d5c0b6%26relation%3Dparent.parent&container_width=100&href=https%3A%2F%2Fwww.farfeshplus.online%2F&layout=button&locale=en_US&sdk=joey&share=true&show_faces=false&size=small&width=50
Frame ID: 9F37596DDE3A7DB3D12DAE049D650A81
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYnuqZyAEwAQ&v=APEucNUA8I-ucbuj_c-cMUecQshzd_x5PfnY_Dlw6cSOhko9cz5HQmrst7uQbmYBSsEsV-_pSfzCTsaRKc46PNcuhxAa_QCpTw9n6Nj8l6sm-0RQLNWXfQg0eyaUEORbFCox4jIvUKSUwB14AqlRFVpC24BW34kwZFIuujlTy8HaNOljpbJKpD4
Frame ID: 402A3138AB658783F9622098B0F79462
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/abg_lite_fy2021.js
Frame ID: 496C8399D29D6583C06F9C597ECCA198
Requests: 13 HTTP requests in this frame

Frame: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 83BB2279693CD98C25686D0A89ACE84C
Requests: 8 HTTP requests in this frame

Frame: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1707ECE67631CEF35FAE4755ABCA905C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
Frame ID: D5E3DBB70B2E45D6D9F992A353482CDE
Requests: 1 HTTP requests in this frame

Frame: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3B044E05B6466C4D97D2BD332917ACB2
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/index.html
Frame ID: A24012741C3730B881182008BE2BD83B
Requests: 10 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs
Frame ID: C60078E4287C29F4EC443315D203EC79
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/index.html?v=b208246486
Frame ID: D5986C699EDA4EFF566B42A7DACFC0E1
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiVs_fOATAB&v=APEucNWI5IDkLHloyMINOUrYCuaYVOBXXWj4JdoUVDTDP61bqlATf82Tpk57BaAwkMYraE0lxW4n6POeqWU2Ev5sdyY_iTcbR5CKULRIIK9rYpIJVHxURmt_X9utnCi-IKb_f762_Drhy-Ec0GfADsYh5zZN2DnskpbjAg-Kkr6FsOvV1eD9vcs
Frame ID: B8B12EB63ED47BA5D7A5E71365593C35
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DNmQwGR2-JpsM2tiQAv31_kixetxy10nCE1d5_88_R5DCk8gY5IBW9JHHUagJ-aAmPASB58YsFlaESeZ_nVC_EArgDcQCnI0mCgId5l2ZAHA1vQcFn8X0rbfUoqznsoIfWEq6M0x2iKQfc-CV76EakH7gG8w&dbm_d=AKAmf-D7WIz9bSOS0bei21bfZT02x8qiylcASUWM_5XPpjxlEC6sMFfZJw5M_GPdMafIm4Dggp5Pf07yOXFe2ksOMlXklQSXpfZIZFgNiAg0N4imSeO-lyIMMtwnQkqEEygoI0fv5CvQ5Mjg9CdoADPesJlXp2pyBSKp9wjbEp6WaILKH7u-z5-2ngg_P8Enaj9ODLT3fnafP9l6ZZYL0dVtQu_ufb9H1bZ_qXfVnCky9PQcaeDorIdqSvh9VdLgXm6YDBV6KsBnmOc9rbLw0c3QyCbJB6RrW2eK8taGlTaHkwlo2cyvyfrSMCiubnFCfZoNsVjHbyJwgyAGl5RDugN-6AeG0NinwZJaqcFW370fgHAvP5pNHxIDOr0ultyFnJ3PMPPafIVdXuvJHljJkvKBYHEg9HPbV_B_0cez2XF6AtttTglEq0nLDG-2F9WBe9pl58plS_6jeghvnsWjaqYVR6IRD_1RASzGdDg5Rm6u-P29v-hD3LRRa3G3M9XBg15yjUPdUYXePBXfQCxBOQRnSP3qAtDiTiaxlcnHVMTrqkxC4qTOWQAAMAy_fk4MQyIRnMdF5twrTQXcMzpa9E8dUyaK9heRC-AyhARNzmjlxMh3N2224N6XMjja3FYbSZwYyhXE38nGAvxD1PMG4OZCbN0rAHM4BU9ignXYWpUMYqvidCA-sIsY_CumClB_sz4wnX_6PoJMPrnpdyM9zQU2pwcqJ4FfGo-iPAw96flrdSqUConyppYKu-6PcXweJrp7CprwO5NPZ1rEjmfN-a9RMSzzBelaW93466q04QSbfRNkEEDMqIuro89R10zbkIlh6XlZr8RXJNn0a4H5yt_nKnTnJPFBC1Mv32aP28qfU1WpvjIL-PB74z5Bi-6c3FoFD65p4oEkJufzC6E4-0WGlJT4mRfzRYIAkANJMefEoOfLuK4q2eBQ7nBtttXzxMoZlj0D3i1Hc9JlR8H2rX25t-4OI4_5QnHwrF9LAzLP9WrZjDS73stjXJlQ0tXptrzu2v5FktKNwXUjNYhV7DAddNu0S_lQZnCnAd9K974UkbUzw5Ci3wqml-fT5NAuGbfRZdEsj6Fd_8O-iZNsIaMUqUyc3Rjj3-7G67Pmi-QlisyfDvp0aU0q9bQxM_xBVnzY4Sa2oGAIwrWbx0GXJ13JG3jhBAcEN-fr7W5M6KRxSw0aoWmzfA7EKfSt9CnMgCgeRKaj_QN3TWaA2ifqeJkFfXnqrlusWx_R8a3AjX7viPOC9TW0FkWGsYUHZpURcZpGWfiq7W69PTRSB70_ctwepnLS3z5Ket5aGiuuNwxh4eCIVZFDU2pIXGuclRO-Fk7oyMxtWkvGhk8tSPVCUxNKTg369bsXdDlk3MGJd92HNOroyGVCs6HsD5DqvdHhTT3GlTc1GMIRczODJPcnGhQ7EDvXJ7QpFkSCdYAQBQhcL2ullHFOUyOVVz0Hee5rDJGHW8Nfi1KyAlOyxM38GzPE9LZ1zB81088wKW67S5D8TTvI1Jfml0hNLxc-X9lvLuK4jdjObrWYDt03RWFkICwlGVn6WXr5JcjMp8YL2aLIpkENM5Q9Z5srwTv9E21C3hnYU43i6Cc2DTlb1CLNToliW001IUcOWwAZq21lemscapMix5_Yf3qEv9TGYCQ41HIa6PHmNxBTPHO-6zOAxSDzkopRTI66j0MvpLOrDjpRS0jMjarM0QwczsQczUv3LIqPuABb5gkoq0uKGsNYMKfbw6RwY2WCalAgjrgwvizGcxrrl0XSQ87A298mMQ3n7hCjADatN1ewTTN-m7AWqS-B7ObBKrMB5DxwBFnpJ3vC-Awhy9TkHAfsJj_5Ug8IJvQXjBfMiNls40Xr7jdiI5520mMdbWFoXHAMbkp9EoOnd1-CBfoNf-UPXxw2G5tp-b9QI_ost3YFiaF3PpWLCZjYRPQPz9Vu6Oi_NLQpwTj-X9tdElLlmPdP_C1lpYILVhlaW2ELok3WraRBsy83QMaRYlCEUozFMCfjpT2ALZbIL3jKDY8mb6xi4NBBGIY40pI5uyUw4mDIRZz3KJMdgfhJNyilTdp1RbmrrOs_0ZUiQn8JQga4t93T2na235F0BmEaels12LJeQe4OVDZ7aZj7ppsEDggSZ0jwwxsVoXUY7No9Rt4BlxYSWss6xeIECqPzDFT1xyDnsBdaugrBF8nbscQhPqJALI5FjmtAvgFN5vqTKtlvx10Dt_HBRFjqupydJThw9DgXPG_3O0x7m8F3aQltWNwVswwEPa4IxdT9dFy2vF8NfIMhOMlitwRHZvMIx0FQuEvaK_3F2nrZPldv9LppLmH9WBQI0JKojAHMgHhCCXweLdAFhwRhJ7yPXTCQV0MSde6LfCse_xIAiOBs5mT69DmeEZUspnkNOIxO7m7Eqzut-mC_P1GoOAyHMr9L7oR2sOu4BboLTpwu14lGa2JRtyexAOPXlO7bKHFE52PuNN6itP8E_rrkUcvkcLa0wbudAR3W4qdQ6cnh9xdX_2UVO2lMQFHBC4wRDCswbnTBIPE5aMoUsm0kVvSp-TzzXj5TDcG7lUSYV1i-w9TkOebMu-b0xgJq5dwktmzY91UiwXJmz5a4giKnQElFPRJKCWTUw2SL9XxT7ruYQ4fp2KFQGYaLXPwaxWrl2W3vrayosxxfRbRWZqe8YSLpUsMJShcSUed0Z4gceKuHraMDfwsNhgI26hWOqfQAMU-dzzdxMyEs2QOI31AhK6aJZMiIqsl-z7J6wUvnFPPVCUbA6Z-0zxykWqzfkDgaA88zI7m4zX6D_radi1_l3IEr28kW-Rg3qh-TDPVLWNdgCiBoX9H6dC0Kggcb00o7-2G3HMCORv_FWwolYljudffWjHOyesgi2vqf-4l2P5v_hRbC8Du4nf056AeRl-74mZpdglSRdyZSOt-I5st54Yh56jRpoxLXcOsNkQxHxzYEDKJ2OT2a_hBV6HSVvcMV6dF5lZ4oDUQjzfgJclYG3RkObhrxA47rGN4sZLDaZHPSrYBn3THqagHOOa4pQTBzGAScToi4fQgz_6wgvEFEAZ7iW5QkhnBEi0IIOE0I0wogIHATtkDlFZArD_aCi2_-oOKV4ClaNRGbtNAz9DFPnEdYvMqqUclUpyyKRWYLuswyQQ3LP68Qr5fiNg_n9QTPr42ZOyUCn9X7iADgdW5_ZG1kbuv8Ecvy1BLKgnH0N-edVPr9-mSjlcpOJBRA9WHhNmmDJMavnfPeY5QCCPpywfNF6Aet2KlixW_7oWghiwh4FDgSeB_T54CrBRapL6U1GcV1sghXF09H3qHAZSBlrczosjuY31C_3wX9nP8rx5XmWRLW50VR-HJlLtguQcPabCOZ3OWfB72AEdIjQGOzwpPi2d2gTt9wPZmeMqgej6ZBuTFToncPsUprwq2iRhcBZL59uT60FP-sZOzqkhmJq3LCwVdWqgK1lzhpc8YuH-W9sYrGmNEvj25Z1OwMleOFaB2mnoaPD15HulKSKzHAXHUGGoOaC00XtBpl&cid=CAASJ-Ro61A8Aq-2obQ-Y50Y1bCwLBdmJU8jpoCxaoOf5UVTFRYv2EjtGQ&rfl=2%2Chttps%253A%252F%252Fwww.farfeshplus.online%252F%240
Frame ID: D33E7E3E203B68E84A3252F308040920
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6379025172620985042/index.html
Frame ID: 4D0C809A429C58815A96BD424138E981
Requests: 16 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=3Mrl2xzQ8k&t=1&renderingType=2&ev=01_247
Frame ID: 6EB10885E18057C956756500EE900D56
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EB310B2C8BD5CD549A8B13FF8E0E14E7
Requests: 9 HTTP requests in this frame

Frame: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 708F5E1EBAF1445F39B5355412FC5A3A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2CE35B2C180E083A84AEC4E7548FD41B
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: D547D79E858D9E55ECB978B99FD28A97
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/index.html
Frame ID: AF147F427DB7AFBE2F8BF4BD0441CD08
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1E06E1878E08C87B09CCF4A48FFCF143
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13842806366495536883/index.html
Frame ID: 66A39A816D280345DD1F9E4C9F350B5E
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CSXPBG1DzYqPLGLmK7AO5rIKgB6360LtrhpOcs4wQ2dkeEAEg7L-QEWCV8p-CsAegAab5g7sByAEJqQIgcRxRqiSxPqgDAcgDSKoEgQJP0AfOg6rZAic77T9iVtZczoRpPwj032K6_Vmy2RRPoJ28ZlmVhEgEF3RjRja38P0Qr7PWkYIo8zEJq0bP9Iw7nrrm49oNgtktAok9Lh8cxU8ed65EGkoFKwKA0DhYsj5qcyQojnNE8mUJx8kldjV8z5XIYoOqPwXy6RtPFGQIGbK9FUYuphdUcE8je15_jLMmi2z13PEh45YsMbbN9qjt4hQGtZxn9IFFBJEMzLBGXMwWHvG4ZCd9FLaTDZxYseQUyPgjDajU6Oj487bkbOW5SR-ZqzbkkypFFkq4i7wEY3NmdAHSbb6CEgpVEbHryV2RQ6yBYD7U1WHUZF5PrR8-TMAE4OHO3aAEkgUECAQYAZIFBAgFGASgBi6AB5PY5iSoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBRCwrJkF0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwvQFQGYFgGAFwGyFxwKGggAEhRwdWItMTIzMTY2MTYzMzQ0MDk4MBgA&sigh=BYIQlmrFciI&uach_m=[UACH]&template_id=419
Frame ID: 0590B947B1A957E6DB417DD2D0E1ECBF
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3F50D830DEE615CC3C479AEAB548938E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1576807414729870166/Heroal_D_72_970x250_DE.html
Frame ID: BEDEC5AD55299DFAC1583FCEB75D85A4
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CtzmcG1DzYu-1HJPhtweZloegBOLP-oZpuvDS2qwNwI23ARABIODi2VZglfKfgrAHoAHVvrKMA8gBCakCG6f7ei8gsT6oAwHIA0iqBPUBT9Dg9aGKqvxUZ_1MnWlF-jQze4MPJxnm9ru5opuHKsCgZb_7rflAQnO5j4JU6cYQLl1kWsr1eIFH64TDSzT5n1w5ZFUqph-NThIx4JnW2WPbSS1nH8o3iga5j2LiByxQkO4a1xHVNewiGawsU-vPyoOTdwvdvoomObDjD1OOUDuyXeFDgZ7cAiUEx0eCqsRtTw2Pgbcgop6kAO5dwz-O2vOB0nEm_CY01ri1KKoePO7d1lI_oCU_4QwL4UhoTGNHLDLyqaZC7kPJIk9I8CkCSau4pWWaQmdHTa0OkeOwUWDNyNf_yXuP2YFfk5r9qfXshiYxuDDABJXj2a7nApIFBAgEGAGSBQQIBRgEoAYugAeTwc1zqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwUQ--i2AdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTgzNjc3NDk5NTY5MTcwMDYYAA&sigh=mx72pLj6Wqw&uach_m=[UACH]&template_id=419
Frame ID: B783B59D9E006A03923504B9BC00F5F1
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs
Frame ID: 4EA5218184DC25E0F7A250452D545697
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9DFF9C6049886F14E87B525330D7FDD4
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html
Frame ID: 51B3D5866EE108AC68D119C30A609B54
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=CNkXwG1DzYpbrLY6LjuwP2_ep8AOEiZnLa83Ry4GXEI2xluSSMRABIJWbyiFglaqUgqAHoAGyisGqAcgBCakCBKNYBowIqj7gAgCoAwHIA0iqBIcCT9CNxHhsV0CuH1hr_29CFYilnjD0AuuPi9bb7IjjpSirY-MyPnbtAroidZ5gaaMifG7l2vnZYsT9rhHIfGKU5Rdz9_b6gzYGAViyIGIArqJsdQOBP_xyw3NNRKNc3zxdSbFPwlqmmz3h6eN1ywuqVYcJN4TA6rxAc2VEcirzwanexnGQn82YhO4X_8lcxYyJM9XKSzRFAbkozsEIMOuD8-9HiOBpbvZzyOkpJeyrThDg3CSxMkLlRse_bHKTnl1ieyllMrrAJ_ZG-WaJRgDmTjHe9ER2E1L0LsoYvTxBkGzErKGwGh-vf7Q63UQv9BuEdd3vuPM1Kg66hS0pZ1acDBJCyZtm24rABO6Q-POUBOAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAe29b7VAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKeoDdIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01NjIwMDcwOTkwMDU3MjgwgAoDyAsB2BMK0BUBmBYBgBcBshceChwIABIUcHViLTM4MzE4OTQ1NTkwMTQ2MTQY_fkT&sigh=lUXuVswxcZo&uach_m=[UACH]&template_id=419
Frame ID: A6333EEE4AF31FF16E3FB03CBFA48B8B
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B4048D2DF52FA3BCB637042B5E920752
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5452420620895986848/index.html
Frame ID: C7187667FA9E910CCC91A9FB40ECB3DF
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
Frame ID: D493ED35447731C90B0E7E019C0DD492
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 46CD89175F876E853FCC2F3CA65E1F92
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EF6A260E0510607CDFC6AB68EDA8EC64
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 034A84836F067DB501671061ED0BDE13
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: F47252F5158618C675DB23CE46FF6D3D
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 94D21D065BC509E64977C2C32D42AF71
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/passback_160x600.js
Frame ID: 4DB6671BC5DEA5C9AB421BB48082BDBC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F537385DD5D168C4F469646C46092E08
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 84E573D0745AC53C76334869D1A66D14
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A8AF5393AD4AED8E05D50546EC0993E4
Requests: 2 HTTP requests in this frame

Frame: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D1579A57FE639C3D7A19A84705331756
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNXBERCuvK_DAhigve7LATAB&v=APEucNUR4r-R_OKG68BtNkMepju9qhtIk7YZB2a2rwop0Wu9ufkvzPsJrvhB6sSxWuqGnCgBP4DmjT7eYF48F4T9uS8bt_8IQjhsNXGLfgc6RGUGbgCZTCBV8gSJP3oTBVxg7vJckFjiwDdM-583PUw54T9g18M9wBghuK5AaIMcZBAe4TVCFkI
Frame ID: 4AFDA66FAB65E0596EFA5BFDEB916383
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8239358F9FAC7C631CFD6E77F9191740
Requests: 6 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17514740910241995832/300x250-IG/index.html?e=69&leftOffset=0&topOffset=0&c=kl5YJw9f8f&t=1&renderingType=2&ev=01_247
Frame ID: 0EC438D03C504D57E134C2FB33EC3C16
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 901EFEFBB34D52D19AD2287C0BFA7B93
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
Frame ID: 8186B9AEB018774555445C4BC5F2D5A4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Farfesh.com | موقع فرفش

Page URL History Show full URLs

  1. http://www2.farfesh.com/ HTTP 302
    https://www2.farfesh.com/ HTTP 301
    https://www.farfeshplus.online/ HTTP 301
    https://www.farfeshplus.online/FP58.asp Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

577
Requests

97 %
HTTPS

53 %
IPv6

40
Domains

63
Subdomains

55
IPs

8
Countries

8963 kB
Transfer

18498 kB
Size

26
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www2.farfesh.com/ HTTP 302
    https://www2.farfesh.com/ HTTP 301
    https://www.farfeshplus.online/ HTTP 301
    https://www.farfeshplus.online/FP58.asp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 161
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_cnv_n-Outbrain HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_cnv_n-Outbrain&dcc=t
Request Chain 186
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENgjyK8sXY-emA5d46KD430&google_cver=1
Request Chain 187
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvNQG2SNzLmPXUfux7me6QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKG8f6lx1n11UWP6UqMCDB0&google_cver=1
Request Chain 188
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFhiVKP1z8V9owP-Byd_Mws&google_cver=1
Request Chain 189
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ4NjA5NjUxMzUzODQyMDY5
Request Chain 283
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAT102Vmx5qErHIY8USfUnk&google_cver=1
Request Chain 284
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvNQG2SNzLmPXUfux7me6QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAMQxBjDHsCdTM3uDCBrjHQ&google_cver=1
Request Chain 285
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEEtp-tZTmCs4PSrruPkZ588&google_cver=1
Request Chain 286
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ4NjA5NjUxMzUzODQyMDY5
Request Chain 292
  • https://fw.adsafeprotected.com/rfw/st/886862/62195782/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_G1DzYvb1KMeV3gPhj52ABQ&cbFunctionName=goog_wrapCb_G1DzYvb1KMeV3gPhj52ABQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.farfeshplus.online%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1231661633440980%26output%3Dhtml%26h%3D600%26slotname%3D8400035594%26adk%3D833794805%26adf%3D3132389021%26pi%3Dt.ma~as.8400035594%26w%3D160%26lmt%3D1660112923%26psa%3D0%26format%3D160x600%26url%3Dhttps%253A%252F%252Fwww.farfeshplus.online%252FFP58.asp%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1660112922945%26bpp%3D1%26bdt%3D608%26idt%3D362%26shv%3Dr20220808%26mjsv%3Dm202208040101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C120x600%252C120x600%252C336x280%26nras%3D1%26correlator%3D2329524702554%26frm%3D20%26pv%3D1%26ga_vid%3D863081066.1660112923%26ga_sid%3D1660112923%26ga_hid%3D494893594%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44763505%252C31067528%252C31068606%252C31061690%252C31068520%252C31062930%26oid%3D2%26pvsid%3D3278476289912146%26tmod%3D1693731328%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3Do%257Co%257CenEr%257C%26abl%3DNS%26pfx%3D0%26fu%3D32768%26bc%3D31%26ifi%3D4%26uci%3Da!4%26fsb%3D1%26xpc%3DmE4KS0So69%26p%3Dhttps%253A%2F%2Fwww.farfeshplus.online%26dtd%3D366&adsafe_type=d&adsafe_jsinfo=,id:11b4b122-8bbf-1083-a49e-fb935a4ae0d4,c:kRO1o8,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-8674f54cf9-g5r6x,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,an:n,oam:0,scm:grpm1,mtim:2,mot:0,app:0,maw:0,fm:te5qE9S+11%7C12%7C131%7C14%7C15%7C161%7C162%7C163%7C17*.886862-62195782%7C171%7C172%7C173%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1h%7C1i1%7C1j11%7C1k1%7C1l%7C1m,idMap:17*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:25,oid:aeaa2611-1875-11ed-864b-8e7031fc33ed,v:19.8.341,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4a.js
Request Chain 396
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEPVUOOG8pdv20jATPz7cN-w&google_cver=1&google_push=AehlK4BaCmyzYA80_Z0vajnse2Hq9xU-xZJ3qTGiSVJw6TmBr8HGdvbgKhWmqfI9YNIMZSxlYxfv72Una_Nbd7G5sentjCXsWz0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4BaCmyzYA80_Z0vajnse2Hq9xU-xZJ3qTGiSVJw6TmBr8HGdvbgKhWmqfI9YNIMZSxlYxfv72Una_Nbd7G5sentjCXsWz0&google_hm=Q0FFU0VQVlVPT0c4cGR2MjBqQVRQejdjTi13
Request Chain 399
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIm7g_5fjSM5Y_kt-9aBI58&google_cver=1&google_push=AehlK4Dr3l5yS21D7iO4K9xqDn-i2vqoo1SynTCsljDBvzegHO5eQnj8cAQ5P4IQs6Ofcfm_pbdXbvTKO1sT977vzExwaTBtLzE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZOOERFVVMtUy1GRTVP&google_push=AehlK4Dr3l5yS21D7iO4K9xqDn-i2vqoo1SynTCsljDBvzegHO5eQnj8cAQ5P4IQs6Ofcfm_pbdXbvTKO1sT977vzExwaTBtLzE
Request Chain 400
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIrFWEFZvCbPUcmk-woFNLs&google_cver=1&google_push=AehlK4A6LPGwxzvufO8lgqUo4px7euGEYVv3aKNTwbU6V1NN37Shej9UDGTsKJVUaxSjWtnwC9qWjoE8t9_IMszpbRuqmMtbLA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIrFWEFZvCbPUcmk-woFNLs&google_hm=YvNQG2SNzLmPXUfux7me6QAABGoAAAIB&google_nid=index&google_push=AehlK4A6LPGwxzvufO8lgqUo4px7euGEYVv3aKNTwbU6V1NN37Shej9UDGTsKJVUaxSjWtnwC9qWjoE8t9_IMszpbRuqmMtbLA
Request Chain 420
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 430
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 436
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 450
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 469
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 472
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 482
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 503
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 554
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAMQxBjDHsCdTM3uDCBrjHQ&google_cver=1
Request Chain 555
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvNQG2SNzLmPXUfux7me6QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAMQxBjDHsCdTM3uDCBrjHQ&google_cver=1
Request Chain 556
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEEtp-tZTmCs4PSrruPkZ588&google_cver=1
Request Chain 557
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ4NjA5NjUxMzUzODQyMDY5
Request Chain 567
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJaRubJqtEpd0XPgJ8RaR5g&google_cver=1&google_push=AehlK4CpGQRyFlKYhQ1tq7lF_TQRiTnNaWNKH7ulRl9fANATdEFsZmPurLGAVkQOxO-uN1tFs2Xsp3Eyscx1czmQmu4gK2ANkALAIw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4CpGQRyFlKYhQ1tq7lF_TQRiTnNaWNKH7ulRl9fANATdEFsZmPurLGAVkQOxO-uN1tFs2Xsp3Eyscx1czmQmu4gK2ANkALAIw
Request Chain 568
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEFlM9eUiOJ739FLoY-vuKMI&google_cver=1&google_push=AehlK4ASKMDDlbRWVOd4lBbUi6zmt8YhYHwI4LUJALTSpSsQpcQ239TMgk2-adXT3-We5-pFSfPWeW4aQbvsjRFZCbnUkq9IlgIJIQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4ASKMDDlbRWVOd4lBbUi6zmt8YhYHwI4LUJALTSpSsQpcQ239TMgk2-adXT3-We5-pFSfPWeW4aQbvsjRFZCbnUkq9IlgIJIQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFlM9eUiOJ739FLoY-vuKMI&google_cver=1&google_push=AehlK4ASKMDDlbRWVOd4lBbUi6zmt8YhYHwI4LUJALTSpSsQpcQ239TMgk2-adXT3-We5-pFSfPWeW4aQbvsjRFZCbnUkq9IlgIJIQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4ASKMDDlbRWVOd4lBbUi6zmt8YhYHwI4LUJALTSpSsQpcQ239TMgk2-adXT3-We5-pFSfPWeW4aQbvsjRFZCbnUkq9IlgIJIQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 570
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKXZgXbLbQ31HCWdYk5p2Ak&google_cver=1&google_push=AehlK4DtpLRjxBVJd3WH8MO7R9npRy1vCsSd3a0RcbCPpOyFqNVNsGoje2orIfL4M7CU4p-Vr-TOECkZeH3fmBoyiYFPuKKw10uBVg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4DtpLRjxBVJd3WH8MO7R9npRy1vCsSd3a0RcbCPpOyFqNVNsGoje2orIfL4M7CU4p-Vr-TOECkZeH3fmBoyiYFPuKKw10uBVg&google_hm=NjYwMDg1NjgxNDY2NTIxNDExMg%3D%3D

577 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request FP58.asp
www.farfeshplus.online/
Redirect Chain
  • http://www2.farfesh.com/
  • https://www2.farfesh.com/
  • https://www.farfeshplus.online/
  • https://www.farfeshplus.online/FP58.asp
196 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
e438f4dcbb7fcc347d198d1a906626132c8174dbc20dbaf639f64d0c8b322ed5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
37798
Content-Type
text/html
Date
Wed, 10 Aug 2022 06:28:42 GMT
Vary
Accept-Encoding
X-Cache
HIT
X-Cacheable
YES
age
0
cache-control
max-age=300

Redirect headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
200763
Content-Type
text/html
Date
Wed, 10 Aug 2022 06:28:41 GMT
Location
https://www.farfeshplus.online/FP58.asp
X-Cache
HIT
X-Cacheable
YES
age
0
cache-control
max-age=300
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		168 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0188fae44246f05fc19d2e525f22ee168e4899c8c2976c0689edbfd5713d67b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57401
x-xss-protection
0
server
cafe
etag
13427384409913994466
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 10 Aug 2022 06:28:42 GMT
up.js
live.demand.supply/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/up.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd28103c624fd7b94b2d3b657edb8900426f0784e47296ad07f8bb88b8d7e80c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id
01G9JHH67X6B1WCGNW8GE9XC6V
date
Wed, 10 Aug 2022 06:28:42 GMT
content-encoding
br
cf-cache-status
HIT
age
896
cf-polished
origSize=9326
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
cf-bgj
minify
server
cloudflare
etag
W/"3701fc81423322f545eaef7fc1d21859-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray
7386ac44e9939be8-FRA
link
<https://live.demand.supply/impl.v15.1.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v14-3-0/d3d3LmZhcmZlc2hwbHVzLm9ubGluZS8=>; rel=preload; as=script
farfeshheadtag.js
jscdn.greeter.me/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jscdn.greeter.me/farfeshheadtag.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
d6d673775b5bd99d9bafb2e5b1b878718c7e3ca7378f4bd981ee094e3421981c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Connection
Keep-Alive
Last-Modified
Tue, 12 Apr 2022 18:28:12 GMT
x-amz-request-id
tx000000000000003fcfa8a-0062f34473-5c96400f-fra1b
etag
"853708505eae3ce75bc5cc50bee16c69"
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1660112922.dop129.fr8.t,1660112923.cds212.fr8.shn,1660112923.dop129.fr8.t,1660112923.cds279.fr8.c
Content-Type
text/javascript
Cache-Control
max-age=616
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
7755
farfeshdyn.js
jscdn.greeter.me/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jscdn.greeter.me/farfeshdyn.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
2dfc5a3a0c0e566dcef297390bc9719e95a3387c72d98520a736dc0fdf6b18a8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Connection
Keep-Alive
Last-Modified
Thu, 31 Mar 2022 09:12:36 GMT
x-amz-request-id
tx000000000000003ec0743-0062f34431-5c8c654c-fra1b
etag
"1a312d0775fcd4936810bc9fd648e803"
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1660112922.dop129.fr8.t,1660112923.cds212.fr8.shn,1660112923.dop129.fr8.t,1660112923.cds286.fr8.c
Content-Type
text/javascript
Cache-Control
max-age=550
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
7882
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
d2054477037f12656430de0119ca2bdd04296d7cec623fd8f58c6d746637d15c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28587
x-xss-protection
0
server
sffe
etag
"1299 / 961 of 1000 / last-modified: 1660082848"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 10 Aug 2022 06:28:42 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.3.2/ 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 07 Aug 2022 15:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
227678
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19926
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 07 Aug 2023 15:14:04 GMT
jquery.timers.js
www.farfeshplus.online/s.farfesh/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.farfeshplus.online/s.farfesh/js/jquery.timers.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
d93f4f764048996df486e96b2c68f15f4f3b1c110eaff398b681c15b43aa9772

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:42 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Oct 2017 12:21:24 GMT
age
0
ETag
"4eecc5f6783bd31:0"
X-Cacheable
YES
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/x-javascript
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1311
jquery.autoScroller.js
www.farfeshplus.online/s.farfesh/js/ 		1 KB
1009 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.farfeshplus.online/s.farfesh/js/jquery.autoScroller.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
3a4fc14180ae118f278fef24fed0c73cb65bb14049d68f0f43b7041090965aa8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:42 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Oct 2017 12:21:20 GMT
age
0
ETag
"aa3575f4783bd31:0"
X-Cacheable
YES
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/x-javascript
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
655
NavigMenu.js
www.farfeshplus.online/general.files/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.farfeshplus.online/general.files/js/NavigMenu.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
cce45bed757c6288dd85428e91a2bb91927ce0f1a6cec010ac9f5db184670a7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:42 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Oct 2017 19:18:36 GMT
age
0
ETag
"628f991fc41d31:0"
X-Cacheable
YES
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/x-javascript
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2668
slick.js
www.farfeshplus.online/s.farfesh/js/ 		80 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.farfeshplus.online/s.farfesh/js/slick.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
aac9552f07e57bcbfa55fd1ecf3a698bfaf85fcba44fd1abeaf75e2ec9bc0caf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:42 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Oct 2017 07:05:02 GMT
age
0
ETag
"55b6a2c44c3bd31:0"
X-Cacheable
YES
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/x-javascript
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20028
jquery.min.js
www.farfeshplus.online/s.farfesh/js/ 		94 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.farfeshplus.online/s.farfesh/js/jquery.min.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:42 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Oct 2017 07:05:02 GMT
age
0
ETag
"4a7f43c44c3bd31:0"
X-Cacheable
YES
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/x-javascript
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42874
bootstrap.min.js
www.farfeshplus.online/s.farfesh/js/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.farfeshplus.online/s.farfesh/js/bootstrap.min.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:42 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Oct 2017 07:05:01 GMT
age
0
ETag
"a0a9e6c34c3bd31:0"
X-Cacheable
YES
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/x-javascript
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12955
CssClear1.css
www.farfeshplus.online/s.farfesh/Css/ 		74 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.farfeshplus.online/s.farfesh/Css/CssClear1.css
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
a0bec107dc5e1169feb956927f5aa851ce5aa0231f38c0c99ac23cfe7c37a770

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:42 GMT
Content-Encoding
gzip
Last-Modified
Sat, 08 Aug 2020 19:16:35 GMT
age
0
ETag
"4498996eb86dd61:0"
X-Cacheable
YES
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/css
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15905
fonts.css
www.farfeshplus.online/fontsNew/ 		1 KB
776 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.farfeshplus.online/fontsNew/fonts.css
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
90acdec7799a0f5d492c728dace212a1a401dbcc19aa8ac89fb9af5e3fdb094c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:42 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Oct 2017 07:12:17 GMT
age
0
ETag
"2672a6c74d3bd31:0"
X-Cacheable
YES
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/css
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
438
font-awesome.css
www.farfeshplus.online/fontsNew/ 		32 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.farfeshplus.online/fontsNew/font-awesome.css
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
813e08a0b6c28a3370c1b31ff8ca993a9655288f107b63425a898fe59fe4b806

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:42 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Oct 2017 07:25:01 GMT
age
0
ETag
"b9f94b8f4f3bd31:0"
X-Cacheable
YES
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/css
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7581
js
www.googletagmanager.com/gtag/ 		109 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-192956646-1
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0f67689da2d50f5d3fa9084183b2c1b4f0bf0493f0abb152266c1d6f5ac3b311
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:42 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42905
x-xss-protection
0
expires
Wed, 10 Aug 2022 06:28:42 GMT
js
www.googletagmanager.com/gtag/ 		197 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DNX5KLEBSB
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b51cacc2f0f3ba8024bf5e2b1f4a09d73c0ba3763ba1e5ad5f574feaedcba99c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:42 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72403
x-xss-protection
0
expires
Wed, 10 Aug 2022 06:28:42 GMT
jquery-latest.js
code.jquery.com/ 		276 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-latest.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:42 GMT
content-encoding
gzip
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
etag
W/"28feccc0-4508e"
vary
Accept-Encoding
x-hw
1660112922.dop015.fr8.t,1660112922.cds274.fr8.hn,1660112922.cds214.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
83875
gpt.js
www.googletagservices.com/tag/js/ 		83 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d5496e35e009243a30cfa48df116a9a917035e94551898c956b3f88bc55145c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28590
x-xss-protection
0
server
sffe
etag
"1299 / 820 of 1000 / last-modified: 1660082895"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 10 Aug 2022 06:28:42 GMT
recangelorange.png
www.farfeshplus.online/images/ 		1002 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/images/recangelorange.png
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
66bdbc6f334ad5094c875459d3a9b88c52f2f065759d45f0d5c8d0262d327ddf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:42 GMT
Last-Modified
Wed, 04 Oct 2017 17:12:10 GMT
age
0
ETag
"65ef4eea333dd31:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/png
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1002
spacer.gif
www.farfeshplus.online/images/ 		47 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/images/spacer.gif
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
414065eb8bccfeced9386a863dba180b1ab3153b18395b3bd4e855e0ee860f4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:42 GMT
Last-Modified
Wed, 31 Mar 2021 10:07:53 GMT
age
0
ETag
"affecbb61526d71:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/gif
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
47
b246243.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/b246243.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
ce68615abfb9e61c10226b2e98651f95b0343080b0678769a3bba5f89b6ef129

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:42 GMT
Last-Modified
Wed, 10 Aug 2022 06:15:07 GMT
age
0
ETag
"b073148a80acd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26686
backgroundF373x212.png
www.farfeshplus.online/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/images/backgroundF373x212.png
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
13b3d907e5f12196acef4a97be670c4c1f23b8167d03e85d25a8493f0311ee5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:42 GMT
Last-Modified
Sat, 25 Nov 2017 14:24:14 GMT
age
0
ETag
"2e262312f965d31:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/png
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8232
b246238.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/b246238.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
d02d8d87d19ae8912e7a070c65894d492d6fc2f03ed9798bc270b2d7121dc98b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Tue, 09 Aug 2022 14:22:53 GMT
age
0
ETag
"bddf8983fbabd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34548
ramadan2022-bg-blue.gif
www.farfeshplus.online/images/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/images/ramadan2022-bg-blue.gif
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
12d05b6d5e2b49c3f3fb2ded627a0e120256bfda04a08a83fd03d8db0dc1d3b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Sat, 02 Apr 2022 13:50:12 GMT
age
0
ETag
"d3b235939846d81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/gif
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
61270
ramadan2021.gif
www.farfeshplus.online/images/ 		183 KB
183 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/images/ramadan2021.gif
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
2c4f0bcb699b110d5cb89f843d624dda1bc7a5af9e41d26d1b67259f152f7a17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Sat, 02 Apr 2022 10:57:07 GMT
age
0
ETag
"27bf1648046d81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/gif
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
187539
twittericon.png
www.farfeshplus.online/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/images/twittericon.png
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
9edd827965a6e1332c3aac5d7d0cc16269f4536a33817f25cb92703f5953c836

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Mon, 02 Oct 2017 06:57:13 GMT
age
0
ETag
"675912ad4b3bd31:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/png
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1362
246240.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/246240.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
918659b2fe0c1db380be965d9297531fe01f9e1620e5bd82c789536a201219b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Tue, 09 Aug 2022 14:50:03 GMT
age
0
ETag
"ceadef4effabd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21143
246239.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/246239.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
7b99dd3a4c094f53e0fd89b146adb9458d64c1d6ac5b2e51774e3c1f276cf8b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Tue, 09 Aug 2022 14:40:20 GMT
age
0
ETag
"24fb1cf3fdabd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26635
246241.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/246241.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
c5d034d8d1ead860a1b8325f818c9afa94e376ef1d6775d3ebe9d16c58a1e64e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Tue, 09 Aug 2022 15:05:02 GMT
age
0
ETag
"936479661acd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35196
246242.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/246242.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
e3cdd746cc2c3f3cd99335244d3a96d46c469483365b90cae8dae19f42860f62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Tue, 09 Aug 2022 19:55:27 GMT
age
0
ETag
"bd31b6f829acd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19026
b246237.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/b246237.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
c3f6c8e9ca5e662dbdc7a3762d717aba29803eee3b4f039cbc2f16135522f446

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Tue, 09 Aug 2022 14:04:46 GMT
age
0
ETag
"1c112ffbf8abd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
72111
b246236.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/b246236.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
9bd70ccdba8dde45e48b28bf7460bf01e0f21b048f94a33c041648849ed02f08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Tue, 09 Aug 2022 13:50:44 GMT
age
0
ETag
"35ca445f7abd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42485
b246233.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/b246233.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
78900e4e9068c8e5b0db08b4203f29204fe0683f35596971f73596f3608f0948

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Tue, 09 Aug 2022 12:54:14 GMT
age
0
ETag
"617bb820efabd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34523
b246235.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/b246235.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
8452942ed5f585058adfc48e2cd76dfd930521fbc9bbc88382330fcf30b79a86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Tue, 09 Aug 2022 13:39:32 GMT
age
0
ETag
"205aeb74f5abd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31742
rightarrow15.png
www.farfeshplus.online/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/images/rightarrow15.png
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
dc9b9b710d984c7d3a1e6dfa70e03d31ce299040beb02b0ad6608d2eac9eda01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Mon, 02 Oct 2017 06:56:46 GMT
age
0
ETag
"85e3b49c4b3bd31:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/png
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1244
1896.jpg
www.farfeshplus.online/ramadanimages/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/ramadanimages/1896.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
089dbe7c23474898fb6283daf81b3cd24809f97f615002ad72eac711db540589

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Mon, 04 Jul 2022 08:51:36 GMT
age
0
ETag
"42c9e744838fd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15596
1898.jpg
www.farfeshplus.online/ramadanimages/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/ramadanimages/1898.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
f8380389699f8698cd62ded2caf2294354ce25f76d6f468c643eec84a218bcdb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Thu, 21 Jul 2022 08:59:54 GMT
age
0
ETag
"22a3dd3ee09cd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14192
1899.jpg
www.farfeshplus.online/ramadanimages/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/ramadanimages/1899.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
2f83c059fe628d108ce6accf80400acd0acfc8201776fc0204edad70ca2cbfc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Thu, 21 Jul 2022 08:59:54 GMT
age
0
ETag
"824e03ee09cd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19754
leftarrow15.png
www.farfeshplus.online/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/images/leftarrow15.png
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
984bf139d47c34ecb84a5ab9e3c9dacca8e4aa0217a73a2a5e4dece072eeebf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Mon, 02 Oct 2017 06:56:24 GMT
age
0
ETag
"4bbbe48f4b3bd31:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/png
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1265
Eid-Almilad.jpg
images.farfeshplus.online/singers_images/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.farfeshplus.online/singers_images/Eid-Almilad.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.174 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
174.205.interhost.co.il
Software
nginx/0.7.65 /
Resource Hash
cda44b86ab1d4b251e41df6c6f3d1e3efa3a73e630c6c79ebcaabe6e65147e95

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Sat, 21 Sep 2013 22:30:34 GMT
Server
nginx/0.7.65
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33900
Expires
Wed, 17 Aug 2022 06:28:43 GMT
easter_s.jpg
images.farfeshplus.online/singers_images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.farfeshplus.online/singers_images/easter_s.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.174 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
174.205.interhost.co.il
Software
nginx/0.7.65 /
Resource Hash
bb820666b483dac59f85def4ea49edac67954b4359b1183a5e6bd6ee031fa048

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Sat, 15 Mar 2008 23:31:10 GMT
Server
nginx/0.7.65
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6514
Expires
Wed, 17 Aug 2022 06:28:43 GMT
couple-valentines-day_s.jpg
images.farfeshplus.online/singers_images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.farfeshplus.online/singers_images/couple-valentines-day_s.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.174 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
174.205.interhost.co.il
Software
nginx/0.7.65 /
Resource Hash
effad215e1d5940720e49f2653f1e7201330f9877b65293ae14fee6a90efe91b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Thu, 11 Feb 2010 17:11:55 GMT
Server
nginx/0.7.65
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5822
Expires
Wed, 17 Aug 2022 06:28:43 GMT
Haflat-Takharroj.jpg
images.farfeshplus.online/singers_images/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.farfeshplus.online/singers_images/Haflat-Takharroj.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.174 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
174.205.interhost.co.il
Software
nginx/0.7.65 /
Resource Hash
27925065d33095653c2bc9040eb529f106f0eb6236263a15915ee3c75c33fb11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Fri, 20 Feb 2015 17:56:32 GMT
Server
nginx/0.7.65
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31311
Expires
Wed, 17 Aug 2022 06:28:43 GMT
Aayad-Milad.jpg
images.farfeshplus.online/singers_images/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.farfeshplus.online/singers_images/Aayad-Milad.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.174 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
174.205.interhost.co.il
Software
nginx/0.7.65 /
Resource Hash
b2aacc8fcb4e2a4803c92e5697bff78f91193ff22c2072850b5ffc786cc4b6fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Sat, 21 Sep 2013 22:26:48 GMT
Server
nginx/0.7.65
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34867
Expires
Wed, 17 Aug 2022 06:28:43 GMT
mother-day_s.jpg
images.farfeshplus.online/singers_images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.farfeshplus.online/singers_images/mother-day_s.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.174 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
174.205.interhost.co.il
Software
nginx/0.7.65 /
Resource Hash
6c4a0e0f904f05949387a622da12999ca9451e4fe248bc3cc33d611466f94981

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Sat, 15 Mar 2008 23:30:15 GMT
Server
nginx/0.7.65
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5485
Expires
Wed, 17 Aug 2022 06:28:43 GMT
b246234.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/b246234.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
0c67367731c6a34bfa860580cd4a5902d54d99b14a7f733ca1be13a6fe6d7678

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Tue, 09 Aug 2022 13:30:41 GMT
age
0
ETag
"72236c38f4abd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25866
b246232.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/b246232.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
50446c71ceb50da05427a213e11a2b9c2b3dac57ed1fe4af8ebb282470672eff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Tue, 09 Aug 2022 12:36:27 GMT
age
0
ETag
"d49a0a5ecabd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
39082
b246231.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/b246231.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
78d8c97602e3385a9d31943cc4719afdb191a15be3965143960a31d5408b0fb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Tue, 09 Aug 2022 04:48:17 GMT
age
0
ETag
"aca3c43dababd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
38333
b246230.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/b246230.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
e713ee7c367c67d7f5da882d7be771a5aac5f43375ff7666cc1027c5c37b5b43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Tue, 09 Aug 2022 04:43:48 GMT
age
0
ETag
"fdd0a19daaabd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12482
b246229.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/b246229.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
21e4b5e7b98be139b22face383c7edd99a4eb95892f12c85aca5ffa6a2c10914

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Tue, 09 Aug 2022 04:40:05 GMT
age
0
ETag
"8dc99918aaabd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
47118
b246228.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/b246228.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
043fcf99da99ebba01042cf4afc8afc9abc84a510b52198cc85051dc7d1b5fd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Tue, 09 Aug 2022 04:24:02 GMT
age
0
ETag
"ff8bbedaa7abd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43383
b246222.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/b246222.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
29d19526c9a4e5ee721439c93c96cec5c9ce4c4a3e033bb333545b3cd5d5b6b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Mon, 08 Aug 2022 09:42:16 GMT
age
0
ETag
"8df4f424babd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
52881
b246227.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/b246227.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
e5f043797ad4660c40f7f38977eee90c13668d234052e89b9e170a7e5d72ae06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Mon, 08 Aug 2022 17:06:17 GMT
age
0
ETag
"be78972c49abd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37130
borjakfarfesh.jpg
www.farfeshplus.online/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/images/borjakfarfesh.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
6a5154bc76054450e38b7c60d0137cb161b53b726bb696b0fbd356a63b26db8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Fri, 13 Sep 2019 08:41:03 GMT
age
0
ETag
"f8b256fae6ad51:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3798
hapendtoday.jpg
www.farfeshplus.online/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/images/hapendtoday.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
7a9bd5e35a62f5749877795ff4430de2f4543e3a9bf60fc4368b1e34569226e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Mon, 02 Sep 2019 18:28:32 GMT
age
0
ETag
"72527439bc61d51:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5294
E-178199-20151120115957-1.jpg
images.farfeshplus.online/stories_images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.farfeshplus.online/stories_images/E-178199-20151120115957-1.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.174 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
174.205.interhost.co.il
Software
nginx/0.7.65 /
Resource Hash
552d2a8d8ca36821f304f196d543ef85641b22d556f549bad91deca4ffdebef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Fri, 20 Nov 2015 09:59:56 GMT
Server
nginx/0.7.65
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11384
Expires
Wed, 17 Aug 2022 06:28:43 GMT
news.png
www.farfeshplus.online/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/images/news.png
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
5c0454751b67d2cb1181486a5987ba0d3aecda39cca53bf51d23705fdb20c6bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Sat, 25 Nov 2017 18:19:16 GMT
age
0
ETag
"51c261e71966d31:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/png
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3319
246223.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/246223.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
c2d452411bb9fcaf2f7743758b5856eb2429dc8eb79c37f38b223209ffb09161

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Mon, 08 Aug 2022 10:02:23 GMT
age
0
ETag
"9d1c68f4dabd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25808
246224.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/246224.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
ddd426287e38fba1384b717adf07989a4a582fe010239da0843c7f26012adf7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Mon, 08 Aug 2022 10:17:14 GMT
age
0
ETag
"ec80ed710abd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
46712
246215.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/246215.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
4a1b1fe664f7b5245ee4004d44849642d47642c155f68a269d0d6006e62d09ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Mon, 08 Aug 2022 07:39:46 GMT
age
0
ETag
"328f328faaad81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23505
entertainment.png
www.farfeshplus.online/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/images/entertainment.png
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
e4e51ad380478c9873d5ea61348986d0874c2cbe4406fd46b43b0f107f5150b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Sat, 25 Nov 2017 18:19:16 GMT
age
0
ETag
"6fdb55e71966d31:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/png
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3387
246226.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/246226.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
c6e08e707b748fd83c9b8f493db89f1cb0231390aa02a294f1469cae38545ab5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Mon, 08 Aug 2022 16:42:57 GMT
age
0
ETag
"73e036ea45abd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17284
246221.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/246221.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
acc86dcc8af614253a9292ae8940037da0a79d32b259f8415c603aa1024ed4c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Mon, 08 Aug 2022 09:31:51 GMT
age
0
ETag
"1732cfb09abd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22482
246220.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/246220.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
cc788b49be81ed82d93fb1a05b588c1e537ac514a395503af9c2fc1b18a01cc7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Mon, 08 Aug 2022 09:10:24 GMT
age
0
ETag
"4e52d8b16abd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25400
world.png
www.farfeshplus.online/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/images/world.png
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
6cb13cab2b0f024fef0f4604fc58761383645dce17a443b16a37b151f8eb9b95

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Sat, 25 Nov 2017 18:19:16 GMT
age
0
ETag
"309e5ae71966d31:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/png
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3791
246217.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/246217.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
8bae478809f16d42ab1fa485486f0b06879c9df3fc47d5b7e6c7703f48689a5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Mon, 08 Aug 2022 07:56:15 GMT
age
0
ETag
"b1eda55fcaad81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26342
246218.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/246218.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
1502d2e19beb65aed367e78a8ee5d7ee14c82e693636988fc7780ca741793a75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Mon, 08 Aug 2022 08:10:00 GMT
age
0
ETag
"e6c6a241feaad81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
38743
246212.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/246212.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
4d6af4a8993801d072d43f6918d244dad865c87b9c661b72bbe09c9bb0078a08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Mon, 08 Aug 2022 07:02:45 GMT
age
0
ETag
"91d6edcf4aad81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27951
health.png
www.farfeshplus.online/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/images/health.png
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
f5b92ca86bc0cbf1aed51d9dc96f80eaa2eccfec08083c8f316ae643f0c13a95

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Sat, 25 Nov 2017 18:19:16 GMT
age
0
ETag
"f0605fe71966d31:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/png
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3495
246225.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/246225.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
d799661141d7e532bfca5a2eeb7eeeac0b56a24d424fe2bab1ea77b3cfd50e19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Mon, 08 Aug 2022 16:25:00 GMT
age
0
ETag
"4245d46743abd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
38898
246211.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/246211.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
2c147841f7b87a116369a6cd00eaf59f3c47f7bf0168572c8b2e02b4539fe69b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Mon, 08 Aug 2022 06:39:10 GMT
age
0
ETag
"a2b83591f1aad81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29354
246198.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/246198.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
2ac9db087c0f213e861b7b5a9edcd8ab73ba19f2ee899c18b7e9217dff3ecad9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Sun, 07 Aug 2022 09:25:19 GMT
age
0
ETag
"5b18749c3faad81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37820
women.png
www.farfeshplus.online/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/images/women.png
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
d9f5159bdce22970954434465e61b0bbcaaef31dd427d8d6baf1233b5575b5ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Sat, 25 Nov 2017 18:19:16 GMT
age
0
ETag
"118566e71966d31:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/png
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4213
246219.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/246219.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
555af24634857aaa6269bc23322154d1ab50855303f11641fed885a54e04c5a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Mon, 08 Aug 2022 08:45:29 GMT
age
0
ETag
"7aeab5363abd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19310
246205.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/246205.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
fd532191facfaedc55c4cb5fdce483a1c214c9401bd6e9adc7b366c33cb5e6b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Sun, 07 Aug 2022 10:50:56 GMT
age
0
ETag
"319371924baad81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24573
246204.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/246204.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
58360c965ec385066ff2942e4f318757849c4fd3fe2277ceb2359f8246c04fcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Sun, 07 Aug 2022 10:39:04 GMT
age
0
ETag
"d2a3e1e949aad81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24852
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/ 		340 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e86d031bc1966161d41bc3984c648a614cbdce8fc421528c762ec5e25fc4eb3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122756
x-xss-protection
0
server
cafe
etag
12914141924937663093
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 10 Aug 2022 06:28:42 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220808/r20190131/ Frame 9D2A 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220808/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.farfeshplus.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
28711
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 22:30:11 GMT
etag
8616628553774171045
expires
Tue, 23 Aug 2022 22:30:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
impl.v15.1.0.js
live.demand.supply/ 		78 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/impl.v15.1.0.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2161790304578add0b3f6b09c8c0f9fde6ac3343d69570696e67c67dad0587c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id
01G9JGC4SF2CTRKXGFMFC505EP
date
Wed, 10 Aug 2022 06:28:42 GMT
content-encoding
br
cf-cache-status
HIT
age
560641
cf-polished
origSize=79748
cf-ray
7386ac456a5d9be8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"65772cc2934985b44975eb066669ea16-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
d3d3LmZhcmZlc2hwbHVzLm9ubGluZS8=
live.demand.supply/p4/v14-3-0/ 		964 B
603 B 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/p4/v14-3-0/d3d3LmZhcmZlc2hwbHVzLm9ubGluZS8=
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
555eb4c0aefacdb9eaac9c59debe2fee03db5d4ffe0bf195e16a9400311d2064

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:42 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
7386ac456a5f9be8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?e=ll&d=105&cs=c&dsReferer=aHR0cHM6Ly93d3cuZmFyZmVzaHBsdXMub25saW5lL0ZQNTguYXNw
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id
01G7ZPWH81GAPF7W0DSP0JFQJ5
date
Wed, 10 Aug 2022 06:28:42 GMT
cf-cache-status
HIT
age
2263042
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7386ac458ec2bb8f-FRA
d3d3LmZhcmZlc2hwbHVzLm9ubGluZS9GUDU4LmFzcA==
live.demand.supply/p4/v14-3-0/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/p4/v14-3-0/d3d3LmZhcmZlc2hwbHVzLm9ubGluZS9GUDU4LmFzcA==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2e90c9c8fbbbfa403cbf4494e864806a46c55a644fa5cd2030e83ed7d91a1f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:42 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
7386ac4858d89bca-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ds.2.html
live.demand.supply/ 		413 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/ds.2.html
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id
01G5VK5R36XVJ1F5B17BD67DMT
date
Wed, 10 Aug 2022 06:28:42 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
timing-allow-origin
*
age
1550441
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
cf-ray
7386ac458ebfbb8f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
apstag.js
c.amazon-adsystem.com/aax2/ 		159 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
925ed48219a2d3c339c5d288fdae3f965efbca0e5ee4e369b7dcbb04b6ade06f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 10 Aug 2022 06:15:03 GMT
content-encoding
gzip
last-modified
Mon, 08 Aug 2022 18:50:55 GMT
server
AmazonS3
age
821
etag
W/"52a6bc60961c702869c58b9d159c8e37"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront), 1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-P3
x-amz-cf-id
qOMAL-N1aACNSbMTWjT7GMK7xqTW581GEJIj6A_gSJFUJEv4JsKhbg==
uamp.1.json
live.demand.supply/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/uamp.1.json?&dsReferer=aHR0cHM6Ly93d3cuZmFyZmVzaHBsdXMub25saW5lL0ZQNTguYXNw
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
561aec52e5ec804ee143532298b8677dcf6da42fec6541484f50cdb94611d65b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id
01G9ZH7VVB22WGMP7K2Z671FKN
date
Wed, 10 Aug 2022 06:28:42 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
121559
etag
W/"1fc8f68f3ba466af63e5051421ce91a0-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
cf-ray
7386ac458ec5bb8f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bootstrap.min.css
www.farfeshplus.online/s.farfesh/Css/ 		118 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.farfeshplus.online/s.farfesh/Css/bootstrap.min.css
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/s.farfesh/Css/CssClear1.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/s.farfesh/Css/CssClear1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:42 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Oct 2017 12:06:51 GMT
age
0
ETag
"af7da4ee763bd31:0"
X-Cacheable
YES
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/css
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27695
atrk.js
certify-js.alexametrics.com/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://certify-js.alexametrics.com/atrk.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-30.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sat, 28 May 2022 01:59:52 GMT
Via
1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
Age
6409732
ETag
"d89453438fbf10dcf4c13265c40d5160"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=26920000
X-Amz-Cf-Pop
FRA56-P7
Accept-Ranges
bytes
Content-Length
4255
X-Amz-Cf-Id
yi0DLGVEMev73BQ1YzEVosJeJnwtAEfUzH3hZi5wpXk_EO99AAVLvw==
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e505a99569c6963a08a5354523be51ee2aaa4049fa60b94696decdc741bffd8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
v+K6MkBMwCzbVpSvGdQKyA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1685
x-fb-rlafr
0
x-fb-debug
aNHQ6wZNdLEC9ldiS+zCSuUilrc2Rut3jyJpyBGiCnDSDvKUbVpCb3yXRY2b+pIUNuZoITX+QwhUa8MYwq1gxA==
x-fb-trip-id
686109401
x-fb-content-md5
45d90a4ecbb34c856c92682156238336
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 10 Aug 2022 06:28:43 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"d0f8e8e14c77ca7b492eb1c0c64412e1"
timing-allow-origin
*
expires
Wed, 10 Aug 2022 06:47:51 GMT
farfeshplusmasterBR.jpg
www.farfeshplus.online/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/images/farfeshplusmasterBR.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/s.farfesh/Css/CssClear1.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
ac7b85c89057a31981b2af0d754be1b67ab4af30d0d0b99e3088ea38562e2f38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/s.farfesh/Css/CssClear1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:42 GMT
Last-Modified
Thu, 05 Oct 2017 06:29:33 GMT
age
0
ETag
"ca42b54ea33dd31:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3887
farfeshplasmasterlogo215x54.new.jpg
www.farfeshplus.online/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/images/farfeshplasmasterlogo215x54.new.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/s.farfesh/Css/CssClear1.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
8a4ff76232f9c5b9a8829282a44f96a88ad7c45f64ac597228805b1e8e6074ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/s.farfesh/Css/CssClear1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:42 GMT
Last-Modified
Sat, 25 Nov 2017 14:02:31 GMT
age
0
ETag
"a910839f665d31:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8143
search1.jpg
www.farfeshplus.online/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/images/search1.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/s.farfesh/Css/CssClear1.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
fa40f4a8ee08b163e5c78cd66b81799e23cb9a95ee661c1218a11fc6f3d02431

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/s.farfesh/Css/CssClear1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Sat, 14 Oct 2017 15:06:45 GMT
age
0
ETag
"c9f9f7cfe44d31:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1641
orang_back2.jpg
www.farfeshplus.online/images/ 		403 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/images/orang_back2.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
e1ef7800360b198e12835c27f1b5c5f7c331f6110c9488266b9d3a138943f37b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/FP58.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Mon, 02 Oct 2017 06:56:39 GMT
age
0
ETag
"89f580984b3bd31:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
403
thesansarabic-plain-webfont.woff2
www.farfeshplus.online/fontsNew/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://www.farfeshplus.online/fontsNew/thesansarabic-plain-webfont.woff2
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/fontsNew/fonts.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash

Request headers

Referer
https://www.farfeshplus.online/fontsNew/fonts.css
Origin
https://www.farfeshplus.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
X-Cacheable
YES
age
0
X-Cache
HIT
Content-Type
text/html; charset=utf-8
cache-control
max-age=300
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7355
pubads_impl_2022080401.js
securepubads.g.doubleclick.net/gpt/ 		381 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js?cb=31068846
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
e9c45dea6d149ac4de08c8a5af38836a97d0c08144d2f1858247748b29615da3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 11:44:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67424
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132985
x-xss-protection
0
last-modified
Thu, 04 Aug 2022 08:38:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 09 Aug 2023 11:44:59 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		395 B
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.farfeshplus.online
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
fa8106520faa0e9ec978fd5012eb4afd22c8a1775d1d09c89cf657fe7b06f93a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Aug 2022 06:28:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
176
x-xss-protection
0
expires
Wed, 10 Aug 2022 06:28:43 GMT
sdb.css
live.demand.supply/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/css/sdb.css
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id
01G5X9MEJA2ND5BDKK5JMD0E7S
date
Wed, 10 Aug 2022 06:28:43 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
1463579
etag
W/"16d586d96127e73f8750e4b067951d11-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
max-age=2592000,immutable,stale-if-error=604800
cf-ray
7386ac49099a9bca-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
farfeshplus.online_728x90_sticky_display_bottom_new-sticky-right
live.demand.supply/cp/ 		29 B
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/farfeshplus.online_728x90_sticky_display_bottom_new-sticky-right?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aHR0cHM6Ly93d3cuZmFyZmVzaHBsdXMub25saW5lL0ZQNTguYXNw
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.1.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59e870bda64b6bce6549dcc64c48b63654c64fb42a7bb34f5f4d28d48fc054f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
7386ac490abdbb8f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29
farfeshplus.online_728x90_sticky_display_bottom_stiky-bottom
live.demand.supply/cp/ 		30 B
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/farfeshplus.online_728x90_sticky_display_bottom_stiky-bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aHR0cHM6Ly93d3cuZmFyZmVzaHBsdXMub25saW5lL0ZQNTguYXNw
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.1.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cd84c9312be3bdd53a62ee8a1a7ca5f90e2131a139905b9d2d13adce0e318d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
7386ac490abebb8f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30
farfeshplus.online_fluid_lb_farfesh728x90
live.demand.supply/cp/ 		31 B
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/farfeshplus.online_fluid_lb_farfesh728x90?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aHR0cHM6Ly93d3cuZmFyZmVzaHBsdXMub25saW5lL0ZQNTguYXNw
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.1.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
242cdaebdfa17e49c6135d974abe58b3dfdd98ed8aa2bca64d9838b44f6a30e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
7386ac490abfbb8f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31
js
www.googletagmanager.com/gtag/ 		200 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9NTBGJYJES&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-192956646-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3ce7b54170967680a14d6c53762436f8e19c6174e8c90e082420f653dce35fe5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:43 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73066
x-xss-protection
0
expires
Wed, 10 Aug 2022 06:28:43 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-192956646-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5203
date
Wed, 10 Aug 2022 05:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 10 Aug 2022 07:02:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		222 B
419 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.farfeshplus.online&callback=_gfp_s_&client=ca-pub-1231661633440980
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
b87b087902a91c8227ad1a391d43219abb4725af454d2856c2541b10b81cdfa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
204
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.farfeshplus.online
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Aug 2022 06:28:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.farfeshplus.online
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Aug 2022 06:28:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&tn=DIV&cls=demand-supply__sd%20demand-supply__sd--bottom&ign=false&pw=1600&ph=1200&x=800&y=1130.4
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 2993 		19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&adk=1812271804&adf=3025194257&lmt=1660112923&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922918&bpp=11&bdt=581&idt=175&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2329524702554&frm=20&pv=2&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=190
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef9577bde6f616a309fd2f8525f866bc82ee040eefbea1d009770b5fe1f0a51a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.farfeshplus.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
5221
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 06:28:43 GMT
expires
Wed, 10 Aug 2022 06:28:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
352 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-DNX5KLEBSB&gtm=2oe880&_p=494893594&cid=863081066.1660112923&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660112923&sct=1&seg=0&dl=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&dt=Farfesh.com%20%7C%20%D9%85%D9%88%D9%82%D8%B9%20%D9%81%D8%B1%D9%81%D8%B4&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DNX5KLEBSB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.farfeshplus.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
thesansarabic-plain-webfont.woff
www.farfeshplus.online/fontsNew/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://www.farfeshplus.online/fontsNew/thesansarabic-plain-webfont.woff
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/fontsNew/fonts.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash

Request headers

Referer
https://www.farfeshplus.online/fontsNew/fonts.css
Origin
https://www.farfeshplus.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
X-Cacheable
YES
age
0
X-Cache
HIT
Content-Type
text/html; charset=utf-8
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7353
ads
googleads.g.doubleclick.net/pagead/ Frame 2ED7 		79 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=600&slotname=7260452004&adk=1988084761&adf=854766408&pi=t.ma~as.7260452004&w=120&lmt=1660112923&psa=0&format=120x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922943&bpp=1&bdt=606&idt=213&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2329524702554&frm=20&pv=2&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=25RoGZ341m&p=https%3A//www.farfeshplus.online&dtd=219
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cbc11a4cca0873bc5eb909d2377e4c16aae92b7874dba89f746302b7ba301529
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.farfeshplus.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
29705
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 06:28:43 GMT
expires
Wed, 10 Aug 2022 06:28:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
config
c.amazon-adsystem.com/cdn/prod/ 		386 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.farfeshplus.online&pubid=66ef05f7-ad53-48f6-873a-ac7543370392
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
Server /
Resource Hash
cf99cfb5ddd705ffb0ca32e221ab207947968503732683f40f6751a40baf1898

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 04:38:24 GMT
via
1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
server
Server
age
6619
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.farfeshplus.online
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P3
content-length
386
x-amz-cf-id
K5Gvk8a7cbwIG8axD1bixpayrk4WV5vee9cC02RG8NXR3xxxfrugPA==
bid
c.amazon-adsystem.com/e/dtb/ 		165 B
641 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&pid=thXqxflBiTDDr&cb=0&ws=1600x1200&v=22.8.42053&t=2000&slots=%5B%7B%22sd%22%3A%22farfeshplus.online_728x90_sticky_display_bottom_new-sticky-right%22%2C%22s%22%3A%5B%22160x600%22%5D%7D%5D&pubid=66ef05f7-ad53-48f6-873a-ac7543370392&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
Server /
Resource Hash
9ed73b0c68e22a13cea6aa55c7613dc4b93d75214e1f61b1b633fb9d97db0680
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:43 GMT
via
1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
YT3XYXN157KFJQCYNS3P
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.farfeshplus.online
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
165
x-amz-cf-id
WaXy_jRmRFujGtS5AK5sSCVw1Qy8bQwp3ij0OQPOMkjRUGsu5V887Q==
bid
c.amazon-adsystem.com/e/dtb/ 		165 B
641 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&pid=thXqxflBiTDDr&cb=1&ws=1600x1200&v=22.8.42053&t=2000&slots=%5B%7B%22sd%22%3A%22farfeshplus.online_728x90_sticky_display_bottom_stiky-bottom%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&pubid=66ef05f7-ad53-48f6-873a-ac7543370392&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
Server /
Resource Hash
4cda659884d023300f2ea181771a02c3aabe478c3e803be26ce68be70856b9a9
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:43 GMT
via
1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
JGVGYRZWTDJ7ZYX0SVP9
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.farfeshplus.online
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
165
x-amz-cf-id
7JzFl4VyfnzEX1Al0RJbzDsJ5Li9gHyMIbpjCKiqO0LdqeUXabv3wg==
bid
c.amazon-adsystem.com/e/dtb/ 		165 B
639 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&pid=thXqxflBiTDDr&cb=2&ws=1600x1200&v=22.8.42053&t=2000&slots=%5B%7B%22sd%22%3A%22farfeshplus.online_auto_728x90_sticky_display_bottom%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&pubid=66ef05f7-ad53-48f6-873a-ac7543370392&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
Server /
Resource Hash
a699e069b935c660a54c50f3b59c70f5e602fb93d3877d4b93583c2799464060
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:43 GMT
via
1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
FTQTX35XC3280DH4GSZQ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.farfeshplus.online
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
165
x-amz-cf-id
ucLAilmyTAy84aObF-6cvtSTP8kbsi1Wk8WXqvIcd6Dj1l5gg08TDw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
JXufo2ctue2uysHllG2MRpKE8F0E4.a0
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
29254
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 03 Aug 2022 22:19:11 GMT
server
AmazonS3
date
Tue, 09 Aug 2022 22:21:10 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
zbRCYwcnguOD1-4OPOBXAnFid2BQfWwpRSlGHp9sytJHsZnalVop-w==
ads
securepubads.g.doubleclick.net/gampad/ 		97 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3278476289912146&correlator=3301161530553240&eid=31068846%2C31061690%2C31068520%2C31062930&output=ldjh&gdfp_req=1&vrg=2022080401&ptt=17&impl=fifs&iu_parts=44890869%3A14363285%2Cca-pub-3831894559014614-tag%2Ca5520160-301d-47df-9863-5f4d53a6f95d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=10&adks=2742040516&sfv=1-0-38&ists=1&fas=8&fsapi=false&prev_scp=ti%3Da683aaf6-8d0e-4279-b003-98d6543a4e4e%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D90&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1660112923241&lmt=1660112923&dlt=1660112922337&idt=875&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js?cb=31068846
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
feb41a4217ae4da14021cb9e84a811930059867a0802c85b825b7f241da8b028
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26849
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.farfeshplus.online
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E27E 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js?cb=31068846
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.farfeshplus.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 06:28:43 GMT
expires
Thu, 10 Aug 2023 06:28:43 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2022080401.js
securepubads.g.doubleclick.net/gpt/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022080401.js?cb=31068846
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js?cb=31068846
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
897b0eda2eb5e7df39acd929ba9f3f0b30d84594239cef6874c91aabff9e3f98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 10:48:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
157228
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13600
x-xss-protection
0
last-modified
Thu, 04 Aug 2022 08:38:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 08 Aug 2023 10:48:15 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		7 KB
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3278476289912146&correlator=3301161530553240&eid=31068846%2C31061690%2C31068520%2C31062930&output=ldjh&gdfp_req=1&vrg=2022080401&ptt=17&impl=fifs&iu_parts=60345044%2CNew_Pirsom_Top%2CFarfeshplus_Disply_Adsense%2CFarfeshplus_Adsense_120x600%2CFarfeshplus_Adsense_160x600%2CFarfeshplus_Adsense_300x250%2CFarfeshplus_Adsense_300x600%2CFarfeshplus_Adsense_320x100%2CFarfeshplus_Adsense_320x50%2CFarfeshplus_Adsense_728x90%2CFarfeshplus_Adsense_970x250%2CFarfeshplus_Adsense_970x90%2CFarfeshplus_Adsense_Mobile_300x250%2CFarfeshplus_Adsense_Mobile_320x100%2CFarfeshplus_Adsense_Mobile_320x50%2CFarfeshplus_Adsense_1x1%2CFarfeshplus_Adsense_2x2&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5%2C%2F0%2F1%2F2%2F6%2C%2F0%2F1%2F2%2F7%2C%2F0%2F1%2F2%2F8%2C%2F0%2F1%2F2%2F9%2C%2F0%2F1%2F2%2F10%2C%2F0%2F1%2F2%2F11%2C%2F0%2F1%2F2%2F12%2C%2F0%2F1%2F2%2F13%2C%2F0%2F1%2F2%2F14%2C%2F0%2F1%2F2%2F15%2C%2F0%2F1%2F2%2F16&prev_iu_szs=120x600%2C160x600%2C300x250%2C300x600%2C320x100%2C320x50%2C728x90%2C970x250%2C970x90%2C300x250%2C320x100%2C320x50%2C1x1%2C2x2&ifi=11&adks=1526976730%2C1651502043%2C3656393900%2C4154195829%2C2147660256%2C3973651019%2C3130311824%2C2170074160%2C2951505691%2C1626958939%2C1572793433%2C287711858%2C897820444%2C3574112895&sfv=1-0-38&fsapi=false&cust_params=amznbid%3D1%26amznp%3D1&sc=1&cookie_enabled=1&abxe=1&dt=1660112923256&lmt=1660112923&dlt=1660112922337&idt=875&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1&ucis=2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&frm=20&vis=1&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&fws=2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js?cb=31068846
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e148991f8a9bbcb602cf5dccf5cc86b5417d48cd99e7038968d1294f9d1a530d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
427
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.farfeshplus.online
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		370 KB
120 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3278476289912146&correlator=3301161530553240&eid=31068846%2C31061690%2C31068520%2C31062930&output=ldjh&gdfp_req=1&vrg=2022080401&ptt=17&impl=fifs&iu_parts=14363285%2Cfarfesh1%2Cfarfeshplus2%2Cfarfeshplus160x600%2Cfarfeshplus970%2Cplus1%2Cplusmobile1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F6&prev_iu_szs=728x90%2C336x280%2C160x600%2C970x90%2C300x600%2C300x250%2C300x250&ifi=25&adks=776271603%2C3322378304%2C2979733013%2C824285408%2C2632367365%2C110824952%2C3481022382&sfv=1-0-38&fsapi=false&cust_params=amznbid%3D1%26amznp%3D1&sc=1&cookie_enabled=1&abxe=1&dt=1660112923259&lmt=1660112923&dlt=1660112922337&idt=875&adxs=-9%2C-9%2C1020%2C-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C3505%2C-9%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C1%7C-1%7C-1%7C-1%7C-1&ucis=g%7Ch%7Ci%7Cj%7Ck%7Cl%7Cm&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&frm=20&vis=1&psz=0x-1%7C0x-1%7C160x600%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C160x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&fws=2%2C2%2C4%2C2%2C2%2C2%2C2&ohw=0%2C0%2C1600%2C0%2C0%2C0%2C0&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js?cb=31068846
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
1b35871aecd23c2b4d17ccf35785b546ae3011e8551d2c54beb79fc68d241c18
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/index.html?v=b208246486;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/index.html?v=b208246486;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJXG08jSu_kCFQvJdwodOvcJzA&gqi=&layout=/sadbundle/%24csp%253Der3%24/850270515666222008/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/index.html?v=b208246486;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/index.html?v=b208246486;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJXG08jSu_kCFQvJdwodOvcJzA&gqi=&layout=/sadbundle/%24csp%253Der3%24/850270515666222008/index.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1,-1,-1,-1,-1,-1,-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122984
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1,-1,-1
pragma
no-cache
server
cafe
date
Wed, 10 Aug 2022 06:28:43 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.farfeshplus.online
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		3 KB
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3278476289912146&correlator=3301161530553240&eid=31068846%2C31061690%2C31068520%2C31062930&output=ldjh&gdfp_req=1&vrg=2022080401&ptt=17&impl=fifs&iu_parts=21806386006%2CPA_FP_TOP%2CFP.com&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=300x250%2C468x60%2C320x50%2C728x90%2C160x600%7C120x600%7C300x600%2C1x1%2C1x1&ifi=32&adks=2224618779%2C4108430986%2C2669165439%2C3470492618%2C14602686%2C1112794037%2C1112794038&sfv=1-0-38&ists=1&fsapi=false&cust_params=amznbid%3D1%26amznp%3D1&sc=1&cookie_enabled=1&abxe=1&dt=1660112923263&lmt=1660112923&dlt=1660112922337&idt=875&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1&ucis=n%7Co%7Cp%7Cq%7Cr%7Cs%7Ct&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&frm=20&vis=1&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&fws=2%2C2%2C2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js?cb=31068846
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
bd2095b011c0d67cf8b867c5e56caeaf30eb675195419e4c008344b28b4e05f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
312
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.farfeshplus.online
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
atrk.gif
certify.alexametrics.com/ 		43 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Farfesh.com%20%7C%20%D9%85%D9%88%D9%82%D8%B9%20%D9%81%D8%B1%D9%81%D8%B4&time=1660112923274&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&random_number=13866144847&sess_cookie=859362511828670ea89d3b4b594&sess_cookie_flag=1&user_cookie=859362511828670ea89d3b4b594&user_cookie_flag=1&dynamic=true&domain=farfeshplus.online&account=FnJwi1aUS/00MS&jsv=20130128&user_lang=en-US
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-55.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 05:09:09 GMT
Via
1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
4972
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
FRA60-P1
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
MVDCryAPJc2mac5bvwopc-q9201ANI1nvwxzlKcwqrIMPUx92XsXmg==
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.119.62.241 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-62-241.us-east-2.compute.amazonaws.com
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:43 GMT
server
Server
ads
googleads.g.doubleclick.net/pagead/ Frame 3A55 		436 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=3827245123&adk=203976336&adf=54630664&pi=t.ma~as.3827245123&w=120&lmt=1660112923&psa=0&format=120x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922944&bpp=1&bdt=607&idt=331&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IHvfmFgPD1&p=https%3A//www.farfeshplus.online&dtd=333
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
34cd2db00c567f11e4d61fbafd2b1fe65a1e663b2d9de40533de20db60a0a073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.farfeshplus.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 06:28:43 GMT
expires
Wed, 10 Aug 2022 06:28:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=farfeshplus.online_fluid_lb_farfesh728x90&pdc=0.024090151676688227&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly93d3cuZmFyZmVzaHBsdXMub25saW5lL0ZQNTguYXNw
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.1.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id
01G7ZPWH81GAPF7W0DSP0JFQJ5
date
Wed, 10 Aug 2022 06:28:43 GMT
cf-cache-status
HIT
age
2263043
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7386ac4a9d11bb8f-FRA
bid
c.amazon-adsystem.com/e/dtb/ 		165 B
641 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&pid=thXqxflBiTDDr&cb=3&ws=1600x1200&v=22.8.42053&t=2000&slots=%5B%7B%22sd%22%3A%22farfeshplus.online_fluid_lb_farfesh728x90%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&pubid=66ef05f7-ad53-48f6-873a-ac7543370392&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
Server /
Resource Hash
31896f8d72716c4ddb86fd8400363e7c2c531a526052840c573c740c45f34ae7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:43 GMT
via
1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
KQV95ZZH354CB0XCHG3Z
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.farfeshplus.online
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
165
x-amz-cf-id
S3l5obXXklr5ZvEUC0ETBGGPyzx6V53HV4OHm9MoLucAnBEuEcfyPA==
id5-api.js
cdn.id5-sync.com/api/1.0/ 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af44d280920264564147250d0841eebf33288a04c932c182c06ec21600a228c2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:43 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
2436
x-amz-server-side-encryption
AES256
x-amz-request-id
9JX0RKGHVV5W42MP
x-amz-id-2
15HOUoEJCHY+1utSwM72MJU0ZQLqtL4XKhDkFy6TnIaG8KpMAd+QK+DqzTi9BUQrV2DGKcC5l7A=
last-modified
Wed, 27 Jul 2022 15:06:46 GMT
server
cloudflare
etag
W/"a49d5e2684c7e5d488d526ca41c2f3e3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7386ac4bc92d6910-FRA
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=farfeshplus.online_728x90_sticky_display_bottom_new-sticky-right&pdc=0.5524959228940748&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly93d3cuZmFyZmVzaHBsdXMub25saW5lL0ZQNTguYXNw
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.1.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id
01G7ZPWH81GAPF7W0DSP0JFQJ5
date
Wed, 10 Aug 2022 06:28:43 GMT
cf-cache-status
HIT
age
2263043
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7386ac4a9d21bb8f-FRA
all.js
connect.facebook.net/en_US/ 		299 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=7e8b20ec9812677ed7f69cefb2dba460
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0d6746c7248aa903ecf97e6b71c8c81b10f9ad49a5c77dedfa49aff77be940ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.farfeshplus.online/
Origin
https://www.farfeshplus.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
NcxTDpqbubCPRxhl4wCA6A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86250
x-fb-rlafr
0
x-fb-debug
tY8ddqrUdQBVP7/2fWM3ogzVHlzB3gz2iuT2nCstnkZCtjGrzL2ioC3NnpjOAZy5NV3oXzp0krA21NaTLsRehg==
x-fb-content-md5
118a41674e121cc4272949a99eab91ce
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 10 Aug 2022 06:28:43 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"9d52a21c222c5bb1a709c1155f5009a4"
timing-allow-origin
*
priority
u=3,i
expires
Wed, 09 Aug 2023 16:34:50 GMT
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=farfeshplus.online_728x90_sticky_display_bottom_stiky-bottom&pdc=0.31020781073944614&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly93d3cuZmFyZmVzaHBsdXMub25saW5lL0ZQNTguYXNw
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.1.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id
01G7ZPWH81GAPF7W0DSP0JFQJ5
date
Wed, 10 Aug 2022 06:28:43 GMT
cf-cache-status
HIT
age
2263043
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7386ac4aad33bb8f-FRA
ads
googleads.g.doubleclick.net/pagead/ Frame A0FD 		111 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=280&slotname=9134183485&adk=3378407940&adf=438727914&pi=t.ma~as.9134183485&w=336&lmt=1660112923&psa=0&format=336x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923300&bpp=1&bdt=963&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=3262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=39&uci=a!13&btvi=1&fsb=1&xpc=4MUJuJ2tiO&p=https%3A//www.farfeshplus.online&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
88f7a95d7936fdd87f077cdc042ae78b2bd206342905eaa0b758aa9e7bad0229
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIP81MjSu_kCFRdbGAod1QwOug&gqi=G1DzYsqoE8TIgAedn6-oDw&layout=/sadbundle/%24csp%253Der3%24/4990041485613105039/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.farfeshplus.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
43051
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIP81MjSu_kCFRdbGAod1QwOug&gqi=G1DzYsqoE8TIgAedn6-oDw&layout=/sadbundle/%24csp%253Der3%24/4990041485613105039/index.html
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 06:28:43 GMT
expires
Wed, 10 Aug 2022 06:28:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2503 		18 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=8400035594&adk=833794805&adf=3132389021&pi=t.ma~as.8400035594&w=160&lmt=1660112923&psa=0&format=160x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922945&bpp=1&bdt=608&idt=362&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600%2C336x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mE4KS0So69&p=https%3A//www.farfeshplus.online&dtd=366
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
96f89ccaa9691f589914f0a82e81865ffa6ddc3c1a4017a16095b7aeedea7a5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.farfeshplus.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9784
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 06:28:43 GMT
expires
Wed, 10 Aug 2022 06:28:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-9NTBGJYJES&gtm=2oe880&_p=494893594&cid=863081066.1660112923&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660112923&sct=1&seg=0&dl=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&dt=Farfesh.com%20%7C%20%D9%85%D9%88%D9%82%D8%B9%20%D9%81%D8%B1%D9%81%D8%B4&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9NTBGJYJES&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.farfeshplus.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.farfeshplus.online
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Aug 2022 06:28:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.farfeshplus.online
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Aug 2022 06:28:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D25A 		48 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=250&slotname=2097210043&adk=239546933&adf=1297813666&pi=t.ma~as.2097210043&w=300&lmt=1660112923&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923349&bpp=1&bdt=1012&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1760ac1a23b33a3-228f92b8e9cd00b3%3AT%3D1660112923%3ART%3D1660112923%3AS%3DALNI_MYsepQxJ79h40_6v6XfVTRdIlpAyw&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=40&uci=a!14&btvi=2&fsb=1&xpc=JXW3qJF5H0&p=https%3A//www.farfeshplus.online&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d80270fca800211f69c6daf5166d3a8245d8aac8c236b158709cb6b5a39406c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.farfeshplus.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-expose-headers
x-google-amp-ad-validated-version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
11298
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 06:28:43 GMT
expires
Wed, 10 Aug 2022 06:28:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame BEED 		133 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=2065248459&adk=1530395088&adf=1056458448&pi=t.ma~as.2065248459&w=300&lmt=1660112923&psa=0&format=300x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922945&bpp=1&bdt=607&idt=412&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1760ac1a23b33a3-228f92b8e9cd00b3%3AT%3D1660112923%3ART%3D1660112923%3AS%3DALNI_MYsepQxJ79h40_6v6XfVTRdIlpAyw&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ZhN9XgVK8W&p=https%3A//www.farfeshplus.online&dtd=415
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4daebe1b8920f9738e281da8af6b780e98c1dce00311fe3ed07e69d2a3efa69
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13842806366495536883/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13842806366495536883/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COPE2MjSu_kCFTkFewodOZYAdA&gqi=G1DzYqLeFtqIgAec47e4BA&layout=/sadbundle/%24csp%253Der3%24/13842806366495536883/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.farfeshplus.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
45218
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13842806366495536883/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13842806366495536883/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COPE2MjSu_kCFTkFewodOZYAdA&gqi=G1DzYqLeFtqIgAec47e4BA&layout=/sadbundle/%24csp%253Der3%24/13842806366495536883/index.html
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 06:28:43 GMT
expires
Wed, 10 Aug 2022 06:28:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=494893594&t=pageview&_s=1&dl=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&ul=en-us&de=windows-1256&dt=Farfesh.com%20%7C%20%D9%85%D9%88%D9%82%D8%B9%20%D9%81%D8%B1%D9%81%D8%B4&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1515440977&gjid=603398878&cid=863081066.1660112923&tid=UA-192956646-1&_gid=418760737.1660112923&_r=1&gtm=2ou880&z=2112682371
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.farfeshplus.online/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.farfeshplus.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
thesansarabic-plain-webfont.ttf
www.farfeshplus.online/fontsNew/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.farfeshplus.online/fontsNew/thesansarabic-plain-webfont.ttf
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/fontsNew/fonts.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.18.205.182 Gan Yavne, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
29284b45a7fc45684d9643d2da72c9010f383f7cb63a82c783913719b266e0d2

Request headers

Referer
https://www.farfeshplus.online/fontsNew/fonts.css
Origin
https://www.farfeshplus.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:43 GMT
Last-Modified
Mon, 02 Oct 2017 07:12:27 GMT
age
0
ETag
"d5e299cd4d3bd31:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
application/octet-stream
cache-control
max-age=300
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
51232
ads
securepubads.g.doubleclick.net/gampad/ 		112 KB
43 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3278476289912146&correlator=2970025914872234&eid=31068846%2C31061690%2C31068520%2C31062930&output=ldjh&gdfp_req=1&vrg=2022080401&ptt=17&impl=fifs&iu_parts=44890869%3A14363285%2Cca-pub-3831894559014614-tag%2Cdfee78fb-3146-4dbb-a33c-a0f0783824c3&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&ifi=41&adks=2962285566&sfv=1-0-38&fsapi=false&prev_scp=ti%3Da683aaf6-8d0e-4279-b003-98d6543a4e4e%26bid%3D0.51%26bid-p%3Dgoogle%26bsc%3D90&eri=1&sc=1&cookie=ID%3D45e7d6a8bb8793e1-22d66c73edcd0093%3AT%3D1660112923%3AS%3DALNI_MYXeiuBPn3vG1k3IwtX9_PetJ57Hg&abxe=1&dt=1660112923394&lmt=1660112923&dlt=1660112922337&idt=875&adxs=1440&adys=300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=u&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js?cb=31068846
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
cb1828e7d954e97e37d4eef3a5f19f4396d17613254be1c941ccd1012cfc6e27
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6379025172620985042/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6379025172620985042/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMWu28jSu_kCFZandwodolYCcA&gqi=&layout=/sadbundle/%24csp%253Der3%24/6379025172620985042/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6379025172620985042/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6379025172620985042/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMWu28jSu_kCFZandwodolYCcA&gqi=&layout=/sadbundle/%24csp%253Der3%24/6379025172620985042/index.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43843
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
date
Wed, 10 Aug 2022 06:28:43 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.farfeshplus.online
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_paw&pvsid=3278476289912146&vrg=2022080401&nw_id=60345044%2C21806386006%2C14363285%2C__extra__&nslots=31&eid=31068846%2C31061690%2C31068520%2C31062930&pub_url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&sig=0&req=0&req_cnt=6&dm=8
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		50 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3278476289912146&correlator=182074805980499&eid=31068846%2C31061690%2C31068520%2C31062930&output=ldjh&gdfp_req=1&vrg=2022080401&ptt=17&impl=fifs&iu_parts=44890869%3A14363285%2Cca-pub-3831894559014614-tag%2C8352ff33-492e-47e6-bebc-b9879885141c&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=42&adks=1704484574&sfv=1-0-38&fsapi=false&prev_scp=ti%3Da683aaf6-8d0e-4279-b003-98d6543a4e4e%26bid%3D0.13%26bid-p%3Dgoogle%26bsc%3D90&eri=1&sc=1&cookie=ID%3D45e7d6a8bb8793e1-22d66c73edcd0093%3AT%3D1660112923%3AS%3DALNI_MYXeiuBPn3vG1k3IwtX9_PetJ57Hg&abxe=1&dt=1660112923400&lmt=1660112923&dlt=1660112922337&idt=875&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=v&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=1600&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js?cb=31068846
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
02b15fe2dd379519a9481c1a201eb5c11892c18d33127822ab4bdf69c715843e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12419
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.farfeshplus.online
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
hb_323303_12961.js
player.aplhb.adipolo.com/prebidlink/461142/ 		1 B
228 B 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aplhb.adipolo.com/prebidlink/461142/hb_323303_12961.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/farfeshheadtag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:43 GMT
last-modified
Mon, 08 Aug 2022 12:55:19 GMT
server
nginx
etag
"62f107b7-1"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
1
expires
Wed, 10 Aug 2022 07:28:43 GMT
wrapper_hb_323303_12961.js
player.aplhb.adipolo.com/prebidlink/461142/ 		127 B
352 B 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aplhb.adipolo.com/prebidlink/461142/wrapper_hb_323303_12961.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/farfeshheadtag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
5ea995481d7dfddb5307f94aedabe955e8bdd9ba40b925007532997185cd35c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:43 GMT
content-encoding
gzip
last-modified
Mon, 08 Aug 2022 12:54:42 GMT
server
nginx
etag
W/"62f10792-7f"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Wed, 10 Aug 2022 07:28:43 GMT
adipolo_logo.png
adipolo.com/wp-content/uploads/2020/06/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adipolo.com/wp-content/uploads/2020/06/adipolo_logo.png
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10353748
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7068
last-modified
Tue, 02 Jun 2020 09:04:16 GMT
server
cloudflare
etag
"5ed61610-1b9c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OYXHWihHSiN2lunZ6j3fBn%2FxrWimZ%2F6o%2FBI1TJfj3cB9JI54PQ8UtA2XAf4TQ3IE5oscH8LZAX%2FRDCGUu%2BV7d%2BXlOJ68kUKLutzxgm78zHgEJFvzl%2FnLfuaxXVnQq6jpkC3w0tNeOJJdGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7386ac4c2cd6bb95-FRA
ads
googleads.g.doubleclick.net/pagead/ Frame 20D5 		110 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=250&slotname=6076681977&adk=2278793534&adf=3181854402&pi=t.ma~as.6076681977&w=300&lmt=1660112923&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923419&bpp=1&bdt=1082&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600&nras=1&correlator=2329524702554&frm=20&pv=2&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4778&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=43&uci=a!17&btvi=3&fsb=1&xpc=S9xagpeohj&p=https%3A//www.farfeshplus.online&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
35056c1afa8c32f713f9ce76056402ea38c11c1c3fdc3b12a420122699fb97c5
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CK-a3MjSu_kCFdjOsgodMbENtQ&gqi=G1DzYrjGGpP4gAez_Y7YCw&layout=/sadbundle/%24csp%253Der3%24/4990041485613105039/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.farfeshplus.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
42691
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CK-a3MjSu_kCFdjOsgodMbENtQ&gqi=G1DzYrjGGpP4gAez_Y7YCw&layout=/sadbundle/%24csp%253Der3%24/4990041485613105039/index.html
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 06:28:43 GMT
expires
Wed, 10 Aug 2022 06:28:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5885 		131 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1738279810&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1660112923&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922966&bpp=2&bdt=629&idt=464&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=ZnV6vXKrNG&p=https%3A//www.farfeshplus.online&dtd=467
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e9e7402255ed620555809c90523c8111a4eb51832cc31e6008838ba33ed54bf
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1576807414729870166/Heroal_D_72_970x250_DE.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1576807414729870166/Heroal_D_72_970x250_DE.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CK-v3MjSu_kCFZPw7QodGcsBRA&gqi=G1DzYs-WG9HH7gPJ-LSgAg&layout=/sadbundle/%24csp%253Der3%24/1576807414729870166/Heroal_D_72_970x250_DE.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.farfeshplus.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
44481
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1576807414729870166/Heroal_D_72_970x250_DE.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1576807414729870166/Heroal_D_72_970x250_DE.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CK-v3MjSu_kCFZPw7QodGcsBRA&gqi=G1DzYs-WG9HH7gPJ-LSgAg&layout=/sadbundle/%24csp%253Der3%24/1576807414729870166/Heroal_D_72_970x250_DE.html
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 06:28:44 GMT
expires
Wed, 10 Aug 2022 06:28:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3EEB 		120 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3713237092&pi=t.ma~as.5788561387&w=728&lmt=1660112923&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922975&bpp=3&bdt=637&idt=491&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=963&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ip6Eyayggw&p=https%3A//www.farfeshplus.online&dtd=493
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7642527fb293d111c8eb43947e492b75dd9359ba85810cd2e0e0ee56b3d98b67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.farfeshplus.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-expose-headers
x-google-amp-ad-validated-version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
19466
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 06:28:44 GMT
expires
Wed, 10 Aug 2022 06:28:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4907 		112 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3622919201&pi=t.ma~as.5788561387&w=728&lmt=1660112923&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922989&bpp=3&bdt=651&idt=522&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280%2C728x90&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1563&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=SoA8VOiTCe&p=https%3A//www.farfeshplus.online&dtd=525
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fcf2dc7e2e6221d073f0de71af49dac328118d24dfa61b3efce7a88b33871261
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5452420620895986848/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5452420620895986848/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMbi4cjSu_kCFUSIsgodCSIGuQ&gqi=G1DzYt2PII-2x_APxMWC8AE&layout=/sadbundle/%24csp%253Der3%24/5452420620895986848/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.farfeshplus.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
43472
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5452420620895986848/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5452420620895986848/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMbi4cjSu_kCFUSIsgodCSIGuQ&gqi=G1DzYt2PII-2x_APxMWC8AE&layout=/sadbundle/%24csp%253Der3%24/5452420620895986848/index.html
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 06:28:44 GMT
expires
Wed, 10 Aug 2022 06:28:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 2ED7 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=600&slotname=7260452004&adk=1988084761&adf=854766408&pi=t.ma~as.7260452004&w=120&lmt=1660112923&psa=0&format=120x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922943&bpp=1&bdt=606&idt=213&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2329524702554&frm=20&pv=2&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=25RoGZ341m&p=https%3A//www.farfeshplus.online&dtd=219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 06:22:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 10 Aug 2022 06:28:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Aug 2022 06:28:43 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 2ED7 		2 KB
983 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=600&slotname=7260452004&adk=1988084761&adf=854766408&pi=t.ma~as.7260452004&w=120&lmt=1660112923&psa=0&format=120x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922943&bpp=1&bdt=606&idt=213&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2329524702554&frm=20&pv=2&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=25RoGZ341m&p=https%3A//www.farfeshplus.online&dtd=219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 05:46:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2561
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 05:46:02 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/ Frame 2ED7 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=600&slotname=7260452004&adk=1988084761&adf=854766408&pi=t.ma~as.7260452004&w=120&lmt=1660112923&psa=0&format=120x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922943&bpp=1&bdt=606&idt=213&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2329524702554&frm=20&pv=2&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=25RoGZ341m&p=https%3A//www.farfeshplus.online&dtd=219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
637
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9660
x-xss-protection
0
server
cafe
etag
13823643058518418725
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 06:18:06 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 2ED7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=600&slotname=7260452004&adk=1988084761&adf=854766408&pi=t.ma~as.7260452004&w=120&lmt=1660112923&psa=0&format=120x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922943&bpp=1&bdt=606&idt=213&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2329524702554&frm=20&pv=2&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=25RoGZ341m&p=https%3A//www.farfeshplus.online&dtd=219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:01:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1639
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 06:01:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2ED7 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=600&slotname=7260452004&adk=1988084761&adf=854766408&pi=t.ma~as.7260452004&w=120&lmt=1660112923&psa=0&format=120x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922943&bpp=1&bdt=606&idt=213&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2329524702554&frm=20&pv=2&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=25RoGZ341m&p=https%3A//www.farfeshplus.online&dtd=219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44011
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659958456967243"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Aug 2022 06:28:43 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 2ED7 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=600&slotname=7260452004&adk=1988084761&adf=854766408&pi=t.ma~as.7260452004&w=120&lmt=1660112923&psa=0&format=120x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922943&bpp=1&bdt=606&idt=213&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2329524702554&frm=20&pv=2&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=25RoGZ341m&p=https%3A//www.farfeshplus.online&dtd=219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 05:32:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3378
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7596
x-xss-protection
0
server
cafe
etag
12715132177492665634
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 05:32:25 GMT
8b4497fa63e027c9bb788e6248932fc0.js
www.gstatic.com/mysidia/ Frame 2ED7 		32 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8b4497fa63e027c9bb788e6248932fc0.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=600&slotname=7260452004&adk=1988084761&adf=854766408&pi=t.ma~as.7260452004&w=120&lmt=1660112923&psa=0&format=120x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922943&bpp=1&bdt=606&idt=213&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2329524702554&frm=20&pv=2&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=25RoGZ341m&p=https%3A//www.farfeshplus.online&dtd=219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 22:29:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
547147
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13370
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 21:59:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 01 Nov 2022 22:29:36 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.farfeshplus.online
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Aug 2022 06:28:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.farfeshplus.online
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Aug 2022 06:28:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 08DE 		75 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1966580796&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1660112923&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923008&bpp=7&bdt=670&idt=527&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280%2C728x90%2C728x90&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=2497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=RIA4frzf2s&p=https%3A//www.farfeshplus.online&dtd=535
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
43042a463b67481a52fa4fd63c07d65bf068e9c2aa2e90073b61c55d168cb6e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.farfeshplus.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-expose-headers
x-google-amp-ad-validated-version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
18284
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 06:28:44 GMT
expires
Wed, 10 Aug 2022 06:28:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=382287608570983&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=7e8b20ec9812677ed7f69cefb2dba460
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
BqpqWZohk0eFWR7Id11GYvTwKrldSg0Ao81BPWhWp/mSVi04DUaa6Hor5RQ7ksULcXfNynBPPob7KWtqThfJIw==
fb-s
unknown
date
Wed, 10 Aug 2022 06:28:43 GMT
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.farfeshplus.online
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
e.js
live.demand.supply/x/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=fs&dsReferer=aHR0cHM6Ly93d3cuZmFyZmVzaHBsdXMub25saW5lL0ZQNTguYXNw
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.1.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id
01G5QK65E5BCC6Q567N3C0V0PB
date
Wed, 10 Aug 2022 06:28:43 GMT
cf-cache-status
HIT
age
1538922
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7386ac4c4f20bb8f-FRA
iu3
aax-eu.amazon-adsystem.com/s/ Frame AD31
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_cnv_n-Outbrain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_cnv_n-Outbrain&dcc=t
65 B
686 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_cnv_n-Outbrain&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.farfeshplus.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
65
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 10 Aug 2022 06:28:43 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
B4SM4NMEK6RFE2RZGFD7

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Wed, 10 Aug 2022 06:28:43 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_cnv_n-Outbrain&dcc=t
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
GMHQXSZ0RAB5KQXF0499
esp.js
cdn.id5-sync.com/api/1.0/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js?cb=31068846
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf019a1e03162a3ab267c3dc07d7eb9b1ddb76ce703755c49a7ca9edbd1d87db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:43 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
2430
x-amz-server-side-encryption
AES256
x-amz-request-id
EFW46WRE6EPSEFJA
x-amz-id-2
f/2AfHZsI6GiuE6lReLZW3bkiVxSpr3dkeCNNR/OmJog8UTDB515G9JX5Jw7J4vy0655f4EDs8c=
last-modified
Wed, 27 Jul 2022 15:06:46 GMT
server
cloudflare
etag
W/"ce8697e279fcae53e3ebebe92f9e8909"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7386ac4c59c16910-FRA
container.html
6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4676 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js?cb=31068846
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.farfeshplus.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 06:28:43 GMT
expires
Thu, 10 Aug 2023 06:28:43 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.2&b=3&r=farfeshplus.online_auto_interstitial_desktop&sy=74a526a9-a05c-4046-9127-e941198f809b&ts=90&cd=2&pud=105&pus=c&pue=2286&pid=22&pis=c&pie=2319&ppd=64&pps=a&ppe=2361&pad=75&pas=c&pae=2254&pcl=3398&ttc=2866&tti=3420&ttif=0&lca=2361&lcak=ppe&lct=2361&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.farfeshplus.online&mlre=undefined&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=a683aaf6-8d0e-4279-b003-98d6543a4e4e&e=lm&dsReferer=aHR0cHM6Ly93d3cuZmFyZmVzaHBsdXMub25saW5lL0ZQNTguYXNw
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.1.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id
01G7ZPWH81GAPF7W0DSP0JFQJ5
date
Wed, 10 Aug 2022 06:28:43 GMT
cf-cache-status
HIT
age
2263043
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7386ac4c7f5dbb8f-FRA
adview
googleads.g.doubleclick.net/pagead/ Frame 2ED7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C1QpSG1DzYtenDMuNywWFy63ICuPRgo5i5Izji4MPjreH094gEAEgrYmDJmCV8p-CsAegAa_4lPwCyAEJqQIgcRxRqiSxPqgDAcgDywSqBO8BT9D8omLxf56-Ybnxj2YLYA3uvvx2H3xedLKnVwmMu1qLy1ZnK9Fk9g1SXzSJ2h4lke4LAdHhbhQmcLnnKqLEdap8EheUKGHs977m5HLrg0hb4pyp79jff5b63HB5Ul3DWMePQLNdulPJ7L47z36wKM_t7iOuAwQuq3PRdHugkPWjqau-wlK2cq1T__TdbIEtXmXz-eaSFUgXOwOR_XgelMTg2DxNgDNzt2MmIESjszisda9ZAB7aVYAlyDtxDGcKE1RZlc1chf8pPSHEqCFgZUBJUqPhERaQQ8dDiG3JLGjHJfP0apNcA8dLxqECCt3ABMyekNTzAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAe5h-uDAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDEKZ40ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMMiBQB0BUBmBYBgBcBshccChoIABIUcHViLTYyNjYzMTMxOTAwODcxNzMYAA&sigh=0NzumhgLhNk&uach_m=[UACH]&template_id=484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=600&slotname=7260452004&adk=1988084761&adf=854766408&pi=t.ma~as.7260452004&w=120&lmt=1660112923&psa=0&format=120x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922943&bpp=1&bdt=606&idt=213&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2329524702554&frm=20&pv=2&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=25RoGZ341m&p=https%3A//www.farfeshplus.online&dtd=219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=600&slotname=7260452004&adk=1988084761&adf=854766408&pi=t.ma~as.7260452004&w=120&lmt=1660112923&psa=0&format=120x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922943&bpp=1&bdt=606&idt=213&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2329524702554&frm=20&pv=2&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=25RoGZ341m&p=https%3A//www.farfeshplus.online&dtd=219
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 10 Aug 2022 06:28:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
like.php
web.facebook.com/plugins/ Frame 9F37 		0
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://web.facebook.com/plugins/like.php?action=like&app_id=382287608570983&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df21dfa9d84cc45%26domain%3Dwww.farfeshplus.online%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.farfeshplus.online%252Ff1d88958d5c0b6%26relation%3Dparent.parent&container_width=100&href=https%3A%2F%2Fwww.farfeshplus.online%2F&layout=button&locale=en_US&sdk=joey&share=true&show_faces=false&size=small&width=50
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=7e8b20ec9812677ed7f69cefb2dba460
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:800e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.farfeshplus.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://web.facebook.com/csp/reporting/?minimize=0;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 10 Aug 2022 06:28:43 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
nel
{"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/web.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/web.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
x-content-type-options
nosniff
x-fb-debug
p41gTUz+XFLIo3S8Rq4WliopLLN6g+4TQnlkOPrtQJX/Zz//d4BV9ANSJHru8JdeMX9O4tx776nMyEmFjOjb/A==
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2503 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B4mGRqXzIQRHwaNDbgF285V5yCSJvhY9lyUIdwtIeKXjaTulh_SHSDPCPq4Slb8LiD3c8_4ioGINmwQsp-kWxHY8Y1UkaClTlCnvNZBacccCdqKP8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=8400035594&adk=833794805&adf=3132389021&pi=t.ma~as.8400035594&w=160&lmt=1660112923&psa=0&format=160x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922945&bpp=1&bdt=608&idt=362&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600%2C336x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mE4KS0So69&p=https%3A//www.farfeshplus.online&dtd=366
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 2503 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=8400035594&adk=833794805&adf=3132389021&pi=t.ma~as.8400035594&w=160&lmt=1660112923&psa=0&format=160x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922945&bpp=1&bdt=608&idt=362&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600%2C336x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mE4KS0So69&p=https%3A//www.farfeshplus.online&dtd=366
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:01:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1639
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 06:01:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2503 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=8400035594&adk=833794805&adf=3132389021&pi=t.ma~as.8400035594&w=160&lmt=1660112923&psa=0&format=160x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922945&bpp=1&bdt=608&idt=362&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600%2C336x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mE4KS0So69&p=https%3A//www.farfeshplus.online&dtd=366
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44011
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659958456967243"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Aug 2022 06:28:43 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 2503 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=8400035594&adk=833794805&adf=3132389021&pi=t.ma~as.8400035594&w=160&lmt=1660112923&psa=0&format=160x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922945&bpp=1&bdt=608&idt=362&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600%2C336x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mE4KS0So69&p=https%3A//www.farfeshplus.online&dtd=366
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 05:59:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1769
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7596
x-xss-protection
0
server
cafe
etag
12715132177492665634
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 05:59:14 GMT
l
www.google.com/ads/measurement/ Frame 2503 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRfw_skb1F8YQ9c4ZgN7VMClAsFxoRer-oMAVh8h1dUY6IEEtD9vzo7HeNox4rPDFkmXfr97olcED5moBBg7Ke1nsfRCw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=8400035594&adk=833794805&adf=3132389021&pi=t.ma~as.8400035594&w=160&lmt=1660112923&psa=0&format=160x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922945&bpp=1&bdt=608&idt=362&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600%2C336x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mE4KS0So69&p=https%3A//www.farfeshplus.online&dtd=366
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
45304f215410bd82f9bd333bf646b18e488d6ba86b1b9fc6fea6d50a1048d677

Request headers

Referer
https://www.farfeshplus.online/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.farfeshplus.online
date
Wed, 10 Aug 2022 06:28:42 GMT
transfer-encoding
chunked
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
pixel
googleads.g.doubleclick.net/xbbe/ Frame 402A 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYnuqZyAEwAQ&v=APEucNUA8I-ucbuj_c-cMUecQshzd_x5PfnY_Dlw6cSOhko9cz5HQmrst7uQbmYBSsEsV-_pSfzCTsaRKc46PNcuhxAa_QCpTw9n6Nj8l6sm-0RQLNWXfQg0eyaUEORbFCox4jIvUKSUwB14AqlRFVpC24BW34kwZFIuujlTy8HaNOljpbJKpD4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=8400035594&adk=833794805&adf=3132389021&pi=t.ma~as.8400035594&w=160&lmt=1660112923&psa=0&format=160x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922945&bpp=1&bdt=608&idt=362&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600%2C336x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mE4KS0So69&p=https%3A//www.farfeshplus.online&dtd=366
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=8400035594&adk=833794805&adf=3132389021&pi=t.ma~as.8400035594&w=160&lmt=1660112923&psa=0&format=160x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922945&bpp=1&bdt=608&idt=362&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600%2C336x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mE4KS0So69&p=https%3A//www.farfeshplus.online&dtd=366
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 06:28:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 2503 		101 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DL7KVgP0Mmc2zFw0yGxIH4CPqC-82SD22ex6aNChxShEzsulWGoUo35UynefAb8SCBD1oPCbS2IObMot6ZVRmslmSy_lacRY_Vx3NWAJXcr2NznOvwFecIyS7h5AMDfWSYbHZgmRqzajeQh0U5D6Q2BgwBOw&dbm_d=AKAmf-BI8wIqeCRTL4txR3ynswqB9Scl08qsQXAoaFd0KmHVPLnpzNdHqMcH_1vrTkjmmCeA-oLyqga88Al6E1UGBN3xuArI25r7kLWGrz1qVqHCBunEwEpPinR3MX3z15hooQeqdQXs-2j8fQyKfrUThKacD0mrg9XfEfym6QXzB25KfLufsax86DkEyzEDMThRHa0TFaY87xY6lkj-DVj_6-P1cVouaetlTpZLSjaCJJsUYPMtz9sGseP3M3SsZWYRbOUEoV9vj3UJ90tuqCOw3A3AIR_p3IC_RjtwzFhJeqB65Ak9e02hYHdzZvfgrwYuIxtci7lbcgCRBa43RtS81ZxVa_BAWXsdodtXYGg8akldY01QL6Bn793pJxFB19nc2pToYcNCd_L6L2wRqNuRV7PO3D_ryAk1MKY_YPftS66cqYTlc2fk67L_0stEqhQHo2Eq7JLV7Q8e8MOesIXiLmhfc973bCS5nL8Luc1M_NTWtGIfghs0-FKOCVPwnimQcHpoGRMhuvcaZK8sYa88NTiFjVHmSStMR0smXRM1prYVLnHT02sicb7qIcafU_DsXY7Liv5SrrcuaStCmqlYI3LZr1MBw7xIqsdwIT6AC2ZaKRwQNGkNknmkyjNgrvpBSbb4yqwUuxG9bFZzhqYAW5S7Z5qWeCzq3ar0GoLyX7-eY6U6l0UpaUyory9fpz6vaXwhkNNVaDqfkvW69ftBq8RBWctumlYIUzfvryjO7BroILSMu_Gdu1F-zyuNATKgLdzp3eqIVengWNsyjTHM6WQOoVXfSBKOZzUgSfW3eQw3vy9pm1Mf3gWnn97sdlDMo754JHToAPNWov25wFRFdKBupcmDX7IWpZmRaoWQYb6zEiegT4C5lm0u6pHYuJvq16MiIMEPdmfpM0XttNyk9BiHGpDrLCuhNa6mQuNRkcHszPzGCdxcB93yFvDN_THdgO7-MPMrB02w4Q_t0cqTYBAjslFz13_LhK1S_Qe1LDmCnnL6wXL51VqzWbBLHcYB-QAHfDSJfoTovckBDOjCGy7v4UKgsGURW4Vxe02rFQAoS-hblkHQUp0HrGamMoSYgSAaqBiJTOJLgMAM2ghjhKnSnXDzDkw5tmMIUT6wm96msfarJl2yDnpXWq-2kRk_-PxEsKQvCEzuMzp3ICxIobDRI2cc5dA3dp2YD-uiV_DaFa9ypqNeLE9JaAn77QN9i1b3FJUkFbFovf_6HG9alc-QqMR4bmrPtXbvLEFdpkQdBRip-Sip2GQpv5kOWo1pwhTlJJGky0_ffhWPuW4WKlc6p5y9aUpLNDXchXC3A07SvfNj8Dn_QENm3Qy3t2xw2ZNeRzEcpP2WQVeWdJaNnwQAWXjdjiQ2Q-kxoM0P1MhUO9hcI6-mncta9hXsthUhyKoYfeKtFZpsfSN04XFsOo0K4HaHfodrR9sKKvN8qONAqVyd3cy9mxNVGe3Kqn0J2h8jaerQfJegRzpXsPa0B4xGNW8bvc3Zftq4LHx8ylFq1om5eJz71hLyqTkxG_ei5lYGCMinONJ6d1K7C9Mm2NWxmGWP2Dut_kELvsJbZuIlEAFGx9Eqkd7KWSYyaOhjRv4dmSxgoOb7-vC8a1Ub6tyQKY1pcopqzG-V1QgYohmFFrhbhS1uJ0wB-459eVOY5hphlJyQHDVJbV5SqAZwROVYy0_C0I-BUWOlyOx2t9YqWE6o2cSsDYx8nyY53G_MgSF6HcFu4RYfMCwe2VxtiOn7Vv48Ec8Ic2wMoldZlC5U_PU3FwvQTDV7X-dkqEh9tXEzZr9ERZmfUY76G96d98rFdlcUk_r81IXFbTfvJJ418NcJCCw2GKnrlUasD6oV5tBX97YgyQwm-P8gRpW2XBKwe0bPq6QC-gB6vmzYT71TE_duRmpRlH7xUijEMlipkKs6Lx48j-zYBPaOb_2N_tWtEN-JmRaJJrnwjcOm6A6Ep_fgl3oDnv2RX1Jmwvi4Pl-unPSMi_ln9OogkAnDY79f0y4hZKuaxgUPF_8s8ErRFLZBRC50vIMRyL_lz5s36BVIHKAdkLftkCVbjzpNZRDPb5MYi_p2MtMNcIhAd2zf7OOCNIogd3LuSbxWOQ5WKoNNGRU5TVqn0rzsBsUNlOfbYfvmiS0sf1O73L0Kv53fQwmVS_wWAbNQ25X8vwEdH9UKDh65BeMNLXbY6p_UTshs0RoAEaY1_XWmEZIQeHGMj05KCG3rEYwIl7HbHpkcWDISU6LlTWblyt2ihHuVu_JZiiKfx_Xs-qS2u1nRX4Ynnt6xFWTXGgOkBG7kN69Md_0Y4Jo1tx-oDn7mCDBj61YRqO00AoNpKKebmZIB0HgD13IWJL4XZ1C3R1fQjZD-ReTRpxYCZmVq8SeI7BBCJSal9nwb5f48sG21AcrwmE3k__O4N8TWoPLiKVA2n6CFqZ2nx-QLp4_VAuXm1C9kHkujTu_21HJbkdB5y3LbWKFK1YWGHrlg1Hjg5eIrqN_Vy7tFvEFa4-OCVYpXlJFMLzHqbGvhuVeTtT1KU7vFD9wuQRtge9x4TyBFzvUy3JIVkELWGmnPZp2YLCLAlDanHF9v2Oxe_zwK8Gsngk8YmMc55wVoTRI9fAZjgaoT3OKRHN-MMX-LUmiAZN6iJBM5UWzhY6ayQB7P3LbARtiYHYW8O9SXibsyMAXni8Mp8OhoSaVrDuYcw1eckeSaOMAIbc2DOygQfo849CiUyofD0F5_ojrQfL9D1kOCkTCZiMUXzoDnzAMLq-P7_BBb0uHbFAH7Hki4osQ9BLV1kM4lu0rx9biGLqeFtfLZVNd5lYbGODsOhF0EfMXNan8HFJbXomADKog5A8MYOmFhIC_MtPaVhl4287QFySEgyrQnHh5-GwTH1g5w6RJoqi-pcxYWXIe3O8SUu1_963aLR6IQIuxZCNQIJwRFMUwKt0VteWyqCrgq73VENIkAcijaoc0jzEpqYRHHx25vsuiPxk7BgHIeCA9a_HMGRjnneuT1dFZjCj8NkjHWFB0MbOXqmNvzd4oaNYJn-Hl1A8b2CC0VxeFsK8UiFfhatluUJWS_FkRwV2u2Gad95-4n1R3287H7EyNIthu_Q7Qr84jRS3h9UCQrF-7C_jtH7SelW4rVVHnDTNXAl2sJOEAxe0IJMb7x8rMhM32CkK-IRenBQ1Gc6fKVRXdOmGLpxz7l5nYAgnrAuvbRAHSGZWCGTy2BHB7x2ocQYXMJXrxPynlU7Zg5NM7YMXRBAJBu43CAUUq1uUI3i8PujpnBD05V6TXkd0E54neg-XM9NpvHF6a0V-rWaXBkomEM9OI&cid=CAASEuRo70R-sSpPOeZl0PfkRZi0SQ&rfl=1%2Chttps%253A%252F%252Fwww.farfeshplus.online%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=8400035594&adk=833794805&adf=3132389021&pi=t.ma~as.8400035594&w=160&lmt=1660112923&psa=0&format=160x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922945&bpp=1&bdt=608&idt=362&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600%2C336x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mE4KS0So69&p=https%3A//www.farfeshplus.online&dtd=366
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
611c38f05c96ec32e94c9f536934519bf46d635d2dcc4feb4cd4d7e8ae109473
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=8400035594&adk=833794805&adf=3132389021&pi=t.ma~as.8400035594&w=160&lmt=1660112923&psa=0&format=160x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922945&bpp=1&bdt=608&idt=362&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600%2C336x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mE4KS0So69&p=https%3A//www.farfeshplus.online&dtd=366
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37888
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ Frame 4676 		4 KB
636 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 06:19:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 10 Aug 2022 06:28:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Aug 2022 06:28:43 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/ Frame 496C 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/abg_lite_fy2021.js
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 05:36:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3129
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9660
x-xss-protection
0
server
cafe
etag
13823643058518418725
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 05:36:34 GMT
css
fonts.googleapis.com/ Frame 496C 		8 KB
716 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 06:19:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 10 Aug 2022 06:28:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Aug 2022 06:28:43 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220801_RC00/ Frame 496C 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220801_RC00/outstream.min.css
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:810::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 12:52:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149760
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 10:45:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 08 Aug 2023 12:52:43 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220801_RC00/ Frame 496C 		356 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220801_RC00/outstream.min.js
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:810::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b0c868e05a8b05c5653a259a40647d60b3cfea7ed14903beaf1298d72e519fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 12:52:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149760
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126003
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 10:45:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 08 Aug 2023 12:52:43 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 496C 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 05:59:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1769
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7596
x-xss-protection
0
server
cafe
etag
12715132177492665634
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 05:59:14 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/elements/html/ Frame 4676 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3e9b735c5427ba143ec81be5b00b06b5902223a552d6ef8dd6f220351b2600ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 05:58:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1798
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8392
x-xss-protection
0
server
cafe
etag
14983445617412810031
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 05:58:45 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		138 KB
45 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3278476289912146&correlator=1391549590032639&eid=31068846%2C31061690%2C31068520%2C31062930&output=ldjh&gdfp_req=1&vrg=2022080401&ptt=17&impl=fifs&iu_parts=44890869%3A14363285%2Cca-pub-3831894559014614-tag%2Cb6a0ef06-13cd-44ba-903b-75656c29f506&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=760x100&ifi=45&adks=1331542051&sfv=1-0-38&fsapi=false&prev_scp=ti%3Da683aaf6-8d0e-4279-b003-98d6543a4e4e%26bid%3D0.02%26bid-p%3Dgoogle%26bsc%3D90&eri=1&sc=1&cookie=ID%3D73f1f3290a10d589%3AT%3D1660112923%3AS%3DALNI_MZTgbQu_oc7UWt51DjA76P81msaLA&abxe=1&dt=1660112923703&lmt=1660112923&dlt=1660112922337&idt=875&adxs=420&adys=1978&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=w&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&frm=20&vis=1&psz=760x-1&msz=760x-1&fws=4&ohw=1600&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js?cb=31068846
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
3b24b158b301234fff5a75a80081d67fb0f471e6316e847fe387d9927af0bab0
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNbk7cjSu_kCFY6Fgwcd23sKPg&gqi=&layout=/sadbundle/%24csp%253Der3%24/863300823173379816/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNbk7cjSu_kCFY6Fgwcd23sKPg&gqi=&layout=/sadbundle/%24csp%253Der3%24/863300823173379816/index.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45569
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
date
Wed, 10 Aug 2022 06:28:44 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.farfeshplus.online
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		4 KB
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3278476289912146&correlator=1391549590032639&eid=31068846%2C31061690%2C31068520%2C31062930&output=ldjh&gdfp_req=1&vrg=2022080401&ptt=17&impl=fifs&iu_parts=21939239661%3A22477364305%2Capl%2Cfarfeshapl%2Cdisplay%2Ccubes%2Crich2%2Cnativefeedapl%2Csky%2Cresponsive%2Cresponsive3%2Cresponsive4%2Cresponsive5%2Csticky&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F2%2F3%2F7%2C%2F0%2F1%2F2%2F3%2F8%2C%2F0%2F1%2F2%2F3%2F9%2C%2F0%2F1%2F2%2F3%2F10%2C%2F0%2F1%2F2%2F3%2F11%2C%2F0%2F1%2F2%2F3%2F12&prev_iu_szs=300x250%2C300x250%2C300x250%2C300x250%2C468x60%7C320x50%7C320x100%2C320x50%2C120x600%7C160x600%7C300x600%2C970x250%2C970x250%2C970x250%2C970x250%2C970x90%7C728x90&fluid=0%2C0%2C0%2C0%2C0%2Cheight%2C0%2C0%2C0%2C0%2C0%2C0&ifi=46&adks=1076104053%2C1076104042%2C1076104043%2C1076104040%2C708489848%2C2775142774%2C4011929043%2C2756758905%2C1435558829%2C1986298117%2C1579363975%2C3435151535&sfv=1-0-38&fsapi=false&prev_scp=%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7Ctest%3Drefresh&sc=1&cookie=ID%3D73f1f3290a10d589%3AT%3D1660112923%3AS%3DALNI_MZTgbQu_oc7UWt51DjA76P81msaLA&abxe=1&dt=1660112923706&lmt=1660112923&dlt=1660112922337&idt=875&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1&ucis=x%7Cy%7Cz%7C10%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&frm=20&vis=1&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&fws=2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js?cb=31068846
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
c34c52853a47826f71598203a51cb0be8aafbbb5a89506332513ddf15e28f0c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
280
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.farfeshplus.online
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
increment
id5-sync.com/api/esp/ 		0
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.farfeshplus.online/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.farfeshplus.online
date
Wed, 10 Aug 2022 06:28:43 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
strict-transport-security
max-age=63072000; includeSubDomains; preload
1113.json
id5-sync.com/g/v2/ 		212 B
628 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/1113.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
b93ca25d6f46b958d7b9ba8af66a1f16d8b0e483ac51ef307cef71581b6be7e1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.farfeshplus.online/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.farfeshplus.online
date
Wed, 10 Aug 2022 06:28:43 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
rum
dsum-sec.casalemedia.com/ Frame 402A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENgjyK8sXY-emA5d46KD430&google_cver=1
43 B
905 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENgjyK8sXY-emA5d46KD430&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYnuqZyAEwAQ&v=APEucNUA8I-ucbuj_c-cMUecQshzd_x5PfnY_Dlw6cSOhko9cz5HQmrst7uQbmYBSsEsV-_pSfzCTsaRKc46PNcuhxAa_QCpTw9n6Nj8l6sm-0RQLNWXfQg0eyaUEORbFCox4jIvUKSUwB14AqlRFVpC24BW34kwZFIuujlTy8HaNOljpbJKpD4
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
7386ac4e2b1092a8-FRA
pragma
no-cache
date
Wed, 10 Aug 2022 06:28:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3uscPMra2SFbVhmsjrbuJXPU8Y51Vq5cfgdN37KwLnuNXaPfzHf5UjtBJcXpShjsIWNHsItPc5ErZXonPvGzyiBGUnZVU03IXDhvt6CvJCgSs7AJVLJpseEGheG2EdaEHpRhQNMq8PU8w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENgjyK8sXY-emA5d46KD430&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 402A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvNQG2SNzLmPXUfux7me6QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKG8f6lx1n11UWP6UqMCDB0&google_cver=1
43 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKG8f6lx1n11UWP6UqMCDB0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYnuqZyAEwAQ&v=APEucNUA8I-ucbuj_c-cMUecQshzd_x5PfnY_Dlw6cSOhko9cz5HQmrst7uQbmYBSsEsV-_pSfzCTsaRKc46PNcuhxAa_QCpTw9n6Nj8l6sm-0RQLNWXfQg0eyaUEORbFCox4jIvUKSUwB14AqlRFVpC24BW34kwZFIuujlTy8HaNOljpbJKpD4
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
7386ac4f8c5292a8-FRA
pragma
no-cache
date
Wed, 10 Aug 2022 06:28:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zz9UW54NmfgnyAFJ7AeMCR0aErR%2BtVaadIYumfaYfrFxm5dYsqzIvTaHlC04V1gS8TmQtRbBnZ2UlBeeXbRy5MvsehpdfjdiVSyEwan0PdwabE6si837AbRAP0BX4T7lSDo0u9pf0RAkZA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKG8f6lx1n11UWP6UqMCDB0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 402A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFhiVKP1z8V9owP-Byd_Mws&google_cver=1
43 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEFhiVKP1z8V9owP-Byd_Mws&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYnuqZyAEwAQ&v=APEucNUA8I-ucbuj_c-cMUecQshzd_x5PfnY_Dlw6cSOhko9cz5HQmrst7uQbmYBSsEsV-_pSfzCTsaRKc46PNcuhxAa_QCpTw9n6Nj8l6sm-0RQLNWXfQg0eyaUEORbFCox4jIvUKSUwB14AqlRFVpC24BW34kwZFIuujlTy8HaNOljpbJKpD4
Protocol
HTTP/1.1
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Aug 2022 06:28:43 GMT
X-Proxy-Origin
81.95.5.36; 81.95.5.36; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
7993513c-18b2-41f3-a34a-5d7faf3dc9cb
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEFhiVKP1z8V9owP-Byd_Mws&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 402A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ4NjA5NjUxMzUzODQyMDY5
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ4NjA5NjUxMzUzODQyMDY5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYnuqZyAEwAQ&v=APEucNUA8I-ucbuj_c-cMUecQshzd_x5PfnY_Dlw6cSOhko9cz5HQmrst7uQbmYBSsEsV-_pSfzCTsaRKc46PNcuhxAa_QCpTw9n6Nj8l6sm-0RQLNWXfQg0eyaUEORbFCox4jIvUKSUwB14AqlRFVpC24BW34kwZFIuujlTy8HaNOljpbJKpD4
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 10 Aug 2022 06:28:43 GMT
X-Proxy-Origin
81.95.5.36; 81.95.5.36; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
4ae63ca7-b8e9-47cb-a7c7-71cd80b26d73
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ4NjA5NjUxMzUzODQyMDY5
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
container.html
6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 83BB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js?cb=31068846
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.farfeshplus.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 06:28:43 GMT
expires
Thu, 10 Aug 2023 06:28:43 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1707 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js?cb=31068846
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.farfeshplus.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 06:28:43 GMT
expires
Thu, 10 Aug 2023 06:28:43 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
pagead2.googlesyndication.com/bg/ Frame D5E3 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=600&slotname=7260452004&adk=1988084761&adf=854766408&pi=t.ma~as.7260452004&w=120&lmt=1660112923&psa=0&format=120x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922943&bpp=1&bdt=606&idt=213&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2329524702554&frm=20&pv=2&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=25RoGZ341m&p=https%3A//www.farfeshplus.online&dtd=219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 13:08:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
62437
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14146
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 13:08:06 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/886862/62195782/ Frame 2503 		235 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/886862/62195782/skeleton.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.251.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-251-16.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7fa651719293804b3ab13aeb4445088ac9c175595082625de6f1a6e3f3bb620a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:43 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 2503 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 11:11:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69421
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Aug 2022 11:11:42 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220808/r20110914/elements/html/ Frame 2503 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220808/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DL7KVgP0Mmc2zFw0yGxIH4CPqC-82SD22ex6aNChxShEzsulWGoUo35UynefAb8SCBD1oPCbS2IObMot6ZVRmslmSy_lacRY_Vx3NWAJXcr2NznOvwFecIyS7h5AMDfWSYbHZgmRqzajeQh0U5D6Q2BgwBOw&dbm_d=AKAmf-BI8wIqeCRTL4txR3ynswqB9Scl08qsQXAoaFd0KmHVPLnpzNdHqMcH_1vrTkjmmCeA-oLyqga88Al6E1UGBN3xuArI25r7kLWGrz1qVqHCBunEwEpPinR3MX3z15hooQeqdQXs-2j8fQyKfrUThKacD0mrg9XfEfym6QXzB25KfLufsax86DkEyzEDMThRHa0TFaY87xY6lkj-DVj_6-P1cVouaetlTpZLSjaCJJsUYPMtz9sGseP3M3SsZWYRbOUEoV9vj3UJ90tuqCOw3A3AIR_p3IC_RjtwzFhJeqB65Ak9e02hYHdzZvfgrwYuIxtci7lbcgCRBa43RtS81ZxVa_BAWXsdodtXYGg8akldY01QL6Bn793pJxFB19nc2pToYcNCd_L6L2wRqNuRV7PO3D_ryAk1MKY_YPftS66cqYTlc2fk67L_0stEqhQHo2Eq7JLV7Q8e8MOesIXiLmhfc973bCS5nL8Luc1M_NTWtGIfghs0-FKOCVPwnimQcHpoGRMhuvcaZK8sYa88NTiFjVHmSStMR0smXRM1prYVLnHT02sicb7qIcafU_DsXY7Liv5SrrcuaStCmqlYI3LZr1MBw7xIqsdwIT6AC2ZaKRwQNGkNknmkyjNgrvpBSbb4yqwUuxG9bFZzhqYAW5S7Z5qWeCzq3ar0GoLyX7-eY6U6l0UpaUyory9fpz6vaXwhkNNVaDqfkvW69ftBq8RBWctumlYIUzfvryjO7BroILSMu_Gdu1F-zyuNATKgLdzp3eqIVengWNsyjTHM6WQOoVXfSBKOZzUgSfW3eQw3vy9pm1Mf3gWnn97sdlDMo754JHToAPNWov25wFRFdKBupcmDX7IWpZmRaoWQYb6zEiegT4C5lm0u6pHYuJvq16MiIMEPdmfpM0XttNyk9BiHGpDrLCuhNa6mQuNRkcHszPzGCdxcB93yFvDN_THdgO7-MPMrB02w4Q_t0cqTYBAjslFz13_LhK1S_Qe1LDmCnnL6wXL51VqzWbBLHcYB-QAHfDSJfoTovckBDOjCGy7v4UKgsGURW4Vxe02rFQAoS-hblkHQUp0HrGamMoSYgSAaqBiJTOJLgMAM2ghjhKnSnXDzDkw5tmMIUT6wm96msfarJl2yDnpXWq-2kRk_-PxEsKQvCEzuMzp3ICxIobDRI2cc5dA3dp2YD-uiV_DaFa9ypqNeLE9JaAn77QN9i1b3FJUkFbFovf_6HG9alc-QqMR4bmrPtXbvLEFdpkQdBRip-Sip2GQpv5kOWo1pwhTlJJGky0_ffhWPuW4WKlc6p5y9aUpLNDXchXC3A07SvfNj8Dn_QENm3Qy3t2xw2ZNeRzEcpP2WQVeWdJaNnwQAWXjdjiQ2Q-kxoM0P1MhUO9hcI6-mncta9hXsthUhyKoYfeKtFZpsfSN04XFsOo0K4HaHfodrR9sKKvN8qONAqVyd3cy9mxNVGe3Kqn0J2h8jaerQfJegRzpXsPa0B4xGNW8bvc3Zftq4LHx8ylFq1om5eJz71hLyqTkxG_ei5lYGCMinONJ6d1K7C9Mm2NWxmGWP2Dut_kELvsJbZuIlEAFGx9Eqkd7KWSYyaOhjRv4dmSxgoOb7-vC8a1Ub6tyQKY1pcopqzG-V1QgYohmFFrhbhS1uJ0wB-459eVOY5hphlJyQHDVJbV5SqAZwROVYy0_C0I-BUWOlyOx2t9YqWE6o2cSsDYx8nyY53G_MgSF6HcFu4RYfMCwe2VxtiOn7Vv48Ec8Ic2wMoldZlC5U_PU3FwvQTDV7X-dkqEh9tXEzZr9ERZmfUY76G96d98rFdlcUk_r81IXFbTfvJJ418NcJCCw2GKnrlUasD6oV5tBX97YgyQwm-P8gRpW2XBKwe0bPq6QC-gB6vmzYT71TE_duRmpRlH7xUijEMlipkKs6Lx48j-zYBPaOb_2N_tWtEN-JmRaJJrnwjcOm6A6Ep_fgl3oDnv2RX1Jmwvi4Pl-unPSMi_ln9OogkAnDY79f0y4hZKuaxgUPF_8s8ErRFLZBRC50vIMRyL_lz5s36BVIHKAdkLftkCVbjzpNZRDPb5MYi_p2MtMNcIhAd2zf7OOCNIogd3LuSbxWOQ5WKoNNGRU5TVqn0rzsBsUNlOfbYfvmiS0sf1O73L0Kv53fQwmVS_wWAbNQ25X8vwEdH9UKDh65BeMNLXbY6p_UTshs0RoAEaY1_XWmEZIQeHGMj05KCG3rEYwIl7HbHpkcWDISU6LlTWblyt2ihHuVu_JZiiKfx_Xs-qS2u1nRX4Ynnt6xFWTXGgOkBG7kN69Md_0Y4Jo1tx-oDn7mCDBj61YRqO00AoNpKKebmZIB0HgD13IWJL4XZ1C3R1fQjZD-ReTRpxYCZmVq8SeI7BBCJSal9nwb5f48sG21AcrwmE3k__O4N8TWoPLiKVA2n6CFqZ2nx-QLp4_VAuXm1C9kHkujTu_21HJbkdB5y3LbWKFK1YWGHrlg1Hjg5eIrqN_Vy7tFvEFa4-OCVYpXlJFMLzHqbGvhuVeTtT1KU7vFD9wuQRtge9x4TyBFzvUy3JIVkELWGmnPZp2YLCLAlDanHF9v2Oxe_zwK8Gsngk8YmMc55wVoTRI9fAZjgaoT3OKRHN-MMX-LUmiAZN6iJBM5UWzhY6ayQB7P3LbARtiYHYW8O9SXibsyMAXni8Mp8OhoSaVrDuYcw1eckeSaOMAIbc2DOygQfo849CiUyofD0F5_ojrQfL9D1kOCkTCZiMUXzoDnzAMLq-P7_BBb0uHbFAH7Hki4osQ9BLV1kM4lu0rx9biGLqeFtfLZVNd5lYbGODsOhF0EfMXNan8HFJbXomADKog5A8MYOmFhIC_MtPaVhl4287QFySEgyrQnHh5-GwTH1g5w6RJoqi-pcxYWXIe3O8SUu1_963aLR6IQIuxZCNQIJwRFMUwKt0VteWyqCrgq73VENIkAcijaoc0jzEpqYRHHx25vsuiPxk7BgHIeCA9a_HMGRjnneuT1dFZjCj8NkjHWFB0MbOXqmNvzd4oaNYJn-Hl1A8b2CC0VxeFsK8UiFfhatluUJWS_FkRwV2u2Gad95-4n1R3287H7EyNIthu_Q7Qr84jRS3h9UCQrF-7C_jtH7SelW4rVVHnDTNXAl2sJOEAxe0IJMb7x8rMhM32CkK-IRenBQ1Gc6fKVRXdOmGLpxz7l5nYAgnrAuvbRAHSGZWCGTy2BHB7x2ocQYXMJXrxPynlU7Zg5NM7YMXRBAJBu43CAUUq1uUI3i8PujpnBD05V6TXkd0E54neg-XM9NpvHF6a0V-rWaXBkomEM9OI&cid=CAASEuRo70R-sSpPOeZl0PfkRZi0SQ&rfl=1%2Chttps%253A%252F%252Fwww.farfeshplus.online%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:21:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
443
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 06:21:20 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220808/r20110914/ Frame 2503 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220808/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DL7KVgP0Mmc2zFw0yGxIH4CPqC-82SD22ex6aNChxShEzsulWGoUo35UynefAb8SCBD1oPCbS2IObMot6ZVRmslmSy_lacRY_Vx3NWAJXcr2NznOvwFecIyS7h5AMDfWSYbHZgmRqzajeQh0U5D6Q2BgwBOw&dbm_d=AKAmf-BI8wIqeCRTL4txR3ynswqB9Scl08qsQXAoaFd0KmHVPLnpzNdHqMcH_1vrTkjmmCeA-oLyqga88Al6E1UGBN3xuArI25r7kLWGrz1qVqHCBunEwEpPinR3MX3z15hooQeqdQXs-2j8fQyKfrUThKacD0mrg9XfEfym6QXzB25KfLufsax86DkEyzEDMThRHa0TFaY87xY6lkj-DVj_6-P1cVouaetlTpZLSjaCJJsUYPMtz9sGseP3M3SsZWYRbOUEoV9vj3UJ90tuqCOw3A3AIR_p3IC_RjtwzFhJeqB65Ak9e02hYHdzZvfgrwYuIxtci7lbcgCRBa43RtS81ZxVa_BAWXsdodtXYGg8akldY01QL6Bn793pJxFB19nc2pToYcNCd_L6L2wRqNuRV7PO3D_ryAk1MKY_YPftS66cqYTlc2fk67L_0stEqhQHo2Eq7JLV7Q8e8MOesIXiLmhfc973bCS5nL8Luc1M_NTWtGIfghs0-FKOCVPwnimQcHpoGRMhuvcaZK8sYa88NTiFjVHmSStMR0smXRM1prYVLnHT02sicb7qIcafU_DsXY7Liv5SrrcuaStCmqlYI3LZr1MBw7xIqsdwIT6AC2ZaKRwQNGkNknmkyjNgrvpBSbb4yqwUuxG9bFZzhqYAW5S7Z5qWeCzq3ar0GoLyX7-eY6U6l0UpaUyory9fpz6vaXwhkNNVaDqfkvW69ftBq8RBWctumlYIUzfvryjO7BroILSMu_Gdu1F-zyuNATKgLdzp3eqIVengWNsyjTHM6WQOoVXfSBKOZzUgSfW3eQw3vy9pm1Mf3gWnn97sdlDMo754JHToAPNWov25wFRFdKBupcmDX7IWpZmRaoWQYb6zEiegT4C5lm0u6pHYuJvq16MiIMEPdmfpM0XttNyk9BiHGpDrLCuhNa6mQuNRkcHszPzGCdxcB93yFvDN_THdgO7-MPMrB02w4Q_t0cqTYBAjslFz13_LhK1S_Qe1LDmCnnL6wXL51VqzWbBLHcYB-QAHfDSJfoTovckBDOjCGy7v4UKgsGURW4Vxe02rFQAoS-hblkHQUp0HrGamMoSYgSAaqBiJTOJLgMAM2ghjhKnSnXDzDkw5tmMIUT6wm96msfarJl2yDnpXWq-2kRk_-PxEsKQvCEzuMzp3ICxIobDRI2cc5dA3dp2YD-uiV_DaFa9ypqNeLE9JaAn77QN9i1b3FJUkFbFovf_6HG9alc-QqMR4bmrPtXbvLEFdpkQdBRip-Sip2GQpv5kOWo1pwhTlJJGky0_ffhWPuW4WKlc6p5y9aUpLNDXchXC3A07SvfNj8Dn_QENm3Qy3t2xw2ZNeRzEcpP2WQVeWdJaNnwQAWXjdjiQ2Q-kxoM0P1MhUO9hcI6-mncta9hXsthUhyKoYfeKtFZpsfSN04XFsOo0K4HaHfodrR9sKKvN8qONAqVyd3cy9mxNVGe3Kqn0J2h8jaerQfJegRzpXsPa0B4xGNW8bvc3Zftq4LHx8ylFq1om5eJz71hLyqTkxG_ei5lYGCMinONJ6d1K7C9Mm2NWxmGWP2Dut_kELvsJbZuIlEAFGx9Eqkd7KWSYyaOhjRv4dmSxgoOb7-vC8a1Ub6tyQKY1pcopqzG-V1QgYohmFFrhbhS1uJ0wB-459eVOY5hphlJyQHDVJbV5SqAZwROVYy0_C0I-BUWOlyOx2t9YqWE6o2cSsDYx8nyY53G_MgSF6HcFu4RYfMCwe2VxtiOn7Vv48Ec8Ic2wMoldZlC5U_PU3FwvQTDV7X-dkqEh9tXEzZr9ERZmfUY76G96d98rFdlcUk_r81IXFbTfvJJ418NcJCCw2GKnrlUasD6oV5tBX97YgyQwm-P8gRpW2XBKwe0bPq6QC-gB6vmzYT71TE_duRmpRlH7xUijEMlipkKs6Lx48j-zYBPaOb_2N_tWtEN-JmRaJJrnwjcOm6A6Ep_fgl3oDnv2RX1Jmwvi4Pl-unPSMi_ln9OogkAnDY79f0y4hZKuaxgUPF_8s8ErRFLZBRC50vIMRyL_lz5s36BVIHKAdkLftkCVbjzpNZRDPb5MYi_p2MtMNcIhAd2zf7OOCNIogd3LuSbxWOQ5WKoNNGRU5TVqn0rzsBsUNlOfbYfvmiS0sf1O73L0Kv53fQwmVS_wWAbNQ25X8vwEdH9UKDh65BeMNLXbY6p_UTshs0RoAEaY1_XWmEZIQeHGMj05KCG3rEYwIl7HbHpkcWDISU6LlTWblyt2ihHuVu_JZiiKfx_Xs-qS2u1nRX4Ynnt6xFWTXGgOkBG7kN69Md_0Y4Jo1tx-oDn7mCDBj61YRqO00AoNpKKebmZIB0HgD13IWJL4XZ1C3R1fQjZD-ReTRpxYCZmVq8SeI7BBCJSal9nwb5f48sG21AcrwmE3k__O4N8TWoPLiKVA2n6CFqZ2nx-QLp4_VAuXm1C9kHkujTu_21HJbkdB5y3LbWKFK1YWGHrlg1Hjg5eIrqN_Vy7tFvEFa4-OCVYpXlJFMLzHqbGvhuVeTtT1KU7vFD9wuQRtge9x4TyBFzvUy3JIVkELWGmnPZp2YLCLAlDanHF9v2Oxe_zwK8Gsngk8YmMc55wVoTRI9fAZjgaoT3OKRHN-MMX-LUmiAZN6iJBM5UWzhY6ayQB7P3LbARtiYHYW8O9SXibsyMAXni8Mp8OhoSaVrDuYcw1eckeSaOMAIbc2DOygQfo849CiUyofD0F5_ojrQfL9D1kOCkTCZiMUXzoDnzAMLq-P7_BBb0uHbFAH7Hki4osQ9BLV1kM4lu0rx9biGLqeFtfLZVNd5lYbGODsOhF0EfMXNan8HFJbXomADKog5A8MYOmFhIC_MtPaVhl4287QFySEgyrQnHh5-GwTH1g5w6RJoqi-pcxYWXIe3O8SUu1_963aLR6IQIuxZCNQIJwRFMUwKt0VteWyqCrgq73VENIkAcijaoc0jzEpqYRHHx25vsuiPxk7BgHIeCA9a_HMGRjnneuT1dFZjCj8NkjHWFB0MbOXqmNvzd4oaNYJn-Hl1A8b2CC0VxeFsK8UiFfhatluUJWS_FkRwV2u2Gad95-4n1R3287H7EyNIthu_Q7Qr84jRS3h9UCQrF-7C_jtH7SelW4rVVHnDTNXAl2sJOEAxe0IJMb7x8rMhM32CkK-IRenBQ1Gc6fKVRXdOmGLpxz7l5nYAgnrAuvbRAHSGZWCGTy2BHB7x2ocQYXMJXrxPynlU7Zg5NM7YMXRBAJBu43CAUUq1uUI3i8PujpnBD05V6TXkd0E54neg-XM9NpvHF6a0V-rWaXBkomEM9OI&cid=CAASEuRo70R-sSpPOeZl0PfkRZi0SQ&rfl=1%2Chttps%253A%252F%252Fwww.farfeshplus.online%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc4bff6074be2ad7702c978cbeb585f577c317443b756187d418d976a2683f59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:25:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
197
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11825
x-xss-protection
0
server
cafe
etag
9647346768486398696
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 06:25:26 GMT
container.html
6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3B04 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js?cb=31068846
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.farfeshplus.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 06:28:43 GMT
expires
Thu, 10 Aug 2023 06:28:43 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		182 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		834 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.51&b=1&r=farfeshplus.online_728x90_sticky_display_bottom_new-sticky-right&sy=74a526a9-a05c-4046-9127-e941198f809b&ts=90&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.farfeshplus.online&mlre=undefined&mlin=0&mlsi=160x600&mlbw=4g&mlcs=NaN&mltp=a683aaf6-8d0e-4279-b003-98d6543a4e4e&e=lm&dsReferer=aHR0cHM6Ly93d3cuZmFyZmVzaHBsdXMub25saW5lL0ZQNTguYXNw
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.1.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id
01G7ZPWH81GAPF7W0DSP0JFQJ5
date
Wed, 10 Aug 2022 06:28:43 GMT
cf-cache-status
HIT
age
2263043
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7386ac4de986bb8f-FRA
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012207221643000/ Frame D25A 		220 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=250&slotname=2097210043&adk=239546933&adf=1297813666&pi=t.ma~as.2097210043&w=300&lmt=1660112923&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923349&bpp=1&bdt=1012&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1760ac1a23b33a3-228f92b8e9cd00b3%3AT%3D1660112923%3ART%3D1660112923%3AS%3DALNI_MYsepQxJ79h40_6v6XfVTRdIlpAyw&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=40&uci=a!14&btvi=2&fsb=1&xpc=JXW3qJF5H0&p=https%3A//www.farfeshplus.online&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e78609c13e44bafd8f619e97e02631aea063465da09c9f1022a24a30f2ecd192
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
137438
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61462
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"006401e583f0e23c"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:05 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012207221643000/v0/ Frame D25A 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012207221643000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=250&slotname=2097210043&adk=239546933&adf=1297813666&pi=t.ma~as.2097210043&w=300&lmt=1660112923&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923349&bpp=1&bdt=1012&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1760ac1a23b33a3-228f92b8e9cd00b3%3AT%3D1660112923%3ART%3D1660112923%3AS%3DALNI_MYsepQxJ79h40_6v6XfVTRdIlpAyw&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=40&uci=a!14&btvi=2&fsb=1&xpc=JXW3qJF5H0&p=https%3A//www.farfeshplus.online&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09bdd678609812f4311a2a3ae3b63b08b35029f886975555f704a3f79fbbe2d5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
137438
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5196
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"bc8caad49b08d8fb"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:05 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012207221643000/v0/ Frame D25A 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012207221643000/v0/amp-analytics-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=250&slotname=2097210043&adk=239546933&adf=1297813666&pi=t.ma~as.2097210043&w=300&lmt=1660112923&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923349&bpp=1&bdt=1012&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1760ac1a23b33a3-228f92b8e9cd00b3%3AT%3D1660112923%3ART%3D1660112923%3AS%3DALNI_MYsepQxJ79h40_6v6XfVTRdIlpAyw&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=40&uci=a!14&btvi=2&fsb=1&xpc=JXW3qJF5H0&p=https%3A//www.farfeshplus.online&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
866c3e7e9c3ac0d8e0df50f622518445b0465dc4a34bbb6082b6c27391d77dbc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
137438
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28864
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"14e9be8f3cf5efda"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:05 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012207221643000/v0/ Frame D25A 		72 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012207221643000/v0/amp-animation-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=250&slotname=2097210043&adk=239546933&adf=1297813666&pi=t.ma~as.2097210043&w=300&lmt=1660112923&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923349&bpp=1&bdt=1012&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1760ac1a23b33a3-228f92b8e9cd00b3%3AT%3D1660112923%3ART%3D1660112923%3AS%3DALNI_MYsepQxJ79h40_6v6XfVTRdIlpAyw&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=40&uci=a!14&btvi=2&fsb=1&xpc=JXW3qJF5H0&p=https%3A//www.farfeshplus.online&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
924aace23e54fcf154a07509debd7336088b7546df4f6566062f477b6ed500a4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
137435
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16646
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"662bf586d06a4736"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:08 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012207221643000/v0/ Frame D25A 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012207221643000/v0/amp-fit-text-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=250&slotname=2097210043&adk=239546933&adf=1297813666&pi=t.ma~as.2097210043&w=300&lmt=1660112923&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923349&bpp=1&bdt=1012&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1760ac1a23b33a3-228f92b8e9cd00b3%3AT%3D1660112923%3ART%3D1660112923%3AS%3DALNI_MYsepQxJ79h40_6v6XfVTRdIlpAyw&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=40&uci=a!14&btvi=2&fsb=1&xpc=JXW3qJF5H0&p=https%3A//www.farfeshplus.online&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b396ad1f1cac053ea579e5989462b206af7fb863907bf319fe02d2a5ce29aebc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
137438
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fcd376918b45715d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:05 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012207221643000/v0/ Frame D25A 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012207221643000/v0/amp-form-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=250&slotname=2097210043&adk=239546933&adf=1297813666&pi=t.ma~as.2097210043&w=300&lmt=1660112923&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923349&bpp=1&bdt=1012&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1760ac1a23b33a3-228f92b8e9cd00b3%3AT%3D1660112923%3ART%3D1660112923%3AS%3DALNI_MYsepQxJ79h40_6v6XfVTRdIlpAyw&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=40&uci=a!14&btvi=2&fsb=1&xpc=JXW3qJF5H0&p=https%3A//www.farfeshplus.online&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c9464895887e89bf485eb9a07e7ebe22ff70133a8bcb1e19a0774ecf67703a8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
137438
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12959
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fd6c62727a90c1dd"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:05 GMT
ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D25A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ar.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=250&slotname=2097210043&adk=239546933&adf=1297813666&pi=t.ma~as.2097210043&w=300&lmt=1660112923&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923349&bpp=1&bdt=1012&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1760ac1a23b33a3-228f92b8e9cd00b3%3AT%3D1660112923%3ART%3D1660112923%3AS%3DALNI_MYsepQxJ79h40_6v6XfVTRdIlpAyw&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=40&uci=a!14&btvi=2&fsb=1&xpc=JXW3qJF5H0&p=https%3A//www.farfeshplus.online&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 14:47:43 GMT
x-content-type-options
nosniff
server
cafe
age
56460
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
9421415325968714010
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2737
x-xss-protection
0
expires
Wed, 10 Aug 2022 14:47:43 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D25A 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=250&slotname=2097210043&adk=239546933&adf=1297813666&pi=t.ma~as.2097210043&w=300&lmt=1660112923&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923349&bpp=1&bdt=1012&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1760ac1a23b33a3-228f92b8e9cd00b3%3AT%3D1660112923%3ART%3D1660112923%3AS%3DALNI_MYsepQxJ79h40_6v6XfVTRdIlpAyw&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=40&uci=a!14&btvi=2&fsb=1&xpc=JXW3qJF5H0&p=https%3A//www.farfeshplus.online&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 17:34:18 GMT
x-content-type-options
nosniff
server
cafe
age
46465
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Wed, 10 Aug 2022 17:34:18 GMT
l
www.google.com/ads/measurement/ Frame D25A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTRvDPsAWM8KJJ2mi8vLGyzsW5WiGBzhXevf42too3OEO5j6YH103771W4AQwZD2yn5r1bS3BGn0J_bcIoBMlMsfZSeKQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=250&slotname=2097210043&adk=239546933&adf=1297813666&pi=t.ma~as.2097210043&w=300&lmt=1660112923&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923349&bpp=1&bdt=1012&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1760ac1a23b33a3-228f92b8e9cd00b3%3AT%3D1660112923%3ART%3D1660112923%3AS%3DALNI_MYsepQxJ79h40_6v6XfVTRdIlpAyw&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=40&uci=a!14&btvi=2&fsb=1&xpc=JXW3qJF5H0&p=https%3A//www.farfeshplus.online&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
adview
googleads.g.doubleclick.net/pagead/ Frame D25A 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CbHERG1DzYt6CGJD8ywW126Iom9SYx2uq2f2G2Q_lj_zCAxABIK2JgyZglfKfgrAHoAHpxaqdAsgBCakCIHEcUaoksT6oAwHIAwiqBOYBT9B97ucgMfnEffOq1v_uSlfRvssuNRpLdaLG-1s8npCbhB-H7JWfw81Vn0gLhfb2PHRwQGC65tf2ntqHas_QiuzBhPcG_928sZ7Z-6TCjwt6BbdSjPzYzpV6yURYGEqUjEQHxslQQw1dnr61qsWTK9NOsjIZdmZ99zZQ9GJSBQeV_7hhdUe85IPRMCKNVUlfZpsavLK0lavsqo2mjXltKGqHHUJBPuyblQ0d3GupNo_Vg8WCHvaRvzoposUXBVpmRgdoXMRtrw-q2uYfra4Au87-rFiioZsCghzfzcjGbiXe9r7XRLnABKbKyN2aA5IFBAgEGAGSBQQIBRgEoAYugAf_udXiAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcFEJ7VpAzSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi02MjY2MzEzMTkwMDg3MTczGAA&sigh=wiqOW5QL9zo&uach_m=[UACH]&template_id=419
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=250&slotname=2097210043&adk=239546933&adf=1297813666&pi=t.ma~as.2097210043&w=300&lmt=1660112923&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923349&bpp=1&bdt=1012&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1760ac1a23b33a3-228f92b8e9cd00b3%3AT%3D1660112923%3ART%3D1660112923%3AS%3DALNI_MYsepQxJ79h40_6v6XfVTRdIlpAyw&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=40&uci=a!14&btvi=2&fsb=1&xpc=JXW3qJF5H0&p=https%3A//www.farfeshplus.online&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=250&slotname=2097210043&adk=239546933&adf=1297813666&pi=t.ma~as.2097210043&w=300&lmt=1660112923&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923349&bpp=1&bdt=1012&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1760ac1a23b33a3-228f92b8e9cd00b3%3AT%3D1660112923%3ART%3D1660112923%3AS%3DALNI_MYsepQxJ79h40_6v6XfVTRdIlpAyw&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=40&uci=a!14&btvi=2&fsb=1&xpc=JXW3qJF5H0&p=https%3A//www.farfeshplus.online&dtd=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 10 Aug 2022 06:28:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
csi
csi.gstatic.com/ Frame 496C 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l6n8de4y&c=4850074243342&slotId=2425037121671&qqid=CJm20cjSu_kCFZaodwod-LkC_A&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220801_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023::78 Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:44 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 496C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C5txYG1DzYtm8EZbR3gP484rgD6Kgy7BqnoDkne0PltHIz-ABEAEglZvKIWCVqpSCoAfIAQWoAwHIA5sEqgSLAk_QLNR_bpZcOnK7qKzOg807ZjxJwoOTxzFCRpdGaHrH2qisWO22-BrxunQI8gdO4cpcAN31Rq8q-bWw7eCTnJ736Qlrf_myNBgaYapaaLwPrI8wmkJ0Z1j0DZmdXZkSkhEgZdLyiYeFKRmvYsjkZJyFnXHzrQVRf8-_0Do37KKLv-IhCaTCWaAu2A364j5WxIea6lyOV6Rd1mygOqg5hFJFdefSezDGxejPi5SLL1DH2SnK8uZZVmnGdVJ6HC1TfUDYOniDw87nPr-mLQxrxuXWEWgPCgCCJf27sBi19DMXsuHHUV1nCQXsXoYFNoLLk4T9OrpZtSb5CTssoccHVqMNHzuGose3cspJHsAE9fLqif8D4AQDkAYBoAZ5gAf_k7XhAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTYyMDA3MDk5MDA1NzI4MIAKA8gLAeALAYAMAbATjrmrD9ATANgTCogUBdgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1660112923864&ai=C5txYG1DzYtm8EZbR3gP484rgD6Kgy7BqnoDkne0PltHIz-ABEAEglZvKIWCVqpSCoAfIAQWoAwHIA5sEqgSLAk_QLNR_bpZcOnK7qKzOg807ZjxJwoOTxzFCRpdGaHrH2qisWO22-BrxunQI8gdO4cpcAN31Rq8q-bWw7eCTnJ736Qlrf_myNBgaYapaaLwPrI8wmkJ0Z1j0DZmdXZkSkhEgZdLyiYeFKRmvYsjkZJyFnXHzrQVRf8-_0Do37KKLv-IhCaTCWaAu2A364j5WxIea6lyOV6Rd1mygOqg5hFJFdefSezDGxejPi5SLL1DH2SnK8uZZVmnGdVJ6HC1TfUDYOniDw87nPr-mLQxrxuXWEWgPCgCCJf27sBi19DMXsuHHUV1nCQXsXoYFNoLLk4T9OrpZtSb5CTssoccHVqMNHzuGose3cspJHsAE9fLqif8D4AQDkAYBoAZ5gAf_k7XhAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tNTYyMDA3MDk5MDA1NzI4MIAKA8gLAeALAYAMAbATjrmrD9ATANgTCogUBdgUAdAVAfgWAYAXAQ
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 496C 		22 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-C1lnBWaS9u5SA_4GwsV_aWu734VWb3hYTrbddMSv_5df--ArJmikYZhvXeu_WhmDrvjXkcqZAzISCJ6cOLNAXZOhq5AA&cry=1&dbm_d=AKAmf-AtR_4rgCbhORgVMOq4nWJ9IE-vHw5gM_R7c4Nph5MnBd4bTxfAUKZWvme3iDPx7Ucbyv6f7AXLRTZSK3xlMkzeM03cTU4MhSUJEfaAgmFqXfjAcawRxM9rzHDlufIyCfw2Ph1oPXismvEJzTeAU6FnGAQ1uAdI6lwQB6X_8Z8ADg3Qp8XbyL56ldzsUaVEXAD8jtVDMv1lATz7fGFgIy_ebd5zr6n9B97dGNJR3Y1qbLm5dSIBUMiNZCrChAYDPevvVroibBpCKUZoxMXNrv_ScAjRkGSnNCaT2Fv7Q8cQHT79vFPTGalNqsTWc4KeOCbnnS5mImVBTNw16NCuIMEpWUxnFtBYcPY8FjW0QCwMtWLaFSHj5Gmr7Pqcb9pIxaeqqDTcsYzxDb-pTBLqOfMR-zZvAr9CzOAbzRUOcBSCDmWTHKSy3yD9KDl7SStvh9FP4d4CkdCznGDPYuoA5b5wV6Mwr4dkhDhiNF8LNhKLStCmblPdvsfwQIXyyLaH_vxj1JAMK8pz0HN5djVcNZz20WpAl0HJe8UDxIT4c02K4p7LRm5cQ2gXSY82klWA5rkeylvv1lDO6UP-zWDW9ZqjNoX-FdAAtgGNm7-YDklH3akxgfaudnTc18vAMvFE4kunHWBybxozLprk9CtswJ70OAPD8LKt8MJd7abEFePq6oX-xfQ9BaUNiOSUH6Na4_7SRrg4Bs1QKGfSJFIlCdvs_E31lYjkWimTVxz0xIpJrdDD_iQukxdaBZpumGHWyassmTJhvaSCTPmtFNnyYNJtuiJ6ekJtjTxkL00WALf-hvsnUv9Kzspd-33p-UWaigbHX-i0S8J73qXIjkef4_vsfLp1OipjQ0yiEmdAIp-Ysn0R2iSf9Mns0EwZ2SZr9DqwtiGA9A_H2KEK4NcNKyMuWcj2QeaTnveLxU1wWPyFrA8L9_kxGoJqDVBIXh3iWVrAVHl1Pra8bxvlaY91uMxElK7oDC6uR8caAddf5acEkIUf6mRYq-WmKE8wkcdNBzCKodkWgaYvbFQZ0Lyo7qKrRKB-cfqWft_PmqYSuWugbYb3U7ABMZK9vd3IxPNB1bFh3Cj-eh3XQcJHN8TrcN_hBd59Vg6oHZLJ2CepjactylVL0XHC-piGqZ22jSOnDaMizbiwQopJbH3N5cokGboijNIDbqzjzhK_ChGccweDq8cP8QSHjbzhnqHwCMcD7bTwvtSJU2vV1Oo8Um09Q0zFYLGFwh3KxGVyrn7aAbqcj4XYcdAkeSaf2w86iq-98_vTGj50F-OozS2jBjeARzhEMXNuEEzB2VkvRB2osRmCWaqISJvBS2SRL08NRwGehh4cUmEmDFp-NSuS6MzqozJkIZ2z-0oKVkGrJIZUpYggodfHZVxlTi5oX1W-Ii6qSDjptiO_EN5kWUyPBI7bghdz7pduZuI-MgxXKOIhueWmG0_JnjwvaWZOLiOHiuDO50sfqCxx4jt0mRiXo-yqz0KqfidzDoNdSQhS-LTvwNCsvRzMKOjYtx09fHnrW88ocil5pwpdMuK73BXjIe40aP8ah86-TtMZ4kGU7r44VGCUA94lh6cR_ABFajFRA28zp8zIkFkCnL1aUc2SnJl3tIhLXBE5b8cEWd_15Darn8EoXpUgnviIz-0wbvAQbtS41lHl4McMD7Xvoyyw1yvoGgajsfvVsEzWP0tcwB3lCiTTO80x3sIBJjb3OdYdCOFlkUwPAKjQC-7zZjA5pI_4Q3I8oauhs71eFEEF8izx0hT7gEBVzMHyhB6pLeuGAMXl6lbaPoyCGYxo-ccq-mBUOshhKdu0f6iNxVqjXk3UtMSUEIFkrgQiU4zfbo19eTYl_XCI9fsDMauLGXK9iMRdOw3jbUk9Tetn1TkQolfyiw-Olm-PS51YTevUYSLGuEuEFlurL3RXzf7RoTuGPV8tpv9Af_w9i9JKh1BOQFzjC4HCAkCXGemIv25bP5K7CmtQOJ9SLI4BKNLZ_P-6uywEKFRDezv_uTJQXR-P4TZ0qvG9R99aNrUdSsoUgcspmma_SG3vG_jbgl1-boZG-thTk4MWY8tblK33Ld9LuwXndMmr1AvzA9mgb99UqkV55dUZV0nTe5hbjDiQA6HUFuSnZikveCyH-VYaDtZaMqYS3RybgMBmJKM8kkoSRrUm1x2gnax-y1Z6utmzCMtEQJtDHxybMAHk2YKQSG1T-Lyhqoi9fRVqGuwkTgJ3pyfowL9RFU_zUo0I6QRJoKVsApHrNr2iBsKhxGTkkUL54PZr88wLKz9jQu0lV5VNvtK0lH-mw8qFXk60ISjbuN9EsPnCIItUGNFnbtTZmhYVep9Nr5kzrurl33phnncsWLPESzX1h_7Q-b-shEpEjNQWevy8tVs4OzYjTwoJol496kHWvcLHFEsPUZYAlwQDKDNC7WflEY0k8mOr21V1BtzrU9olwHKHT622qN9_1IrEH75XSHWCMs8V1JwGMBr2Utu_junaYPW2E9CRHSMucKJytQGAxAPg-Mu1kJ_PglDMXXKUtlPlRSUwkP-mun76Db9NN0H2kojle-NIMsWVYlYTg4a6eXEhR2NB0lHT3NjXOLVbg1VwpeWSm6G0yHs6znQHpj1H736uGh39vZnD0VsOfWbJK7gURPhlCRmWjbLC71EnClC3HviBZfpkdKV7DNSgVNbSiolJKQreLsIIEBKJYP8fOOEsJfXAbT9U_-eKRnm9IBaKM0bSlQt21aUQtaSvvvZMVXF6pn1gkiT6MnSt8Sq_vXgbjXmOuY-OIbO0z9FORJY_iBQ25ccGluiA37xu1tbx5_wVGfCvHxQNY68P4TapJ6-3mtiEF44KWxsfTOsGb9lG4_OJpdiSTqIi2yxUs47YyFUfqBV6hiQqNOFuCiRU-F5WOxqPRt9rJBXQzbAqPNwHQAnNcbLHdxxRmBPEJ7TRhVsQjTobTYHkewIneUo-FhxkOQROpG1WzON2F_701R1QZ6mUE1RCEL3QD0tf9NazMJ-Gsmdum6Lrx8a7P-_VILWn5xGFl-tuQJeG9JwW39d6-wKBF4ciR8zn6ZOx9J-d9cbiF2xyllohshzEekWI88K5pyRprrmp1ktp6FrbfGbI85X9R2kAfQwatR-OlH_b_X3U7cZHBvey590_echtPlicRaWMpwJdda1xKItaxDb1Z0Ot5oQ1UyIbs9TSlrmqkU8C6_d8x-Z-NEMNTi6Z0MST8uX32_xBB8g1kR-ryIi_Ii_gg2RVUlbFcIXIZfFSwJ9gDcbQCoqZirhzv9qW4I9zAvPILzWVrmjolBvRFuorbRHaBFreB7i7X58nXbuKAuZnPaF_iuHLh6kFzF_QOyfYKf7S_pSSfQlMfu3YZKFdEdLt5I8&cid=CAQSLQCsnQUxe-AYKm4-riq1Bg5OT_Kw4TnEc8_4w6vla7V8FEjcUSC2dZ21VM97xA&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220801_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.102.1.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f155.1e100.net
Software
cafe /
Resource Hash
dba0ac0f28c8a92196e7bbdf099903b5f2931247773245a737ebc0f96978de76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14908
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/ Frame A240 		71 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=280&slotname=9134183485&adk=3378407940&adf=438727914&pi=t.ma~as.9134183485&w=336&lmt=1660112923&psa=0&format=336x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923300&bpp=1&bdt=963&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=3262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=39&uci=a!13&btvi=1&fsb=1&xpc=4MUJuJ2tiO&p=https%3A//www.farfeshplus.online&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21c1baedf6650bb34b81dec56e17793342bb2d2b3ff229f5c771105a51090536
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
154241
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
18059
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Mon, 08 Aug 2022 11:38:02 GMT
expires
Tue, 08 Aug 2023 11:38:02 GMT
last-modified
Mon, 01 Aug 2022 11:12:09 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame A0FD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CoU3qG1DzYsOCFZe2YdWZuNALm9SYx2vS3v2G2Q_lj_zCAxABIOy_kBFglfKfgrAHoAHpxaqdAsgBCakCIHEcUaoksT6oAwHIA0iqBOwBT9DswRtq4kttAJeGG8YVzbEKfqEZ49s0eu7fDHgGKxpvOTilPDyX6sWpKEtM3aSlna-G9WuWSVgLBGgLWwU7fIDaREB05Vf0jH5neTDMqRzpT5ohRtPsmojaa6g_KWNp2tfn1UbjQwewuDpCxdH0SPwDfVfD1CuzXdH9dUR2LLpoXVS0zQi6Cf4ay5TykMCLYlBlQJ2U50oGG6f5qkcbFfPLUqYVboPlK2um9_k0DMgOQY0B71eGZrttrAlFsvw3PTOH68f3-kZHrVTkG8hveq1ryiQX_u7-qb45jw25EGYYQfWPqpkT5zjxYvvABKbKyN2aA5IFBAgEGAGSBQQIBRgEoAYugAf_udXiAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcFEL3kgQXSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xMjMxNjYxNjMzNDQwOTgwGAA&sigh=YBnPZCz9Et4&uach_m=[UACH]&template_id=419
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=280&slotname=9134183485&adk=3378407940&adf=438727914&pi=t.ma~as.9134183485&w=336&lmt=1660112923&psa=0&format=336x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923300&bpp=1&bdt=963&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=3262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=39&uci=a!13&btvi=1&fsb=1&xpc=4MUJuJ2tiO&p=https%3A//www.farfeshplus.online&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=280&slotname=9134183485&adk=3378407940&adf=438727914&pi=t.ma~as.9134183485&w=336&lmt=1660112923&psa=0&format=336x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923300&bpp=1&bdt=963&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=3262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=39&uci=a!13&btvi=1&fsb=1&xpc=4MUJuJ2tiO&p=https%3A//www.farfeshplus.online&dtd=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 10 Aug 2022 06:28:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/ Frame A0FD 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=280&slotname=9134183485&adk=3378407940&adf=438727914&pi=t.ma~as.9134183485&w=336&lmt=1660112923&psa=0&format=336x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923300&bpp=1&bdt=963&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=3262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=39&uci=a!13&btvi=1&fsb=1&xpc=4MUJuJ2tiO&p=https%3A//www.farfeshplus.online&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 05:36:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3129
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9660
x-xss-protection
0
server
cafe
etag
13823643058518418725
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 05:36:34 GMT
truncated
/ Frame D25A 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35c18d5d5696e34578123860c826b723ab1848a0b7f68e7c39f68205ce5d9687

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
img.jpg
tpc.googlesyndication.com/sadbundle/4021141043651788466/ Frame D25A 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/4021141043651788466/img.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=250&slotname=2097210043&adk=239546933&adf=1297813666&pi=t.ma~as.2097210043&w=300&lmt=1660112923&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923349&bpp=1&bdt=1012&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1760ac1a23b33a3-228f92b8e9cd00b3%3AT%3D1660112923%3ART%3D1660112923%3AS%3DALNI_MYsepQxJ79h40_6v6XfVTRdIlpAyw&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=40&uci=a!14&btvi=2&fsb=1&xpc=JXW3qJF5H0&p=https%3A//www.farfeshplus.online&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
785625865a3ef35af76cba3f15ef1895925cff6e282d9aec1f20d8482efe30fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:41:32 GMT
x-content-type-options
nosniff
age
154031
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54245
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 11:16:36 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Aug 2023 11:41:32 GMT
cta.svg
tpc.googlesyndication.com/sadbundle/4021141043651788466/ Frame D25A 		2 KB
871 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/4021141043651788466/cta.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=250&slotname=2097210043&adk=239546933&adf=1297813666&pi=t.ma~as.2097210043&w=300&lmt=1660112923&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923349&bpp=1&bdt=1012&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1760ac1a23b33a3-228f92b8e9cd00b3%3AT%3D1660112923%3ART%3D1660112923%3AS%3DALNI_MYsepQxJ79h40_6v6XfVTRdIlpAyw&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=40&uci=a!14&btvi=2&fsb=1&xpc=JXW3qJF5H0&p=https%3A//www.farfeshplus.online&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23dc04ce283fb7ab656d112b55f2d8d9d3f37eb8698e1defefc95c4ece328dd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 12:24:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
151467
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
842
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 11:16:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Aug 2023 12:24:16 GMT
Headline.svg
tpc.googlesyndication.com/sadbundle/4021141043651788466/ Frame D25A 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/4021141043651788466/Headline.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=250&slotname=2097210043&adk=239546933&adf=1297813666&pi=t.ma~as.2097210043&w=300&lmt=1660112923&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923349&bpp=1&bdt=1012&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1760ac1a23b33a3-228f92b8e9cd00b3%3AT%3D1660112923%3ART%3D1660112923%3AS%3DALNI_MYsepQxJ79h40_6v6XfVTRdIlpAyw&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=40&uci=a!14&btvi=2&fsb=1&xpc=JXW3qJF5H0&p=https%3A//www.farfeshplus.online&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d55a3b8b5069b05e8fc4cf48a7e8ad1c40ba9d11626dc32b0451d6ea0b09d850
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 12:24:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
151467
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4380
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 11:16:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Aug 2023 12:24:16 GMT
Txt.svg
tpc.googlesyndication.com/sadbundle/4021141043651788466/ Frame D25A 		28 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/4021141043651788466/Txt.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=250&slotname=2097210043&adk=239546933&adf=1297813666&pi=t.ma~as.2097210043&w=300&lmt=1660112923&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923349&bpp=1&bdt=1012&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1760ac1a23b33a3-228f92b8e9cd00b3%3AT%3D1660112923%3ART%3D1660112923%3AS%3DALNI_MYsepQxJ79h40_6v6XfVTRdIlpAyw&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=40&uci=a!14&btvi=2&fsb=1&xpc=JXW3qJF5H0&p=https%3A//www.farfeshplus.online&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4232d7975ca4fc1e6188befb8d99540d345e4b1dce5eb4b418bf4e49d4ceb65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 12:24:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
151467
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9050
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 11:16:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Aug 2023 12:24:16 GMT
logo.svg
tpc.googlesyndication.com/sadbundle/4021141043651788466/ Frame D25A 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/4021141043651788466/logo.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=250&slotname=2097210043&adk=239546933&adf=1297813666&pi=t.ma~as.2097210043&w=300&lmt=1660112923&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923349&bpp=1&bdt=1012&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1760ac1a23b33a3-228f92b8e9cd00b3%3AT%3D1660112923%3ART%3D1660112923%3AS%3DALNI_MYsepQxJ79h40_6v6XfVTRdIlpAyw&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=40&uci=a!14&btvi=2&fsb=1&xpc=JXW3qJF5H0&p=https%3A//www.farfeshplus.online&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6b69ba0757b1def6071366796fc763cc84df9c7c3f0a862f2fca906792c54b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 12:24:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
151467
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1510
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 11:16:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Aug 2023 12:24:16 GMT
ES52.svg
tpc.googlesyndication.com/sadbundle/4021141043651788466/ Frame D25A 		10 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/4021141043651788466/ES52.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=250&slotname=2097210043&adk=239546933&adf=1297813666&pi=t.ma~as.2097210043&w=300&lmt=1660112923&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923349&bpp=1&bdt=1012&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1760ac1a23b33a3-228f92b8e9cd00b3%3AT%3D1660112923%3ART%3D1660112923%3AS%3DALNI_MYsepQxJ79h40_6v6XfVTRdIlpAyw&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4043&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=40&uci=a!14&btvi=2&fsb=1&xpc=JXW3qJF5H0&p=https%3A//www.farfeshplus.online&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4ca1dc49d5322b47dc3f27b0013377031a7e39c52cc23c05edea489b39e4588
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 12:24:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
151467
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4007
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 11:16:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Aug 2023 12:24:16 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012207221643000/ Frame C600 		220 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js?cb=31068846
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e78609c13e44bafd8f619e97e02631aea063465da09c9f1022a24a30f2ecd192
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
137438
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61462
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"006401e583f0e23c"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:05 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012207221643000/v0/ Frame C600 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012207221643000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js?cb=31068846
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09bdd678609812f4311a2a3ae3b63b08b35029f886975555f704a3f79fbbe2d5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
137438
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5196
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"bc8caad49b08d8fb"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:05 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012207221643000/v0/ Frame C600 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012207221643000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js?cb=31068846
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
866c3e7e9c3ac0d8e0df50f622518445b0465dc4a34bbb6082b6c27391d77dbc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
137438
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28864
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"14e9be8f3cf5efda"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:05 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012207221643000/v0/ Frame C600 		72 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012207221643000/v0/amp-animation-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js?cb=31068846
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
924aace23e54fcf154a07509debd7336088b7546df4f6566062f477b6ed500a4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
137435
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16646
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"662bf586d06a4736"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:08 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012207221643000/v0/ Frame C600 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012207221643000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js?cb=31068846
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b396ad1f1cac053ea579e5989462b206af7fb863907bf319fe02d2a5ce29aebc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
137438
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fcd376918b45715d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:05 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012207221643000/v0/ Frame C600 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012207221643000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js?cb=31068846
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c9464895887e89bf485eb9a07e7ebe22ff70133a8bcb1e19a0774ecf67703a8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
137438
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12959
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fd6c62727a90c1dd"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:05 GMT
css
fonts.googleapis.com/ Frame C600 		2 KB
539 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js?cb=31068846
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
42fc207ebec992c03f7e8b3bf2f56ed07d798add6da0d4e91777eef7c9262875
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 04:31:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 10 Aug 2022 06:28:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Aug 2022 06:28:43 GMT
css
fonts.googleapis.com/ Frame C600 		3 KB
549 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:700,400
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js?cb=31068846
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2604b45b39193f2405a1a4b4f93b2d769fb6a67c8f1d0b097343e540c7911ec1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 05:40:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 10 Aug 2022 06:28:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Aug 2022 06:28:43 GMT
ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C600 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ar.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js?cb=31068846
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 14:47:43 GMT
x-content-type-options
nosniff
server
cafe
age
56460
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
9421415325968714010
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2737
x-xss-protection
0
expires
Wed, 10 Aug 2022 14:47:43 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C600 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js?cb=31068846
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 17:34:18 GMT
x-content-type-options
nosniff
server
cafe
age
46465
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Wed, 10 Aug 2022 17:34:18 GMT
l
www.google.com/ads/measurement/ Frame C600 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTs9ewefRpA7fIUsRoRTUdc0IiAgNqC7wliJBZkY06eHyKUf-wt1Cl-2SAnD9l8q6sMCzBHPQ88lAI5umFLdRD0pfCisA
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame C600 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CuUnnG1DzYtejG4Lv3gPPioyACcWUhd9prs7Nv_YPid6Po4wZEAEglZvKIWCVqpSCoAegAe-89NIDyAEJqQKZVRKFdUGCPuACAKgDAcgDCKoEhQJP0CelY1L1by676qdo8l9CipHMBvQYCmrUdOhLoJVNHeuZSj1BgkYxwdxFu6hdXIY9IhCZW3DGcCfrqn-uE3fse0P0gcQq3-BHpGYfw0DjXDDNPwkGDf7ZcjdULQe4dCG4yMWW1UNIS5tF512DAeniqs2QYMFyHBpUErLiPjuPSp_hOrcm-_m26k_sCiNIiRs8HjMj9sup-53f92ZkYIJzGogXsPyhw7wADSD_ifVIExQ2HZQunZihrOH-qq9Likwkzkka9QA5ivy2hHj-IxwjP3wifId83Pdyao3yoVX1o6Qt3zWkyftGjRgIS5ywFksVabZrV_45UY_cNaBnwEjUUICo1yjABLrj4r7cAuAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAf5wostqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQt6M00ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTU2MjAwNzA5OTAwNTcyODCACgPICwHYEwLQFQGYFgGAFwGyFx4KHAgAEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=X_0NuLbaHgY&uach_m=[UACH]&template_id=419
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
0f768be229cdfa7a4e4f02ce96f827b7.jpg
tpc.googlesyndication.com/sadbundle/9433345710208576427/media/ Frame C600 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/9433345710208576427/media/0f768be229cdfa7a4e4f02ce96f827b7.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
970eca5b2ecb52161d13600cfb3279ebac95e3c20f5331cd98b1e58fd77d8f70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 14:47:23 GMT
x-content-type-options
nosniff
age
142880
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22808
x-xss-protection
0
last-modified
Sat, 19 Jun 2021 07:58:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Aug 2023 14:47:23 GMT
6bc6208b326de26fe35aabfb2d3912b1.png
tpc.googlesyndication.com/sadbundle/9433345710208576427/media/ Frame C600 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/9433345710208576427/media/6bc6208b326de26fe35aabfb2d3912b1.png
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1690f7baeec0cb5bd6635dc5c1ede1b1894c3f03c37ba0a1b4bff555d761ce8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 14:47:23 GMT
x-content-type-options
nosniff
age
142880
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2749
x-xss-protection
0
last-modified
Sat, 19 Jun 2021 07:58:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Aug 2023 14:47:23 GMT
98daca3b16f96eeac4bcca0dd5ab3cd4.png
tpc.googlesyndication.com/sadbundle/9433345710208576427/media/ Frame C600 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/9433345710208576427/media/98daca3b16f96eeac4bcca0dd5ab3cd4.png
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21068b36778a59c50ec3b410358d6a264a3629514ff3285fcef4c85b3438c645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 14:47:23 GMT
x-content-type-options
nosniff
age
142880
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1948
x-xss-protection
0
last-modified
Sat, 19 Jun 2021 07:58:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Aug 2023 14:47:23 GMT
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.13&b=1&r=farfeshplus.online_728x90_sticky_display_bottom_stiky-bottom&sy=74a526a9-a05c-4046-9127-e941198f809b&ts=90&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.farfeshplus.online&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=a683aaf6-8d0e-4279-b003-98d6543a4e4e&e=lm&dsReferer=aHR0cHM6Ly93d3cuZmFyZmVzaHBsdXMub25saW5lL0ZQNTguYXNw
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.1.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id
01G7ZPWH81GAPF7W0DSP0JFQJ5
date
Wed, 10 Aug 2022 06:28:43 GMT
cf-cache-status
HIT
age
2263043
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7386ac4e9a37bb8f-FRA
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/ Frame D598 		350 KB
62 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/index.html?v=b208246486
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84a8ae2716c5ded3c8e7156842e9a539a0ba355d38154a74675041d65da61aff
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1911
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=0
content-encoding
gzip
content-length
63269
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 05:56:52 GMT
expires
Wed, 10 Aug 2022 05:56:52 GMT
last-modified
Wed, 06 Jul 2022 12:51:32 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 83BB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CQHc_G1DzYtXME4uS3wO67qfgDKPtpYRr0s_-36QQ-cj93wUQASCtiYMmYJWqlIKgB6ABr4SDzgPIAQmpAhun-3ovILE-4AIAqAMByANIqgSZAk_QFgJz-qVIce4i_DVMRmgtHKDkbPQG8ji3xhUh6JFwn6IN1Pe205imciaOMpAJoq5NJNSLK2t7zvb7T6wg5KeuOul_BGxcDSxYpR4SZtltKpj6VkAhrzQtHxW6_2pG7dCDSRhNIysDc0TrqTCm8qkMitk-FmqknkjdxW9t8YruZOu7A-GiocqXSPlr5h9T9MU4N6RpAEp3Ys456STCxiiUoWgIWEAgtce1sKpjlPprXQDOP9imj4Ruv-VL-Z7fAae0pHkrVlKv144Q7DA7gGJoOpwA8E6OtkTKZYc8fbiQfUTCKLYq6lcHyDVIwsSDWkCZeEsl2LxEBwNbZrluYFsD5uUTMgjVAfFWp1drCC_egap4bG7rVLoTwASKj4aIigTgBAGSBQQIBBgBkgUECAUYBKAGLoAHufv8MagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMWgA9IIEgiI4YAQEAEYHTIDqoIBOgKAQIAKAcgLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi02MjY2MzEzMTkwMDg3MTczGLXyFA&sigh=hSWpy8o_-f8&uach_m=[UACH]&template_id=419
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/ Frame 83BB 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/abg_lite_fy2021.js
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 05:36:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3129
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9660
x-xss-protection
0
server
cafe
etag
13823643058518418725
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 05:36:34 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame B8B1 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiVs_fOATAB&v=APEucNWI5IDkLHloyMINOUrYCuaYVOBXXWj4JdoUVDTDP61bqlATf82Tpk57BaAwkMYraE0lxW4n6POeqWU2Ev5sdyY_iTcbR5CKULRIIK9rYpIJVHxURmt_X9utnCi-IKb_f762_Drhy-Ec0GfADsYh5zZN2DnskpbjAg-Kkr6FsOvV1eD9vcs
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 06:28:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame D33E 		83 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DNmQwGR2-JpsM2tiQAv31_kixetxy10nCE1d5_88_R5DCk8gY5IBW9JHHUagJ-aAmPASB58YsFlaESeZ_nVC_EArgDcQCnI0mCgId5l2ZAHA1vQcFn8X0rbfUoqznsoIfWEq6M0x2iKQfc-CV76EakH7gG8w&dbm_d=AKAmf-D7WIz9bSOS0bei21bfZT02x8qiylcASUWM_5XPpjxlEC6sMFfZJw5M_GPdMafIm4Dggp5Pf07yOXFe2ksOMlXklQSXpfZIZFgNiAg0N4imSeO-lyIMMtwnQkqEEygoI0fv5CvQ5Mjg9CdoADPesJlXp2pyBSKp9wjbEp6WaILKH7u-z5-2ngg_P8Enaj9ODLT3fnafP9l6ZZYL0dVtQu_ufb9H1bZ_qXfVnCky9PQcaeDorIdqSvh9VdLgXm6YDBV6KsBnmOc9rbLw0c3QyCbJB6RrW2eK8taGlTaHkwlo2cyvyfrSMCiubnFCfZoNsVjHbyJwgyAGl5RDugN-6AeG0NinwZJaqcFW370fgHAvP5pNHxIDOr0ultyFnJ3PMPPafIVdXuvJHljJkvKBYHEg9HPbV_B_0cez2XF6AtttTglEq0nLDG-2F9WBe9pl58plS_6jeghvnsWjaqYVR6IRD_1RASzGdDg5Rm6u-P29v-hD3LRRa3G3M9XBg15yjUPdUYXePBXfQCxBOQRnSP3qAtDiTiaxlcnHVMTrqkxC4qTOWQAAMAy_fk4MQyIRnMdF5twrTQXcMzpa9E8dUyaK9heRC-AyhARNzmjlxMh3N2224N6XMjja3FYbSZwYyhXE38nGAvxD1PMG4OZCbN0rAHM4BU9ignXYWpUMYqvidCA-sIsY_CumClB_sz4wnX_6PoJMPrnpdyM9zQU2pwcqJ4FfGo-iPAw96flrdSqUConyppYKu-6PcXweJrp7CprwO5NPZ1rEjmfN-a9RMSzzBelaW93466q04QSbfRNkEEDMqIuro89R10zbkIlh6XlZr8RXJNn0a4H5yt_nKnTnJPFBC1Mv32aP28qfU1WpvjIL-PB74z5Bi-6c3FoFD65p4oEkJufzC6E4-0WGlJT4mRfzRYIAkANJMefEoOfLuK4q2eBQ7nBtttXzxMoZlj0D3i1Hc9JlR8H2rX25t-4OI4_5QnHwrF9LAzLP9WrZjDS73stjXJlQ0tXptrzu2v5FktKNwXUjNYhV7DAddNu0S_lQZnCnAd9K974UkbUzw5Ci3wqml-fT5NAuGbfRZdEsj6Fd_8O-iZNsIaMUqUyc3Rjj3-7G67Pmi-QlisyfDvp0aU0q9bQxM_xBVnzY4Sa2oGAIwrWbx0GXJ13JG3jhBAcEN-fr7W5M6KRxSw0aoWmzfA7EKfSt9CnMgCgeRKaj_QN3TWaA2ifqeJkFfXnqrlusWx_R8a3AjX7viPOC9TW0FkWGsYUHZpURcZpGWfiq7W69PTRSB70_ctwepnLS3z5Ket5aGiuuNwxh4eCIVZFDU2pIXGuclRO-Fk7oyMxtWkvGhk8tSPVCUxNKTg369bsXdDlk3MGJd92HNOroyGVCs6HsD5DqvdHhTT3GlTc1GMIRczODJPcnGhQ7EDvXJ7QpFkSCdYAQBQhcL2ullHFOUyOVVz0Hee5rDJGHW8Nfi1KyAlOyxM38GzPE9LZ1zB81088wKW67S5D8TTvI1Jfml0hNLxc-X9lvLuK4jdjObrWYDt03RWFkICwlGVn6WXr5JcjMp8YL2aLIpkENM5Q9Z5srwTv9E21C3hnYU43i6Cc2DTlb1CLNToliW001IUcOWwAZq21lemscapMix5_Yf3qEv9TGYCQ41HIa6PHmNxBTPHO-6zOAxSDzkopRTI66j0MvpLOrDjpRS0jMjarM0QwczsQczUv3LIqPuABb5gkoq0uKGsNYMKfbw6RwY2WCalAgjrgwvizGcxrrl0XSQ87A298mMQ3n7hCjADatN1ewTTN-m7AWqS-B7ObBKrMB5DxwBFnpJ3vC-Awhy9TkHAfsJj_5Ug8IJvQXjBfMiNls40Xr7jdiI5520mMdbWFoXHAMbkp9EoOnd1-CBfoNf-UPXxw2G5tp-b9QI_ost3YFiaF3PpWLCZjYRPQPz9Vu6Oi_NLQpwTj-X9tdElLlmPdP_C1lpYILVhlaW2ELok3WraRBsy83QMaRYlCEUozFMCfjpT2ALZbIL3jKDY8mb6xi4NBBGIY40pI5uyUw4mDIRZz3KJMdgfhJNyilTdp1RbmrrOs_0ZUiQn8JQga4t93T2na235F0BmEaels12LJeQe4OVDZ7aZj7ppsEDggSZ0jwwxsVoXUY7No9Rt4BlxYSWss6xeIECqPzDFT1xyDnsBdaugrBF8nbscQhPqJALI5FjmtAvgFN5vqTKtlvx10Dt_HBRFjqupydJThw9DgXPG_3O0x7m8F3aQltWNwVswwEPa4IxdT9dFy2vF8NfIMhOMlitwRHZvMIx0FQuEvaK_3F2nrZPldv9LppLmH9WBQI0JKojAHMgHhCCXweLdAFhwRhJ7yPXTCQV0MSde6LfCse_xIAiOBs5mT69DmeEZUspnkNOIxO7m7Eqzut-mC_P1GoOAyHMr9L7oR2sOu4BboLTpwu14lGa2JRtyexAOPXlO7bKHFE52PuNN6itP8E_rrkUcvkcLa0wbudAR3W4qdQ6cnh9xdX_2UVO2lMQFHBC4wRDCswbnTBIPE5aMoUsm0kVvSp-TzzXj5TDcG7lUSYV1i-w9TkOebMu-b0xgJq5dwktmzY91UiwXJmz5a4giKnQElFPRJKCWTUw2SL9XxT7ruYQ4fp2KFQGYaLXPwaxWrl2W3vrayosxxfRbRWZqe8YSLpUsMJShcSUed0Z4gceKuHraMDfwsNhgI26hWOqfQAMU-dzzdxMyEs2QOI31AhK6aJZMiIqsl-z7J6wUvnFPPVCUbA6Z-0zxykWqzfkDgaA88zI7m4zX6D_radi1_l3IEr28kW-Rg3qh-TDPVLWNdgCiBoX9H6dC0Kggcb00o7-2G3HMCORv_FWwolYljudffWjHOyesgi2vqf-4l2P5v_hRbC8Du4nf056AeRl-74mZpdglSRdyZSOt-I5st54Yh56jRpoxLXcOsNkQxHxzYEDKJ2OT2a_hBV6HSVvcMV6dF5lZ4oDUQjzfgJclYG3RkObhrxA47rGN4sZLDaZHPSrYBn3THqagHOOa4pQTBzGAScToi4fQgz_6wgvEFEAZ7iW5QkhnBEi0IIOE0I0wogIHATtkDlFZArD_aCi2_-oOKV4ClaNRGbtNAz9DFPnEdYvMqqUclUpyyKRWYLuswyQQ3LP68Qr5fiNg_n9QTPr42ZOyUCn9X7iADgdW5_ZG1kbuv8Ecvy1BLKgnH0N-edVPr9-mSjlcpOJBRA9WHhNmmDJMavnfPeY5QCCPpywfNF6Aet2KlixW_7oWghiwh4FDgSeB_T54CrBRapL6U1GcV1sghXF09H3qHAZSBlrczosjuY31C_3wX9nP8rx5XmWRLW50VR-HJlLtguQcPabCOZ3OWfB72AEdIjQGOzwpPi2d2gTt9wPZmeMqgej6ZBuTFToncPsUprwq2iRhcBZL59uT60FP-sZOzqkhmJq3LCwVdWqgK1lzhpc8YuH-W9sYrGmNEvj25Z1OwMleOFaB2mnoaPD15HulKSKzHAXHUGGoOaC00XtBpl&cid=CAASJ-Ro61A8Aq-2obQ-Y50Y1bCwLBdmJU8jpoCxaoOf5UVTFRYv2EjtGQ&rfl=2%2Chttps%253A%252F%252Fwww.farfeshplus.online%252F%240
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50d76cd9ab4e560cf92c5e1389e577042fef840f21f4464fa919785bdd2906da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34785
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame D33E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:01:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1639
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 06:01:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D33E 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44011
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659958456967243"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Aug 2022 06:28:43 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame D33E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 05:59:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1769
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7596
x-xss-protection
0
server
cafe
etag
12715132177492665634
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 05:59:14 GMT
l
www.google.com/ads/measurement/ Frame D33E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ5qH3NhFU0-3qKpUSnMIy2DHv3svAntcMWTf-VafrMRUzC7b5H_rgWSSqiWg2sD_AbKd6g-NQwWQkO1aRxCyTjluOIQA
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame D33E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CkUZAc6JrPmQ_DGynyWoRwe1p9pfkbzuAqfpmpWRNYLqoPSNZ10W1coE8pak0CBoSyy6Zt_1aTv55GQdrpFOxA401aKhhlAihRWHya8oYD8trtCdw
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame C600 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e22d0b219a8a6028584d46514b27734130c088950c06cd075bb6f75f1209329e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6379025172620985042/ Frame 4D0C 		116 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6379025172620985042/index.html
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
392b17e3300df229a2cf6beeeb31dee8bca37b458d08d6a1cd6fbf824933c1db
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
28820
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
21790
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 22:28:24 GMT
expires
Wed, 09 Aug 2023 22:28:24 GMT
last-modified
Fri, 15 Jan 2021 16:38:36 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 3B04 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CzYNSG1DzYoW1G5bP3gOirYmAB_Wn471rlc2elqMQ85mBvpAOEAEglZvKIWCVqpSCoAegAa-Eg84DyAEJqQKW5EDEaCCxPuACAKgDAcgDSKoEjQJP0ITatw4slQNR8N9_t8Wp7FfD84P8pTjQWK1n-ulh-BANNOHIrEjglH8b6NMAkfVMDopqUEv3H6tiLECmd1t9Txn3qARL0yWPQZ6rlfRioxasEQoagvDqHyDoWOT_iDla9S-9J7J3AtU4hKmw1WEFoFNwapft75LvnsbxN8yhxKZTKxfHSTYhEGXBYfqLLJo-hdrdKo0BC81fbo-gdnExigDP_fN1Lyqy1rKgXNAXv2Age16cBfGvf61cHr7EK5cH3Q6WQty8eVeXXijFFMT5K2XUcfVEb_NTArhbD0lYHeFsnWZCTDUcQE2i25W8iilFMgejSkX3AcQ3TkC_588UG3feqW9qucdvrk23psAE3a_EsvkD4AQBkgUECAQYAZIFBAgFGASgBi6AB7n7_DGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBRCHm8EB0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTU2MjAwNzA5OTAwNTcyODCACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=PkyuQ63tn8E&uach_m=[UACH]&template_id=419
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/ Frame 3B04 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/abg_lite_fy2021.js
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 05:36:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3130
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9660
x-xss-protection
0
server
cafe
etag
13823643058518418725
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 05:36:34 GMT
index.html
s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/ Frame 6EB1 		21 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=3Mrl2xzQ8k&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1c179a35bbd5bd7f163ee50d2bd50ef441e5a5d321bff57ab78989540bdb068
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 06:28:44 GMT
expires
Thu, 10 Aug 2023 06:28:44 GMT
last-modified
Tue, 10 May 2022 13:01:16 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 2503 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu36kavZsITuuSa1w6pzhch6p7bDZg2e5pVkG_zp0bRlMZrQj003LTr7LJPND19fp45zWR7HlHCfFNayzX6mcF2mQQNeprB9BeR5uvp1vM7EG_HqdP9MT-_5PLgULnxVcWLVJbb2DnEnArlJ93FEvhA1NP-MBoAoXN07ObzmVZGwuJZdjvBETGhcTxTMbyeaJsLr_LcC7fFjJ9XEAPjnrMEdcrSQa1_i_e254C01BQPel3AoEtXpJH17T0fGriado-pwl00gtJ0EuFp_FX1cstaTlIzSIhfwrdgwys6RYGgvBP68zqH4UK7Fmd3NXSYyKgC4DrPp46PuQXhRUMkRcorARvOSklsVntQghjwcCbt-XFHtNMg5M1ZOv4AbiZd_gAZ-_8O9rIirwuEc3pA32Vi2-PYpW94fV5qzni0tg27jGzzQKA2-7NbsxVgVFz0HLY52JPypd-Adp7Ancl3p2ARGtjt40AzxZJ9TQw9rZKIQzIvCCP6EiQpc1Krlflbi5m-fzIZXjd5brQRqpW-eUvOukY1L5UZQkzGJN1ELiOdP2auZKuX9BRw4TFfuXzidcC_ZaM5Gr5XBAWSbrVyuz3fYRytt5RuOaEfSYAq9XKHJuBk5ocp1UTCa1hYx40PcDwITAOjScZET6Eax7HojkatwvjzSGkNtMzmcC9x4Rw_sE_bSYnxb59wHm9wECdmC9JpaKywjNHL1iqrumKOtqVekCKNyIiIIvMvvKhVJw4tYeNzwyahGApJ3CdhyUSsQMBKrTDGpGxZZBK1-orpwySrcY7vs_9L1pHy5u5NsAp6dcmoxHg3oIAZOMObQqYRzMullVWx9AAU2GrZ3Mn0jEwMbeVrchzk295f0g5LnW_uRQhAgzB-K3V9TYWs5c3KbSX_CQ2OjKj71qj2Qw-JBwsi65NXfz4o-zOZx-dwzfTzbqTXThcwhvsnU3dNn4Bc8WZbr4-WTEcgooxEt8LSqJQ-gbSN17v2vhXgl_5yS2LL7ERCRUYYmllG4x_rS6GGScXbI4SuDliPIis1cKD68a4ORAGy2ocW3bs5dNsQGFJcRCt34qnlaFp7LPAyj56X2vQsbzG0NScuMwqnr2egIfzQ6lGqvvRUz2XtQBS4XcxK7xNB2Nf1nvAaQPlY81veBBusKbG0VMGAGFfalGw_M7q7J0CtJkmYs9rnNMvsEzRxwhq0tWliGK4H7M-jDR0K0jICe-jY2NQhXakEaSHh-YtvlF0XkAxTfzQ_r3QYs-xStZGfP718-FUNtwfxrsQcYnf4nS7WSljUqdQUJvwa&sai=AMfl-YSsn1rD9ELnQ578h37VA34f-GEqnUJbkk2GLhqwXUUwkrLDI-SL5vnsA-W1RQdBHw_6T_KXD8tZlBdLfzWjtKg1GPgfNTerQhrS6DggX52GJ0Tt_dv_fYqsgW-6yA4reEfsQ0Z4YttSaDluc4o-Yg--de4yEQ&sig=Cg0ArKJSzMUsbW999DhbEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=281&cbvp=1&cstd=275&cisv=r20220808.72535&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Wed, 10 Aug 2022 06:28:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A240 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 07:40:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82071
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 10 Aug 2022 07:40:53 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A240 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 05:09:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4775
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 11 Aug 2022 05:09:09 GMT
vast
vast.doubleverify.com/v3/ Frame 496C 		16 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vast.doubleverify.com/v3/vast?_media=3&ctx=15911784&cmp=184716&sid=18330&plc=6566075&adsrv=29&blk=1&_vast=https%3A%2F%2Fservedby.flashtalking.com%2Fimp%2F1%2F184716%3B6566075%3B208%3Bxml%3BDV360%3BDemandCreationTheWorldIsYourCanvasPhotoshop2022Q3DEProgrammaticDV360GilesAndCecilieTargeted15sVideoVASTDSKAudience16x9%2F%3Fgdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%7Bs1%7D%26us_privacy%3D%7Bs2%7D%26pbMethods%3D%7Bs3%7D%7C%7Bs4%7D%7C%7Bs5%7D%26cachebuster%3D%7Bs6%7D&_s1=&_s2=${US_PRIVACY}&_s3=[PLAYBACKMETHODS]&_s4=[CONTINUOUSPLAY]&_s5=[TIMESINCEINTERACTION]&_s6=[CACHEBUSTER]&_api=[APIFRAMEWORKS]&_ssm=[SERVERSIDE]&_tsm=[TIMESTAMP]&gdpr=&gdpr_consent=&_abm=[APPBUNDLE]&_pum=[PAGEURL]
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220801_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
165.227.238.198 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
83bbed9fabf29afd818f2dc6832dc08216f3d56badd9b69df5cd34c487c30f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:42 GMT
content-encoding
br
vary
origin, accept-encoding
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
none
timing-allow-origin
https://vpaid.doubleverify.com
link
<//cdn.doubleverify.com>; rel=preconnect; pr=1.0, <//rtb0.doubleverify.com>; rel=preconnect; pr=1.0, <//tps.doubleverify.com>; rel=preconnect; pr=1.0, <https://vpaid.doubleverify.com>; rel=preconnect, <https://cdn.flashtalking.com>; rel=preconnect, <https://vtrk.doubleverify.com>; rel=preconnect
expires
0
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame C600 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:700,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.farfeshplus.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 17:46:43 GMT
x-content-type-options
nosniff
age
45721
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Aug 2023 17:46:43 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C600 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.farfeshplus.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 20:10:25 GMT
x-content-type-options
nosniff
age
555499
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 03 Aug 2023 20:10:25 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2503 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=8400035594&adk=833794805&adf=3132389021&pi=t.ma~as.8400035594&w=160&lmt=1660112923&psa=0&format=160x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922945&bpp=1&bdt=608&idt=362&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600%2C336x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mE4KS0So69&p=https%3A//www.farfeshplus.online&dtd=366
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 16:26:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
482559
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Aug 2023 16:26:05 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame EB31 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=8400035594&adk=833794805&adf=3132389021&pi=t.ma~as.8400035594&w=160&lmt=1660112923&psa=0&format=160x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922945&bpp=1&bdt=608&idt=362&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600%2C336x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mE4KS0So69&p=https%3A//www.farfeshplus.online&dtd=366
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
59272
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 14:00:52 GMT
etag
48472445140208031
expires
Wed, 10 Aug 2022 14:00:52 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/api/ Frame D598 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/index.html?v=b208246486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75a3c4df376bbd4bc194cbc937fe521ffc4d712544c7ea330d1b4802a076958f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 10:06:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73359
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2639
x-xss-protection
0
server
cafe
etag
15893831270588722589
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 10 Aug 2022 10:06:05 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/ Frame D598 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/index.html?v=b208246486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 11:10:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69496
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 10 Aug 2022 11:10:28 GMT
bg.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/ Frame D598 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/bg.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/index.html?v=b208246486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bbabba6631d35956c6f20f923f934105428c75195fac6c9b234faa171ebc85fd
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
15711
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2931
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 12:51:32 GMT
server
sffe
date
Wed, 10 Aug 2022 02:06:53 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 10 Aug 2023 02:06:53 GMT
artist3.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/ Frame D598 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/artist3.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/index.html?v=b208246486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db8bf8f0e0f2aed7fe4115072fc24c929aa16624e8c9d02982bcc78480757351
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
120892
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22820
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 12:51:32 GMT
server
sffe
date
Mon, 08 Aug 2022 20:53:52 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Aug 2023 20:53:52 GMT
artist1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/ Frame D598 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/artist1.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/index.html?v=b208246486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82f960145fc2787df1efc837f7a5633cdf72e48d8945428d8168e3c5fc62fff7
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
137799
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17544
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 12:51:32 GMT
server
sffe
date
Mon, 08 Aug 2022 16:12:05 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Aug 2023 16:12:05 GMT
txt1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/ Frame D598 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/txt1.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/index.html?v=b208246486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff49f817d102f06a3c8158f49a8ca77f21550e283ef5a7bc2a4d0ee3e819546f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
110054
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2868
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 12:51:32 GMT
server
sffe
date
Mon, 08 Aug 2022 23:54:30 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Aug 2023 23:54:30 GMT
txt2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/ Frame D598 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/txt2.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/index.html?v=b208246486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c0d36d715f8ce60be660844dd82445753e8c19e64be004098dc8245eae93d91
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
120
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4301
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 12:51:32 GMT
server
sffe
date
Wed, 10 Aug 2022 06:26:44 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 10 Aug 2023 06:26:44 GMT
txt3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/ Frame D598 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/txt3.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/index.html?v=b208246486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb93c3dc43c05cef4ae157c5f9461412c51fc83cf6e76b562318688fe73210b1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
526100
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2171
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 12:51:32 GMT
server
sffe
date
Thu, 04 Aug 2022 04:20:24 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 04 Aug 2023 04:20:24 GMT
artist2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/ Frame D598 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/artist2.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/index.html?v=b208246486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b30f5c02c83f2272deab11c0744fa36ccbddaf90822af303030b9c142079c975
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
506041
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17690
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 12:51:32 GMT
server
sffe
date
Thu, 04 Aug 2022 09:54:43 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 04 Aug 2023 09:54:43 GMT
tracks.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/ Frame D598 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/tracks.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/index.html?v=b208246486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1d9356630e581e6d5688f3d3d8e0b15b7356c69c7c7144e10bd0bdf8b01dddb
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
79142
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3488
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 12:51:32 GMT
server
sffe
date
Tue, 09 Aug 2022 08:29:42 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 09 Aug 2023 08:29:42 GMT
kolle.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/ Frame D598 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/kolle.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/index.html?v=b208246486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
310e353c7311206ed767033f2debeb8b3eab1eb892836478f3f262a9ff1b68fd
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
177334
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3315
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 12:51:32 GMT
server
sffe
date
Mon, 08 Aug 2022 05:13:10 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Aug 2023 05:13:10 GMT
genetikk.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/ Frame D598 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/genetikk.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/index.html?v=b208246486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74bb0cbb58741defba1828807c0b29c9ca1419f72378df004cfbe208321e7113
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
198528
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5347
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 12:51:32 GMT
server
sffe
date
Sun, 07 Aug 2022 23:19:56 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 07 Aug 2023 23:19:56 GMT
257er.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/ Frame D598 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/257er.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/index.html?v=b208246486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34ab305cb15a1e818acd2df804210adb8dcb88d128527b1948590afa696965c5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
573525
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6602
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 12:51:32 GMT
server
sffe
date
Wed, 03 Aug 2022 15:09:59 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 03 Aug 2023 15:09:59 GMT
fav.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/ Frame D598 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/fav.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/index.html?v=b208246486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d989ad4ebc20d1c076c92ea738a85e166ed21a6e7ae65992d98021d60af8a35c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
526099
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1684
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 12:51:32 GMT
server
sffe
date
Thu, 04 Aug 2022 04:20:25 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 04 Aug 2023 04:20:25 GMT
andi.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/ Frame D598 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/andi.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/index.html?v=b208246486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4051c01deb8fa3fa9654865ab429319bdf168230949cd62f8f68b95c784c333d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
120
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1752
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 12:51:32 GMT
server
sffe
date
Wed, 10 Aug 2022 06:26:44 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 10 Aug 2023 06:26:44 GMT
cta.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/ Frame D598 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/cta.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/index.html?v=b208246486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a4b4fd65128d556698d91d15c79cab646259badc9a3a090c5337cf28628fe71
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
254519
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1999
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 12:51:32 GMT
server
sffe
date
Sun, 07 Aug 2022 07:46:45 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 07 Aug 2023 07:46:45 GMT
title.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/ Frame D598 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/title.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/index.html?v=b208246486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7eb2510ecbcb7a3940860c6d35e54fdbce097480e5fd0e5b9facd6d2c0dd2dd2
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
137800
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3512
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 12:51:32 GMT
server
sffe
date
Mon, 08 Aug 2022 16:12:04 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Aug 2023 16:12:04 GMT
title2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/ Frame D598 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/title2.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/index.html?v=b208246486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
055419370cfcd9852b4817adda8826937155bd8c2da1e7636db63e9893dbb8e5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
564036
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2657
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 12:51:32 GMT
server
sffe
date
Wed, 03 Aug 2022 17:48:08 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 03 Aug 2023 17:48:08 GMT
cover.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/ Frame D598 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/cover.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/index.html?v=b208246486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
977fa7457d9090356470880119dee7d32a8c8a23beb9ddb4b13314ada5bcc545
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
565440
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17324
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 12:51:32 GMT
server
sffe
date
Wed, 03 Aug 2022 17:24:44 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 03 Aug 2023 17:24:44 GMT
logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/ Frame D598 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/logo.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/850270515666222008/index.html?v=b208246486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec35d12680c196a78c441c1ecad8aaa2b3d93dd413720cfe294f938f937c75f8
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
231171
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3286
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 12:51:32 GMT
server
sffe
date
Sun, 07 Aug 2022 14:15:53 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 07 Aug 2023 14:15:53 GMT
rum
dsum-sec.casalemedia.com/ Frame B8B1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAT102Vmx5qErHIY8USfUnk&google_cver=1
43 B
908 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAT102Vmx5qErHIY8USfUnk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiVs_fOATAB&v=APEucNWI5IDkLHloyMINOUrYCuaYVOBXXWj4JdoUVDTDP61bqlATf82Tpk57BaAwkMYraE0lxW4n6POeqWU2Ev5sdyY_iTcbR5CKULRIIK9rYpIJVHxURmt_X9utnCi-IKb_f762_Drhy-Ec0GfADsYh5zZN2DnskpbjAg-Kkr6FsOvV1eD9vcs
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
7386ac511e4592a8-FRA
pragma
no-cache
date
Wed, 10 Aug 2022 06:28:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FTzBR%2FsHPBhCCJDnwqIy66kTAMfFVSLcNJwVjqt7V4UYd0JTC7aP2l5ITTyuP32PvZeP1zeVCpdagOjOMNPsF4DiSgRMMzbG4fQyP8YsoSLCAm43GLzVoWnIcSUXVrW8yCIapaCxyHvmTg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAT102Vmx5qErHIY8USfUnk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B8B1
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvNQG2SNzLmPXUfux7me6QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAMQxBjDHsCdTM3uDCBrjHQ&google_cver=1
43 B
908 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAMQxBjDHsCdTM3uDCBrjHQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiVs_fOATAB&v=APEucNWI5IDkLHloyMINOUrYCuaYVOBXXWj4JdoUVDTDP61bqlATf82Tpk57BaAwkMYraE0lxW4n6POeqWU2Ev5sdyY_iTcbR5CKULRIIK9rYpIJVHxURmt_X9utnCi-IKb_f762_Drhy-Ec0GfADsYh5zZN2DnskpbjAg-Kkr6FsOvV1eD9vcs
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
7386ac521f1392a8-FRA
pragma
no-cache
date
Wed, 10 Aug 2022 06:28:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NauXdqqMcO8nFBwn6TE3xgAq8ZofAdspjLR3koTt%2Fm7aA8TqQKpouVoVxuIL%2FdROKK8eGa1rVZAwiKif94R8T37EbxWnrtUFR8rbRDMhvoXLZ5WhRj%2FmvwJSTE2cBSd8865cXGmOe9NOtg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAMQxBjDHsCdTM3uDCBrjHQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame B8B1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEEtp-tZTmCs4PSrruPkZ588&google_cver=1
43 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEEtp-tZTmCs4PSrruPkZ588&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiVs_fOATAB&v=APEucNWI5IDkLHloyMINOUrYCuaYVOBXXWj4JdoUVDTDP61bqlATf82Tpk57BaAwkMYraE0lxW4n6POeqWU2Ev5sdyY_iTcbR5CKULRIIK9rYpIJVHxURmt_X9utnCi-IKb_f762_Drhy-Ec0GfADsYh5zZN2DnskpbjAg-Kkr6FsOvV1eD9vcs
Protocol
HTTP/1.1
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Aug 2022 06:28:44 GMT
X-Proxy-Origin
81.95.5.36; 81.95.5.36; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
9953d871-a164-42ad-9227-39753823f8b3
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEEtp-tZTmCs4PSrruPkZ588&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B8B1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ4NjA5NjUxMzUzODQyMDY5
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ4NjA5NjUxMzUzODQyMDY5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiVs_fOATAB&v=APEucNWI5IDkLHloyMINOUrYCuaYVOBXXWj4JdoUVDTDP61bqlATf82Tpk57BaAwkMYraE0lxW4n6POeqWU2Ev5sdyY_iTcbR5CKULRIIK9rYpIJVHxURmt_X9utnCi-IKb_f762_Drhy-Ec0GfADsYh5zZN2DnskpbjAg-Kkr6FsOvV1eD9vcs
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 10 Aug 2022 06:28:44 GMT
X-Proxy-Origin
81.95.5.36; 81.95.5.36; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
28fab771-9c62-4fbf-bdec-62c661fcfc75
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ4NjA5NjUxMzUzODQyMDY5
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
container.html
6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 708F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js?cb=31068846
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.farfeshplus.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 06:28:43 GMT
expires
Thu, 10 Aug 2023 06:28:43 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.02&b=2&r=farfeshplus.online_fluid_lb_farfesh728x90&sy=74a526a9-a05c-4046-9127-e941198f809b&ts=90&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.farfeshplus.online&mlre=undefined&mlin=0&mlsi=760x100&mlbw=4g&mlcs=NaN&mltp=a683aaf6-8d0e-4279-b003-98d6543a4e4e&e=lm&dsReferer=aHR0cHM6Ly93d3cuZmFyZmVzaHBsdXMub25saW5lL0ZQNTguYXNw
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.1.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-nf-request-id
01G7ZPWH81GAPF7W0DSP0JFQJ5
date
Wed, 10 Aug 2022 06:28:44 GMT
cf-cache-status
HIT
age
2263044
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7386ac4ffbbbbb8f-FRA
s
googleads.g.doubleclick.net/pagead/drt/ Frame 2CE3 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=280&slotname=9134183485&adk=3378407940&adf=438727914&pi=t.ma~as.9134183485&w=336&lmt=1660112923&psa=0&format=336x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923300&bpp=1&bdt=963&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=3262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=39&uci=a!13&btvi=1&fsb=1&xpc=4MUJuJ2tiO&p=https%3A//www.farfeshplus.online&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=280&slotname=9134183485&adk=3378407940&adf=438727914&pi=t.ma~as.9134183485&w=336&lmt=1660112923&psa=0&format=336x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923300&bpp=1&bdt=963&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=3262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=39&uci=a!13&btvi=1&fsb=1&xpc=4MUJuJ2tiO&p=https%3A//www.farfeshplus.online&dtd=4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1066
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 06:10:58 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame A0FD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=280&slotname=9134183485&adk=3378407940&adf=438727914&pi=t.ma~as.9134183485&w=336&lmt=1660112923&psa=0&format=336x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923300&bpp=1&bdt=963&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=3262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=39&uci=a!13&btvi=1&fsb=1&xpc=4MUJuJ2tiO&p=https%3A//www.farfeshplus.online&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:01:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1640
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 06:01:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A0FD 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=280&slotname=9134183485&adk=3378407940&adf=438727914&pi=t.ma~as.9134183485&w=336&lmt=1660112923&psa=0&format=336x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923300&bpp=1&bdt=963&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=3262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=39&uci=a!13&btvi=1&fsb=1&xpc=4MUJuJ2tiO&p=https%3A//www.farfeshplus.online&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44011
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659958456967243"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Aug 2022 06:28:44 GMT
4a.js
static.adsafeprotected.com/ Frame 2503
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/886862/62195782/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_G1DzYv...
  • https://static.adsafeprotected.com/4a.js
2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4a.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=8400035594&adk=833794805&adf=3132389021&pi=t.ma~as.8400035594&w=160&lmt=1660112923&psa=0&format=160x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922945&bpp=1&bdt=608&idt=362&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600%2C336x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mE4KS0So69&p=https%3A//www.farfeshplus.online&dtd=366
Protocol
H2
Server
2600:9000:2491:5400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 17:51:26 GMT
content-encoding
gzip
age
131839
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Mon, 08 Aug 2022 17:51:21 GMT
server
AmazonS3
etag
W/"589d8955c4906ab1b8e63a2f92d932d3"
vary
Accept-Encoding
x-amz-version-id
4te3fsSH3j65D5HH.c2S96rVtHwe6ZmM
via
1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA56-P7
content-type
application/javascript
x-amz-cf-id
pcjPiCF5bJrWRVwsGDXrQz-WJlUzkruFZuNIdKpeAAVt-OdZ4Vf-sA==

Redirect headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:44 GMT
x-server-name
app09.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4a.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame D547 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=8400035594&adk=833794805&adf=3132389021&pi=t.ma~as.8400035594&w=160&lmt=1660112923&psa=0&format=160x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922945&bpp=1&bdt=608&idt=362&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600%2C336x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mE4KS0So69&p=https%3A//www.farfeshplus.online&dtd=366
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:5400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 16 May 2022 08:34:34 GMT
content-encoding
gzip
age
7422851
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P7
content-type
application/javascript
x-amz-cf-id
T-LwFWx6Rr73q4XPXFw-LgaAfKo00KspkQ8itfP16Hz70syrAS4LNA==
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame D33E 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
Origin
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 16:26:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50559
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Aug 2022 16:26:05 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220808/r20110914/elements/html/ Frame D33E 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220808/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DNmQwGR2-JpsM2tiQAv31_kixetxy10nCE1d5_88_R5DCk8gY5IBW9JHHUagJ-aAmPASB58YsFlaESeZ_nVC_EArgDcQCnI0mCgId5l2ZAHA1vQcFn8X0rbfUoqznsoIfWEq6M0x2iKQfc-CV76EakH7gG8w&dbm_d=AKAmf-D7WIz9bSOS0bei21bfZT02x8qiylcASUWM_5XPpjxlEC6sMFfZJw5M_GPdMafIm4Dggp5Pf07yOXFe2ksOMlXklQSXpfZIZFgNiAg0N4imSeO-lyIMMtwnQkqEEygoI0fv5CvQ5Mjg9CdoADPesJlXp2pyBSKp9wjbEp6WaILKH7u-z5-2ngg_P8Enaj9ODLT3fnafP9l6ZZYL0dVtQu_ufb9H1bZ_qXfVnCky9PQcaeDorIdqSvh9VdLgXm6YDBV6KsBnmOc9rbLw0c3QyCbJB6RrW2eK8taGlTaHkwlo2cyvyfrSMCiubnFCfZoNsVjHbyJwgyAGl5RDugN-6AeG0NinwZJaqcFW370fgHAvP5pNHxIDOr0ultyFnJ3PMPPafIVdXuvJHljJkvKBYHEg9HPbV_B_0cez2XF6AtttTglEq0nLDG-2F9WBe9pl58plS_6jeghvnsWjaqYVR6IRD_1RASzGdDg5Rm6u-P29v-hD3LRRa3G3M9XBg15yjUPdUYXePBXfQCxBOQRnSP3qAtDiTiaxlcnHVMTrqkxC4qTOWQAAMAy_fk4MQyIRnMdF5twrTQXcMzpa9E8dUyaK9heRC-AyhARNzmjlxMh3N2224N6XMjja3FYbSZwYyhXE38nGAvxD1PMG4OZCbN0rAHM4BU9ignXYWpUMYqvidCA-sIsY_CumClB_sz4wnX_6PoJMPrnpdyM9zQU2pwcqJ4FfGo-iPAw96flrdSqUConyppYKu-6PcXweJrp7CprwO5NPZ1rEjmfN-a9RMSzzBelaW93466q04QSbfRNkEEDMqIuro89R10zbkIlh6XlZr8RXJNn0a4H5yt_nKnTnJPFBC1Mv32aP28qfU1WpvjIL-PB74z5Bi-6c3FoFD65p4oEkJufzC6E4-0WGlJT4mRfzRYIAkANJMefEoOfLuK4q2eBQ7nBtttXzxMoZlj0D3i1Hc9JlR8H2rX25t-4OI4_5QnHwrF9LAzLP9WrZjDS73stjXJlQ0tXptrzu2v5FktKNwXUjNYhV7DAddNu0S_lQZnCnAd9K974UkbUzw5Ci3wqml-fT5NAuGbfRZdEsj6Fd_8O-iZNsIaMUqUyc3Rjj3-7G67Pmi-QlisyfDvp0aU0q9bQxM_xBVnzY4Sa2oGAIwrWbx0GXJ13JG3jhBAcEN-fr7W5M6KRxSw0aoWmzfA7EKfSt9CnMgCgeRKaj_QN3TWaA2ifqeJkFfXnqrlusWx_R8a3AjX7viPOC9TW0FkWGsYUHZpURcZpGWfiq7W69PTRSB70_ctwepnLS3z5Ket5aGiuuNwxh4eCIVZFDU2pIXGuclRO-Fk7oyMxtWkvGhk8tSPVCUxNKTg369bsXdDlk3MGJd92HNOroyGVCs6HsD5DqvdHhTT3GlTc1GMIRczODJPcnGhQ7EDvXJ7QpFkSCdYAQBQhcL2ullHFOUyOVVz0Hee5rDJGHW8Nfi1KyAlOyxM38GzPE9LZ1zB81088wKW67S5D8TTvI1Jfml0hNLxc-X9lvLuK4jdjObrWYDt03RWFkICwlGVn6WXr5JcjMp8YL2aLIpkENM5Q9Z5srwTv9E21C3hnYU43i6Cc2DTlb1CLNToliW001IUcOWwAZq21lemscapMix5_Yf3qEv9TGYCQ41HIa6PHmNxBTPHO-6zOAxSDzkopRTI66j0MvpLOrDjpRS0jMjarM0QwczsQczUv3LIqPuABb5gkoq0uKGsNYMKfbw6RwY2WCalAgjrgwvizGcxrrl0XSQ87A298mMQ3n7hCjADatN1ewTTN-m7AWqS-B7ObBKrMB5DxwBFnpJ3vC-Awhy9TkHAfsJj_5Ug8IJvQXjBfMiNls40Xr7jdiI5520mMdbWFoXHAMbkp9EoOnd1-CBfoNf-UPXxw2G5tp-b9QI_ost3YFiaF3PpWLCZjYRPQPz9Vu6Oi_NLQpwTj-X9tdElLlmPdP_C1lpYILVhlaW2ELok3WraRBsy83QMaRYlCEUozFMCfjpT2ALZbIL3jKDY8mb6xi4NBBGIY40pI5uyUw4mDIRZz3KJMdgfhJNyilTdp1RbmrrOs_0ZUiQn8JQga4t93T2na235F0BmEaels12LJeQe4OVDZ7aZj7ppsEDggSZ0jwwxsVoXUY7No9Rt4BlxYSWss6xeIECqPzDFT1xyDnsBdaugrBF8nbscQhPqJALI5FjmtAvgFN5vqTKtlvx10Dt_HBRFjqupydJThw9DgXPG_3O0x7m8F3aQltWNwVswwEPa4IxdT9dFy2vF8NfIMhOMlitwRHZvMIx0FQuEvaK_3F2nrZPldv9LppLmH9WBQI0JKojAHMgHhCCXweLdAFhwRhJ7yPXTCQV0MSde6LfCse_xIAiOBs5mT69DmeEZUspnkNOIxO7m7Eqzut-mC_P1GoOAyHMr9L7oR2sOu4BboLTpwu14lGa2JRtyexAOPXlO7bKHFE52PuNN6itP8E_rrkUcvkcLa0wbudAR3W4qdQ6cnh9xdX_2UVO2lMQFHBC4wRDCswbnTBIPE5aMoUsm0kVvSp-TzzXj5TDcG7lUSYV1i-w9TkOebMu-b0xgJq5dwktmzY91UiwXJmz5a4giKnQElFPRJKCWTUw2SL9XxT7ruYQ4fp2KFQGYaLXPwaxWrl2W3vrayosxxfRbRWZqe8YSLpUsMJShcSUed0Z4gceKuHraMDfwsNhgI26hWOqfQAMU-dzzdxMyEs2QOI31AhK6aJZMiIqsl-z7J6wUvnFPPVCUbA6Z-0zxykWqzfkDgaA88zI7m4zX6D_radi1_l3IEr28kW-Rg3qh-TDPVLWNdgCiBoX9H6dC0Kggcb00o7-2G3HMCORv_FWwolYljudffWjHOyesgi2vqf-4l2P5v_hRbC8Du4nf056AeRl-74mZpdglSRdyZSOt-I5st54Yh56jRpoxLXcOsNkQxHxzYEDKJ2OT2a_hBV6HSVvcMV6dF5lZ4oDUQjzfgJclYG3RkObhrxA47rGN4sZLDaZHPSrYBn3THqagHOOa4pQTBzGAScToi4fQgz_6wgvEFEAZ7iW5QkhnBEi0IIOE0I0wogIHATtkDlFZArD_aCi2_-oOKV4ClaNRGbtNAz9DFPnEdYvMqqUclUpyyKRWYLuswyQQ3LP68Qr5fiNg_n9QTPr42ZOyUCn9X7iADgdW5_ZG1kbuv8Ecvy1BLKgnH0N-edVPr9-mSjlcpOJBRA9WHhNmmDJMavnfPeY5QCCPpywfNF6Aet2KlixW_7oWghiwh4FDgSeB_T54CrBRapL6U1GcV1sghXF09H3qHAZSBlrczosjuY31C_3wX9nP8rx5XmWRLW50VR-HJlLtguQcPabCOZ3OWfB72AEdIjQGOzwpPi2d2gTt9wPZmeMqgej6ZBuTFToncPsUprwq2iRhcBZL59uT60FP-sZOzqkhmJq3LCwVdWqgK1lzhpc8YuH-W9sYrGmNEvj25Z1OwMleOFaB2mnoaPD15HulKSKzHAXHUGGoOaC00XtBpl&cid=CAASJ-Ro61A8Aq-2obQ-Y50Y1bCwLBdmJU8jpoCxaoOf5UVTFRYv2EjtGQ&rfl=2%2Chttps%253A%252F%252Fwww.farfeshplus.online%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:21:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
444
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 06:21:20 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220808/r20110914/ Frame D33E 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220808/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DNmQwGR2-JpsM2tiQAv31_kixetxy10nCE1d5_88_R5DCk8gY5IBW9JHHUagJ-aAmPASB58YsFlaESeZ_nVC_EArgDcQCnI0mCgId5l2ZAHA1vQcFn8X0rbfUoqznsoIfWEq6M0x2iKQfc-CV76EakH7gG8w&dbm_d=AKAmf-D7WIz9bSOS0bei21bfZT02x8qiylcASUWM_5XPpjxlEC6sMFfZJw5M_GPdMafIm4Dggp5Pf07yOXFe2ksOMlXklQSXpfZIZFgNiAg0N4imSeO-lyIMMtwnQkqEEygoI0fv5CvQ5Mjg9CdoADPesJlXp2pyBSKp9wjbEp6WaILKH7u-z5-2ngg_P8Enaj9ODLT3fnafP9l6ZZYL0dVtQu_ufb9H1bZ_qXfVnCky9PQcaeDorIdqSvh9VdLgXm6YDBV6KsBnmOc9rbLw0c3QyCbJB6RrW2eK8taGlTaHkwlo2cyvyfrSMCiubnFCfZoNsVjHbyJwgyAGl5RDugN-6AeG0NinwZJaqcFW370fgHAvP5pNHxIDOr0ultyFnJ3PMPPafIVdXuvJHljJkvKBYHEg9HPbV_B_0cez2XF6AtttTglEq0nLDG-2F9WBe9pl58plS_6jeghvnsWjaqYVR6IRD_1RASzGdDg5Rm6u-P29v-hD3LRRa3G3M9XBg15yjUPdUYXePBXfQCxBOQRnSP3qAtDiTiaxlcnHVMTrqkxC4qTOWQAAMAy_fk4MQyIRnMdF5twrTQXcMzpa9E8dUyaK9heRC-AyhARNzmjlxMh3N2224N6XMjja3FYbSZwYyhXE38nGAvxD1PMG4OZCbN0rAHM4BU9ignXYWpUMYqvidCA-sIsY_CumClB_sz4wnX_6PoJMPrnpdyM9zQU2pwcqJ4FfGo-iPAw96flrdSqUConyppYKu-6PcXweJrp7CprwO5NPZ1rEjmfN-a9RMSzzBelaW93466q04QSbfRNkEEDMqIuro89R10zbkIlh6XlZr8RXJNn0a4H5yt_nKnTnJPFBC1Mv32aP28qfU1WpvjIL-PB74z5Bi-6c3FoFD65p4oEkJufzC6E4-0WGlJT4mRfzRYIAkANJMefEoOfLuK4q2eBQ7nBtttXzxMoZlj0D3i1Hc9JlR8H2rX25t-4OI4_5QnHwrF9LAzLP9WrZjDS73stjXJlQ0tXptrzu2v5FktKNwXUjNYhV7DAddNu0S_lQZnCnAd9K974UkbUzw5Ci3wqml-fT5NAuGbfRZdEsj6Fd_8O-iZNsIaMUqUyc3Rjj3-7G67Pmi-QlisyfDvp0aU0q9bQxM_xBVnzY4Sa2oGAIwrWbx0GXJ13JG3jhBAcEN-fr7W5M6KRxSw0aoWmzfA7EKfSt9CnMgCgeRKaj_QN3TWaA2ifqeJkFfXnqrlusWx_R8a3AjX7viPOC9TW0FkWGsYUHZpURcZpGWfiq7W69PTRSB70_ctwepnLS3z5Ket5aGiuuNwxh4eCIVZFDU2pIXGuclRO-Fk7oyMxtWkvGhk8tSPVCUxNKTg369bsXdDlk3MGJd92HNOroyGVCs6HsD5DqvdHhTT3GlTc1GMIRczODJPcnGhQ7EDvXJ7QpFkSCdYAQBQhcL2ullHFOUyOVVz0Hee5rDJGHW8Nfi1KyAlOyxM38GzPE9LZ1zB81088wKW67S5D8TTvI1Jfml0hNLxc-X9lvLuK4jdjObrWYDt03RWFkICwlGVn6WXr5JcjMp8YL2aLIpkENM5Q9Z5srwTv9E21C3hnYU43i6Cc2DTlb1CLNToliW001IUcOWwAZq21lemscapMix5_Yf3qEv9TGYCQ41HIa6PHmNxBTPHO-6zOAxSDzkopRTI66j0MvpLOrDjpRS0jMjarM0QwczsQczUv3LIqPuABb5gkoq0uKGsNYMKfbw6RwY2WCalAgjrgwvizGcxrrl0XSQ87A298mMQ3n7hCjADatN1ewTTN-m7AWqS-B7ObBKrMB5DxwBFnpJ3vC-Awhy9TkHAfsJj_5Ug8IJvQXjBfMiNls40Xr7jdiI5520mMdbWFoXHAMbkp9EoOnd1-CBfoNf-UPXxw2G5tp-b9QI_ost3YFiaF3PpWLCZjYRPQPz9Vu6Oi_NLQpwTj-X9tdElLlmPdP_C1lpYILVhlaW2ELok3WraRBsy83QMaRYlCEUozFMCfjpT2ALZbIL3jKDY8mb6xi4NBBGIY40pI5uyUw4mDIRZz3KJMdgfhJNyilTdp1RbmrrOs_0ZUiQn8JQga4t93T2na235F0BmEaels12LJeQe4OVDZ7aZj7ppsEDggSZ0jwwxsVoXUY7No9Rt4BlxYSWss6xeIECqPzDFT1xyDnsBdaugrBF8nbscQhPqJALI5FjmtAvgFN5vqTKtlvx10Dt_HBRFjqupydJThw9DgXPG_3O0x7m8F3aQltWNwVswwEPa4IxdT9dFy2vF8NfIMhOMlitwRHZvMIx0FQuEvaK_3F2nrZPldv9LppLmH9WBQI0JKojAHMgHhCCXweLdAFhwRhJ7yPXTCQV0MSde6LfCse_xIAiOBs5mT69DmeEZUspnkNOIxO7m7Eqzut-mC_P1GoOAyHMr9L7oR2sOu4BboLTpwu14lGa2JRtyexAOPXlO7bKHFE52PuNN6itP8E_rrkUcvkcLa0wbudAR3W4qdQ6cnh9xdX_2UVO2lMQFHBC4wRDCswbnTBIPE5aMoUsm0kVvSp-TzzXj5TDcG7lUSYV1i-w9TkOebMu-b0xgJq5dwktmzY91UiwXJmz5a4giKnQElFPRJKCWTUw2SL9XxT7ruYQ4fp2KFQGYaLXPwaxWrl2W3vrayosxxfRbRWZqe8YSLpUsMJShcSUed0Z4gceKuHraMDfwsNhgI26hWOqfQAMU-dzzdxMyEs2QOI31AhK6aJZMiIqsl-z7J6wUvnFPPVCUbA6Z-0zxykWqzfkDgaA88zI7m4zX6D_radi1_l3IEr28kW-Rg3qh-TDPVLWNdgCiBoX9H6dC0Kggcb00o7-2G3HMCORv_FWwolYljudffWjHOyesgi2vqf-4l2P5v_hRbC8Du4nf056AeRl-74mZpdglSRdyZSOt-I5st54Yh56jRpoxLXcOsNkQxHxzYEDKJ2OT2a_hBV6HSVvcMV6dF5lZ4oDUQjzfgJclYG3RkObhrxA47rGN4sZLDaZHPSrYBn3THqagHOOa4pQTBzGAScToi4fQgz_6wgvEFEAZ7iW5QkhnBEi0IIOE0I0wogIHATtkDlFZArD_aCi2_-oOKV4ClaNRGbtNAz9DFPnEdYvMqqUclUpyyKRWYLuswyQQ3LP68Qr5fiNg_n9QTPr42ZOyUCn9X7iADgdW5_ZG1kbuv8Ecvy1BLKgnH0N-edVPr9-mSjlcpOJBRA9WHhNmmDJMavnfPeY5QCCPpywfNF6Aet2KlixW_7oWghiwh4FDgSeB_T54CrBRapL6U1GcV1sghXF09H3qHAZSBlrczosjuY31C_3wX9nP8rx5XmWRLW50VR-HJlLtguQcPabCOZ3OWfB72AEdIjQGOzwpPi2d2gTt9wPZmeMqgej6ZBuTFToncPsUprwq2iRhcBZL59uT60FP-sZOzqkhmJq3LCwVdWqgK1lzhpc8YuH-W9sYrGmNEvj25Z1OwMleOFaB2mnoaPD15HulKSKzHAXHUGGoOaC00XtBpl&cid=CAASJ-Ro61A8Aq-2obQ-Y50Y1bCwLBdmJU8jpoCxaoOf5UVTFRYv2EjtGQ&rfl=2%2Chttps%253A%252F%252Fwww.farfeshplus.online%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc4bff6074be2ad7702c978cbeb585f577c317443b756187d418d976a2683f59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:25:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
198
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11825
x-xss-protection
0
server
cafe
etag
9647346768486398696
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 06:25:26 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4D0C 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6379025172620985042/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 07:40:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82071
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 10 Aug 2022 07:40:53 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4D0C 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6379025172620985042/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 05:09:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4775
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 11 Aug 2022 05:09:09 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/ Frame AF14 		71 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=250&slotname=6076681977&adk=2278793534&adf=3181854402&pi=t.ma~as.6076681977&w=300&lmt=1660112923&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923419&bpp=1&bdt=1082&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600&nras=1&correlator=2329524702554&frm=20&pv=2&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4778&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=43&uci=a!17&btvi=3&fsb=1&xpc=S9xagpeohj&p=https%3A//www.farfeshplus.online&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21c1baedf6650bb34b81dec56e17793342bb2d2b3ff229f5c771105a51090536
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
154242
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
18059
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Mon, 08 Aug 2022 11:38:02 GMT
expires
Tue, 08 Aug 2023 11:38:02 GMT
last-modified
Mon, 01 Aug 2022 11:12:09 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 20D5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C5ksvG1DzYu-gHNidywWx4raoC5vUmMdr0t79htkP5Y_8wgMQASDg4tlWYJXyn4KwB6AB6cWqnQLIAQmpAhun-3ovILE-qAMByANIqgTsAU_QqFQUjKWvcCsbqkRiN9oqW3QPNHw2_SHVdHUEbJEbixPoWNxV3FRSc7EQghHLqILMELmdHbXDKNzIFuLcKXb4o6W-ANgm9oiF-G5HklRn4Q7SGV3SEXAoVlQuEiA25fDpFi0hXbDgJAx1Em5Ca6GGeiSJ7di4NqMb_OCVbuEAp9AutWGPh8stcjGoAmRtsdsmF7EfFU3aoqhcImAoiSdJBU0bxPtxpVEdPc7tz36tS_b1nhB4FkGa6v53nqJTaald5s-vGNJlxk9LLOj9e4AHNpUDn2WWKOnfR1mW2D5kQ_oXx9mkw2pGx6u3wASmysjdmgOSBQQIBBgBkgUECAUYBKAGLoAH_7nV4gGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBRCSydEF0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItODM2Nzc0OTk1NjkxNzAwNhgA&sigh=nRVFtZOE2Y4&uach_m=[UACH]&template_id=419
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=250&slotname=6076681977&adk=2278793534&adf=3181854402&pi=t.ma~as.6076681977&w=300&lmt=1660112923&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923419&bpp=1&bdt=1082&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600&nras=1&correlator=2329524702554&frm=20&pv=2&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4778&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=43&uci=a!17&btvi=3&fsb=1&xpc=S9xagpeohj&p=https%3A//www.farfeshplus.online&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=250&slotname=6076681977&adk=2278793534&adf=3181854402&pi=t.ma~as.6076681977&w=300&lmt=1660112923&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923419&bpp=1&bdt=1082&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600&nras=1&correlator=2329524702554&frm=20&pv=2&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4778&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=43&uci=a!17&btvi=3&fsb=1&xpc=S9xagpeohj&p=https%3A//www.farfeshplus.online&dtd=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 10 Aug 2022 06:28:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/ Frame 20D5 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=250&slotname=6076681977&adk=2278793534&adf=3181854402&pi=t.ma~as.6076681977&w=300&lmt=1660112923&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923419&bpp=1&bdt=1082&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600&nras=1&correlator=2329524702554&frm=20&pv=2&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4778&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=43&uci=a!17&btvi=3&fsb=1&xpc=S9xagpeohj&p=https%3A//www.farfeshplus.online&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 05:36:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3130
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9660
x-xss-protection
0
server
cafe
etag
13823643058518418725
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 05:36:34 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 1E06 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1066
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 06:10:58 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 83BB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/window_focus_fy2021.js
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:01:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1640
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 06:01:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 83BB 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44011
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659958456967243"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Aug 2022 06:28:44 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13842806366495536883/ Frame 66A3 		67 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13842806366495536883/index.html
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c285d336c2834ded1deec44dd319b62efce246f36b952ee9210ef3a125ab5d4c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
410335
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
17822
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Fri, 05 Aug 2022 12:29:49 GMT
expires
Sat, 05 Aug 2023 12:29:49 GMT
last-modified
Wed, 27 Jul 2022 15:35:12 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 0590 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CSXPBG1DzYqPLGLmK7AO5rIKgB6360LtrhpOcs4wQ2dkeEAEg7L-QEWCV8p-CsAegAab5g7sByAEJqQIgcRxRqiSxPqgDAcgDSKoEgQJP0AfOg6rZAic77T9iVtZczoRpPwj032K6_Vmy2RRPoJ28ZlmVhEgEF3RjRja38P0Qr7PWkYIo8zEJq0bP9Iw7nrrm49oNgtktAok9Lh8cxU8ed65EGkoFKwKA0DhYsj5qcyQojnNE8mUJx8kldjV8z5XIYoOqPwXy6RtPFGQIGbK9FUYuphdUcE8je15_jLMmi2z13PEh45YsMbbN9qjt4hQGtZxn9IFFBJEMzLBGXMwWHvG4ZCd9FLaTDZxYseQUyPgjDajU6Oj487bkbOW5SR-ZqzbkkypFFkq4i7wEY3NmdAHSbb6CEgpVEbHryV2RQ6yBYD7U1WHUZF5PrR8-TMAE4OHO3aAEkgUECAQYAZIFBAgFGASgBi6AB5PY5iSoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBRCwrJkF0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwvQFQGYFgGAFwGyFxwKGggAEhRwdWItMTIzMTY2MTYzMzQ0MDk4MBgA&sigh=BYIQlmrFciI&uach_m=[UACH]&template_id=419
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=2065248459&adk=1530395088&adf=1056458448&pi=t.ma~as.2065248459&w=300&lmt=1660112923&psa=0&format=300x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922945&bpp=1&bdt=607&idt=412&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1760ac1a23b33a3-228f92b8e9cd00b3%3AT%3D1660112923%3ART%3D1660112923%3AS%3DALNI_MYsepQxJ79h40_6v6XfVTRdIlpAyw&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ZhN9XgVK8W&p=https%3A//www.farfeshplus.online&dtd=415
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 10 Aug 2022 06:28:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/ Frame 0590 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=2065248459&adk=1530395088&adf=1056458448&pi=t.ma~as.2065248459&w=300&lmt=1660112923&psa=0&format=300x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922945&bpp=1&bdt=607&idt=412&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1760ac1a23b33a3-228f92b8e9cd00b3%3AT%3D1660112923%3ART%3D1660112923%3AS%3DALNI_MYsepQxJ79h40_6v6XfVTRdIlpAyw&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ZhN9XgVK8W&p=https%3A//www.farfeshplus.online&dtd=415
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 05:36:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3130
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9660
x-xss-protection
0
server
cafe
etag
13823643058518418725
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 05:36:34 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 0590 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=2065248459&adk=1530395088&adf=1056458448&pi=t.ma~as.2065248459&w=300&lmt=1660112923&psa=0&format=300x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922945&bpp=1&bdt=607&idt=412&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1760ac1a23b33a3-228f92b8e9cd00b3%3AT%3D1660112923%3ART%3D1660112923%3AS%3DALNI_MYsepQxJ79h40_6v6XfVTRdIlpAyw&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ZhN9XgVK8W&p=https%3A//www.farfeshplus.online&dtd=415
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:01:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1640
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 06:01:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0590 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=2065248459&adk=1530395088&adf=1056458448&pi=t.ma~as.2065248459&w=300&lmt=1660112923&psa=0&format=300x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922945&bpp=1&bdt=607&idt=412&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1760ac1a23b33a3-228f92b8e9cd00b3%3AT%3D1660112923%3ART%3D1660112923%3AS%3DALNI_MYsepQxJ79h40_6v6XfVTRdIlpAyw&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ZhN9XgVK8W&p=https%3A//www.farfeshplus.online&dtd=415
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44011
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659958456967243"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Aug 2022 06:28:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 0590 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=2065248459&adk=1530395088&adf=1056458448&pi=t.ma~as.2065248459&w=300&lmt=1660112923&psa=0&format=300x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922945&bpp=1&bdt=607&idt=412&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1760ac1a23b33a3-228f92b8e9cd00b3%3AT%3D1660112923%3ART%3D1660112923%3AS%3DALNI_MYsepQxJ79h40_6v6XfVTRdIlpAyw&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ZhN9XgVK8W&p=https%3A//www.farfeshplus.online&dtd=415
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 05:59:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1770
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7596
x-xss-protection
0
server
cafe
etag
12715132177492665634
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 05:59:14 GMT
l
www.google.com/ads/measurement/ Frame 0590 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTZvmzVMIZd9nxA1QXWHF8YzBZPrhalj3cXQIWK_w1HPw1xeNBgeN2DeeEiIwtit_GgSnQ8O9nJf4NlQK3QJjarXeifGg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=2065248459&adk=1530395088&adf=1056458448&pi=t.ma~as.2065248459&w=300&lmt=1660112923&psa=0&format=300x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922945&bpp=1&bdt=607&idt=412&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1760ac1a23b33a3-228f92b8e9cd00b3%3AT%3D1660112923%3ART%3D1660112923%3AS%3DALNI_MYsepQxJ79h40_6v6XfVTRdIlpAyw&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ZhN9XgVK8W&p=https%3A//www.farfeshplus.online&dtd=415
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
gen_csp
pagead2.googlesyndication.com/pagead/ Frame A0FD 		0
20 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIP81MjSu_kCFRdbGAod1QwOug&gqi=G1DzYsqoE8TIgAedn6-oDw&layout=/sadbundle/%24csp%253Der3%24/4990041485613105039/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=280&slotname=9134183485&adk=3378407940&adf=438727914&pi=t.ma~as.9134183485&w=336&lmt=1660112923&psa=0&format=336x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923300&bpp=1&bdt=963&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=3262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=39&uci=a!13&btvi=1&fsb=1&xpc=4MUJuJ2tiO&p=https%3A//www.farfeshplus.online&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 2503 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=11b4b122-8bbf-1083-a49e-fb935a4ae0d4&tv=%7Bc:kRO1qN,pingTime:-3,time:189,type:v,im:%7BpBlk:43%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:24%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:189,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B184~0%5D,as:%5B184~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:te5qE9S+11%7C12%7C131%7C14%7C15%7C161%7C162%7C163%7C17*.886862-62195782%7C171%7C172%7C173%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1h%7C1i1%7C1j11%7C1k1%7C1l%7C1m,idMap:17*,rmeas:1,rend:0,renddet:IMG.us%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=8400035594&adk=833794805&adf=3132389021&pi=t.ma~as.8400035594&w=160&lmt=1660112923&psa=0&format=160x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922945&bpp=1&bdt=608&idt=362&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600%2C336x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mE4KS0So69&p=https%3A//www.farfeshplus.online&dtd=366
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Aug 2022 06:28:44 GMT
X-Server-Name
dt37.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
dt
dt.adsafeprotected.com/ Frame 2503 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=11b4b122-8bbf-1083-a49e-fb935a4ae0d4&tv=%7Bc:kRO1qO,pingTime:-6,time:190,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:190,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B185~0%5D,as:%5B185~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:te5qE9S+11%7C12%7C131%7C14%7C15%7C161%7C162%7C163%7C17*.886862-62195782%7C171%7C172%7C173%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1h%7C1i1%7C1j11%7C1k1%7C1l%7C1m,idMap:17*,rmeas:1,rend:0,renddet:IMG.us%7D&tpiLookup=ao:www.farfeshplus.online*&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=8400035594&adk=833794805&adf=3132389021&pi=t.ma~as.8400035594&w=160&lmt=1660112923&psa=0&format=160x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922945&bpp=1&bdt=608&idt=362&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600%2C336x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mE4KS0So69&p=https%3A//www.farfeshplus.online&dtd=366
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Aug 2022 06:28:44 GMT
X-Server-Name
dt46.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
adlib.css
s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/ Frame 6EB1 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/adlib.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=3Mrl2xzQ8k&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42a2138398903109e146c2aeec93115208dce08b843915bbd5be8a55ae15dfab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=3Mrl2xzQ8k&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 21:30:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
377879
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1884
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 05 Aug 2023 21:30:45 GMT
fonts.css
s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/ Frame 6EB1 		1002 B
256 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/fonts.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=3Mrl2xzQ8k&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
400b356ca22f3e2283d3822a337d97c84c6c03c6ce51d79dae917a50d04f982d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=3Mrl2xzQ8k&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 21:30:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
377879
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
227
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 05 Aug 2023 21:30:45 GMT
adStyle.css
s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/ Frame 6EB1 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/adStyle.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=3Mrl2xzQ8k&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3ef6cabd8cc928fc520e3d6a25b9557006fb6e7216d54f2f4dabd1e88305423
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=3Mrl2xzQ8k&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 21:30:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
377879
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1010
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 05 Aug 2023 21:30:45 GMT
Enabler_01_248.js
s0.2mdn.net/879366/ Frame 6EB1 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_248.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=3Mrl2xzQ8k&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=3Mrl2xzQ8k&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 21:45:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31385
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41094
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:45:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Aug 2022 21:45:39 GMT
gsap_3.2.4_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 6EB1 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=3Mrl2xzQ8k&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=3Mrl2xzQ8k&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23276
x-xss-protection
0
last-modified
Thu, 05 Mar 2020 03:53:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Aug 2022 06:28:44 GMT
SplitText.min.js
s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/ Frame 6EB1 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/SplitText.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=3Mrl2xzQ8k&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4934174cd39db1f62680ac12ae44ad9aa040bd445d831ae65f79779b7f2e6e8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=3Mrl2xzQ8k&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 21:30:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
377879
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3818
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 05 Aug 2023 21:30:45 GMT
adlibUtils-v3.js
s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/ Frame 6EB1 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/adlibUtils-v3.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=3Mrl2xzQ8k&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6aed3a238eccdba51ccad99da44ae89e563a5e561cff593bdaa35982b8cc16f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=3Mrl2xzQ8k&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 21:30:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
377879
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10657
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 05 Aug 2023 21:30:45 GMT
animation.js
s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/ Frame 6EB1 		17 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/animation.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=3Mrl2xzQ8k&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b84170c704c9b4038e176ff9d9270fa0f80c49c6dae64ca19f5b0dbeda6902c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15767118399605309440/160x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=3Mrl2xzQ8k&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 21:30:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
377879
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2700
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 05 Aug 2023 21:30:45 GMT
amp4ads-host-v0.js
cdn.ampproject.org/rtv/012207221643000/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012207221643000/amp4ads-host-v0.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9182a6a4cf9909394c564dc8863ef003224a64d43e48a5bda08b4db031169ebd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
137437
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7846
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c7217b6ef5c19ea3"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:07 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 3F50 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1066
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 06:10:58 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 3B04 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/window_focus_fy2021.js
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:01:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1640
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 06:01:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3B04 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44011
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659958456967243"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Aug 2022 06:28:44 GMT
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 08DE 		67 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1966580796&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1660112923&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923008&bpp=7&bdt=670&idt=527&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280%2C728x90%2C728x90&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=2497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=RIA4frzf2s&p=https%3A//www.farfeshplus.online&dtd=535
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 13:58:10 GMT
x-content-type-options
nosniff
server
cafe
age
59434
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
2462972746714251406
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
expires
Wed, 10 Aug 2022 13:58:10 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012207221643000/ Frame 3EEB 		220 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3713237092&pi=t.ma~as.5788561387&w=728&lmt=1660112923&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922975&bpp=3&bdt=637&idt=491&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=963&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ip6Eyayggw&p=https%3A//www.farfeshplus.online&dtd=493
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e78609c13e44bafd8f619e97e02631aea063465da09c9f1022a24a30f2ecd192
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
137439
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61462
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"006401e583f0e23c"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:05 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 3EEB 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012207221643000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3713237092&pi=t.ma~as.5788561387&w=728&lmt=1660112923&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922975&bpp=3&bdt=637&idt=491&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=963&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ip6Eyayggw&p=https%3A//www.farfeshplus.online&dtd=493
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09bdd678609812f4311a2a3ae3b63b08b35029f886975555f704a3f79fbbe2d5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
137439
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5196
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"bc8caad49b08d8fb"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:05 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 3EEB 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012207221643000/v0/amp-analytics-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3713237092&pi=t.ma~as.5788561387&w=728&lmt=1660112923&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922975&bpp=3&bdt=637&idt=491&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=963&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ip6Eyayggw&p=https%3A//www.farfeshplus.online&dtd=493
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
866c3e7e9c3ac0d8e0df50f622518445b0465dc4a34bbb6082b6c27391d77dbc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
137439
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28864
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"14e9be8f3cf5efda"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:05 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 3EEB 		72 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012207221643000/v0/amp-animation-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3713237092&pi=t.ma~as.5788561387&w=728&lmt=1660112923&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922975&bpp=3&bdt=637&idt=491&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=963&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ip6Eyayggw&p=https%3A//www.farfeshplus.online&dtd=493
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
924aace23e54fcf154a07509debd7336088b7546df4f6566062f477b6ed500a4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
137436
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16646
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"662bf586d06a4736"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:08 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 3EEB 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012207221643000/v0/amp-fit-text-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3713237092&pi=t.ma~as.5788561387&w=728&lmt=1660112923&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922975&bpp=3&bdt=637&idt=491&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=963&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ip6Eyayggw&p=https%3A//www.farfeshplus.online&dtd=493
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b396ad1f1cac053ea579e5989462b206af7fb863907bf319fe02d2a5ce29aebc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
137439
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fcd376918b45715d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:05 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 3EEB 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012207221643000/v0/amp-form-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3713237092&pi=t.ma~as.5788561387&w=728&lmt=1660112923&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922975&bpp=3&bdt=637&idt=491&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=963&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ip6Eyayggw&p=https%3A//www.farfeshplus.online&dtd=493
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c9464895887e89bf485eb9a07e7ebe22ff70133a8bcb1e19a0774ecf67703a8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
137439
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12959
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fd6c62727a90c1dd"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:05 GMT
ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3EEB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ar.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3713237092&pi=t.ma~as.5788561387&w=728&lmt=1660112923&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922975&bpp=3&bdt=637&idt=491&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=963&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ip6Eyayggw&p=https%3A//www.farfeshplus.online&dtd=493
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 14:47:43 GMT
x-content-type-options
nosniff
server
cafe
age
56461
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
9421415325968714010
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2737
x-xss-protection
0
expires
Wed, 10 Aug 2022 14:47:43 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3EEB 		344 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3713237092&pi=t.ma~as.5788561387&w=728&lmt=1660112923&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922975&bpp=3&bdt=637&idt=491&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=963&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ip6Eyayggw&p=https%3A//www.farfeshplus.online&dtd=493
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 17:34:18 GMT
x-content-type-options
nosniff
server
cafe
age
46466
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Wed, 10 Aug 2022 17:34:18 GMT
l
www.google.com/ads/measurement/ Frame 3EEB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTsJHjkjt6rExwskNwlqBgZ3aJrndsrsgC9jcL2Fir_X2GMjbZ5hP4kAJed1FLsf5txP8DOtbWW3Bu-LtbZ5AdXXk7crA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3713237092&pi=t.ma~as.5788561387&w=728&lmt=1660112923&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922975&bpp=3&bdt=637&idt=491&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=963&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ip6Eyayggw&p=https%3A//www.farfeshplus.online&dtd=493
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
ST6D_24_90px.png
tpc.googlesyndication.com/sadbundle/18203894063323421/ Frame 3EEB 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/18203894063323421/ST6D_24_90px.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3713237092&pi=t.ma~as.5788561387&w=728&lmt=1660112923&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922975&bpp=3&bdt=637&idt=491&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=963&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ip6Eyayggw&p=https%3A//www.farfeshplus.online&dtd=493
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a44602c24b89885202fa9380b0b2794529f2fc070842f4256fa2e02d3f2e153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:46:41 GMT
x-content-type-options
nosniff
age
524523
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37693
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 14:47:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 04 Aug 2023 04:46:41 GMT
TR6P_90px.png
tpc.googlesyndication.com/sadbundle/18203894063323421/ Frame 3EEB 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/18203894063323421/TR6P_90px.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3713237092&pi=t.ma~as.5788561387&w=728&lmt=1660112923&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922975&bpp=3&bdt=637&idt=491&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=963&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ip6Eyayggw&p=https%3A//www.farfeshplus.online&dtd=493
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8db4db356541300d59ef29e42aada4010825fcc3dee28402411ceb12989f83b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:46:41 GMT
x-content-type-options
nosniff
age
524523
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35526
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 14:47:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 04 Aug 2023 04:46:41 GMT
Logo_in_Orange_Box.jpg
tpc.googlesyndication.com/sadbundle/18203894063323421/ Frame 3EEB 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/18203894063323421/Logo_in_Orange_Box.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3713237092&pi=t.ma~as.5788561387&w=728&lmt=1660112923&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922975&bpp=3&bdt=637&idt=491&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=963&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ip6Eyayggw&p=https%3A//www.farfeshplus.online&dtd=493
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2657405e3e91a0f5d6490e8fe419c8f98e2437caca46a0c257563f11aefa3824
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:46:41 GMT
x-content-type-options
nosniff
age
524523
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23485
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 14:47:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 04 Aug 2023 04:46:41 GMT
CTA_DE_90px.jpg
tpc.googlesyndication.com/sadbundle/18203894063323421/ Frame 3EEB 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/18203894063323421/CTA_DE_90px.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3713237092&pi=t.ma~as.5788561387&w=728&lmt=1660112923&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922975&bpp=3&bdt=637&idt=491&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=963&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ip6Eyayggw&p=https%3A//www.farfeshplus.online&dtd=493
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eee5a0136bda1fdbd08716eceadb0f1d7bca3f56e142bbed1752ae05776507d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:46:41 GMT
x-content-type-options
nosniff
age
524523
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29219
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 14:47:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 04 Aug 2023 04:46:41 GMT
mo_power_DE.png
tpc.googlesyndication.com/sadbundle/18203894063323421/ Frame 3EEB 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/18203894063323421/mo_power_DE.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3713237092&pi=t.ma~as.5788561387&w=728&lmt=1660112923&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922975&bpp=3&bdt=637&idt=491&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=963&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ip6Eyayggw&p=https%3A//www.farfeshplus.online&dtd=493
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01bd2be24c866eb7e7fb6e80a1c8b829429d0c5561b731939bce42ec75aa89a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 04:46:41 GMT
x-content-type-options
nosniff
age
524523
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3807
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 14:47:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 04 Aug 2023 04:46:41 GMT
mo_performance_DE.png
tpc.googlesyndication.com/sadbundle/18203894063323421/ Frame 3EEB 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/18203894063323421/mo_performance_DE.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3713237092&pi=t.ma~as.5788561387&w=728&lmt=1660112923&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922975&bpp=3&bdt=637&idt=491&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=963&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ip6Eyayggw&p=https%3A//www.farfeshplus.online&dtd=493
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebec77c6060c802dd84d3a3b37ae1fb8c586337fb809c917a1e3d4e98d79e80d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 04:12:02 GMT
x-content-type-options
nosniff
age
181002
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4987
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 14:47:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Aug 2023 04:12:02 GMT
ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D25A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ar.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 14:47:43 GMT
x-content-type-options
nosniff
server
cafe
age
56461
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
9421415325968714010
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2737
x-xss-protection
0
expires
Wed, 10 Aug 2022 14:47:43 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D25A 		344 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 17:34:18 GMT
x-content-type-options
nosniff
server
cafe
age
46466
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Wed, 10 Aug 2022 17:34:18 GMT
Heroal_D_72_970x250_DE.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1576807414729870166/ Frame BEDE 		334 KB
158 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1576807414729870166/Heroal_D_72_970x250_DE.html
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
065ca15ff96fad1c6a497d8ca908df91e2943d252745de0ef03ebae16e25bbbd
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
438172
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
161415
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Fri, 05 Aug 2022 04:45:52 GMT
expires
Sat, 05 Aug 2023 04:45:52 GMT
last-modified
Fri, 04 Jun 2021 16:01:31 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame B783 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CtzmcG1DzYu-1HJPhtweZloegBOLP-oZpuvDS2qwNwI23ARABIODi2VZglfKfgrAHoAHVvrKMA8gBCakCG6f7ei8gsT6oAwHIA0iqBPUBT9Dg9aGKqvxUZ_1MnWlF-jQze4MPJxnm9ru5opuHKsCgZb_7rflAQnO5j4JU6cYQLl1kWsr1eIFH64TDSzT5n1w5ZFUqph-NThIx4JnW2WPbSS1nH8o3iga5j2LiByxQkO4a1xHVNewiGawsU-vPyoOTdwvdvoomObDjD1OOUDuyXeFDgZ7cAiUEx0eCqsRtTw2Pgbcgop6kAO5dwz-O2vOB0nEm_CY01ri1KKoePO7d1lI_oCU_4QwL4UhoTGNHLDLyqaZC7kPJIk9I8CkCSau4pWWaQmdHTa0OkeOwUWDNyNf_yXuP2YFfk5r9qfXshiYxuDDABJXj2a7nApIFBAgEGAGSBQQIBRgEoAYugAeTwc1zqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwUQ--i2AdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTgzNjc3NDk5NTY5MTcwMDYYAA&sigh=mx72pLj6Wqw&uach_m=[UACH]&template_id=419
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1738279810&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1660112923&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922966&bpp=2&bdt=629&idt=464&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=ZnV6vXKrNG&p=https%3A//www.farfeshplus.online&dtd=467
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 10 Aug 2022 06:28:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/ Frame B783 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1738279810&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1660112923&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922966&bpp=2&bdt=629&idt=464&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=ZnV6vXKrNG&p=https%3A//www.farfeshplus.online&dtd=467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 05:36:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3130
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9660
x-xss-protection
0
server
cafe
etag
13823643058518418725
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 05:36:34 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame B783 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1738279810&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1660112923&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922966&bpp=2&bdt=629&idt=464&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=ZnV6vXKrNG&p=https%3A//www.farfeshplus.online&dtd=467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:01:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1640
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 06:01:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B783 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1738279810&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1660112923&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922966&bpp=2&bdt=629&idt=464&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=ZnV6vXKrNG&p=https%3A//www.farfeshplus.online&dtd=467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44011
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659958456967243"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Aug 2022 06:28:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame B783 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1738279810&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1660112923&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922966&bpp=2&bdt=629&idt=464&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=ZnV6vXKrNG&p=https%3A//www.farfeshplus.online&dtd=467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 05:59:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1770
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7596
x-xss-protection
0
server
cafe
etag
12715132177492665634
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 05:59:14 GMT
l
www.google.com/ads/measurement/ Frame B783 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQX7ALxkWdNDifcN6LNeeCqwLnYWjdZqB-UCD4989LkU4H4ygfPZ7Ed0NLByezEegtqRNOyFnlA6M1CwLUJz0eUZPC9CA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1738279810&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1660112923&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922966&bpp=2&bdt=629&idt=464&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=ZnV6vXKrNG&p=https%3A//www.farfeshplus.online&dtd=467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C600 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ar.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 14:47:43 GMT
x-content-type-options
nosniff
server
cafe
age
56461
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
9421415325968714010
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2737
x-xss-protection
0
expires
Wed, 10 Aug 2022 14:47:43 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C600 		344 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 17:34:18 GMT
x-content-type-options
nosniff
server
cafe
age
46466
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Wed, 10 Aug 2022 17:34:18 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 496C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220801_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:18:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79805
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Aug 2023 08:18:39 GMT
consumer-privacy-logo-16.png
secure.flashtalking.com/oba/icon/ Frame 496C 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.flashtalking.com/oba/icon/consumer-privacy-logo-16.png
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-99.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
ddfa452f752c05d749643b4221e6e18c92c0e8b6085b5ffa0ffe357935dbf60b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 06:28:44 GMT
Last-Modified
Thu, 06 May 2021 18:54:24 GMT
Server
Flashtalking (AKA)
ETag
W/"ea9218504eec09a337676178d9020356"
X-Varnish
749516161 749617813
Cache-Control
max-age=1139
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
7281
Expires
Wed, 10 Aug 2022 06:47:43 GMT
dt
dt.adsafeprotected.com/ Frame 2503 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=11b4b122-8bbf-1083-a49e-fb935a4ae0d4&tv=%7Bc:kRO1sX,pingTime:-2,time:323,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:852,beZ:853,mfA:854,cmA:855,inA:855,inZ:859,prA:859,prZ:870,si:877,poA:878,bl:896,poZ:896,cmZ:896,mfZ:896,loA:1042,loZ:1044,ltA:1175,ltZ:1175%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:24%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:323,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B318~0%5D,as:%5B318~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:te5qE9S+11%7C12%7C131%7C14%7C15%7C161%7C162%7C163%7C17*.886862-62195782%7C171%7C172%7C173%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1h%7C1i1%7C1j11%7C1k1%7C1l%7C1m,idMap:17*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,sinceFw:297,readyFired:true%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=8400035594&adk=833794805&adf=3132389021&pi=t.ma~as.8400035594&w=160&lmt=1660112923&psa=0&format=160x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922945&bpp=1&bdt=608&idt=362&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600%2C336x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mE4KS0So69&p=https%3A//www.farfeshplus.online&dtd=366
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Aug 2022 06:28:44 GMT
X-Server-Name
dt37.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012207221643000/ Frame 4EA5 		220 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1966580796&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1660112923&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923008&bpp=7&bdt=670&idt=527&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280%2C728x90%2C728x90&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=2497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=RIA4frzf2s&p=https%3A//www.farfeshplus.online&dtd=535
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e78609c13e44bafd8f619e97e02631aea063465da09c9f1022a24a30f2ecd192
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
137439
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61462
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"006401e583f0e23c"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:05 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 4EA5 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012207221643000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1966580796&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1660112923&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923008&bpp=7&bdt=670&idt=527&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280%2C728x90%2C728x90&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=2497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=RIA4frzf2s&p=https%3A//www.farfeshplus.online&dtd=535
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09bdd678609812f4311a2a3ae3b63b08b35029f886975555f704a3f79fbbe2d5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
137439
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5196
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"bc8caad49b08d8fb"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:05 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 4EA5 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012207221643000/v0/amp-analytics-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1966580796&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1660112923&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923008&bpp=7&bdt=670&idt=527&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280%2C728x90%2C728x90&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=2497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=RIA4frzf2s&p=https%3A//www.farfeshplus.online&dtd=535
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
866c3e7e9c3ac0d8e0df50f622518445b0465dc4a34bbb6082b6c27391d77dbc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
137439
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28864
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"14e9be8f3cf5efda"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:05 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 4EA5 		72 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012207221643000/v0/amp-animation-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1966580796&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1660112923&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923008&bpp=7&bdt=670&idt=527&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280%2C728x90%2C728x90&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=2497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=RIA4frzf2s&p=https%3A//www.farfeshplus.online&dtd=535
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
924aace23e54fcf154a07509debd7336088b7546df4f6566062f477b6ed500a4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
137436
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16646
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"662bf586d06a4736"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:08 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 4EA5 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012207221643000/v0/amp-fit-text-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1966580796&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1660112923&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923008&bpp=7&bdt=670&idt=527&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280%2C728x90%2C728x90&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=2497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=RIA4frzf2s&p=https%3A//www.farfeshplus.online&dtd=535
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b396ad1f1cac053ea579e5989462b206af7fb863907bf319fe02d2a5ce29aebc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
137439
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fcd376918b45715d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:05 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 4EA5 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012207221643000/v0/amp-form-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1966580796&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1660112923&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923008&bpp=7&bdt=670&idt=527&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280%2C728x90%2C728x90&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=2497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=RIA4frzf2s&p=https%3A//www.farfeshplus.online&dtd=535
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c9464895887e89bf485eb9a07e7ebe22ff70133a8bcb1e19a0774ecf67703a8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
137439
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12959
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fd6c62727a90c1dd"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:05 GMT
ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4EA5 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ar.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1966580796&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1660112923&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923008&bpp=7&bdt=670&idt=527&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280%2C728x90%2C728x90&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=2497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=RIA4frzf2s&p=https%3A//www.farfeshplus.online&dtd=535
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 14:47:43 GMT
x-content-type-options
nosniff
server
cafe
age
56461
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
9421415325968714010
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2737
x-xss-protection
0
expires
Wed, 10 Aug 2022 14:47:43 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4EA5 		344 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1966580796&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1660112923&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923008&bpp=7&bdt=670&idt=527&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280%2C728x90%2C728x90&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=2497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=RIA4frzf2s&p=https%3A//www.farfeshplus.online&dtd=535
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 17:34:18 GMT
x-content-type-options
nosniff
server
cafe
age
46466
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Wed, 10 Aug 2022 17:34:18 GMT
truncated
/ Frame 4EA5 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
00f5c1a936e85ec2ebd8ae9b471fa45bdb8ea2126bf42fe219fb9446bbe806ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
img.jpg
tpc.googlesyndication.com/sadbundle/2331266820447303663/ Frame 4EA5 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/2331266820447303663/img.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1966580796&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1660112923&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923008&bpp=7&bdt=670&idt=527&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280%2C728x90%2C728x90&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=2497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=RIA4frzf2s&p=https%3A//www.farfeshplus.online&dtd=535
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3fcee1208b4bcb58df6fbe5653aecd9e5630a7e06fef58c861ef2442345a59fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:43:19 GMT
x-content-type-options
nosniff
age
153925
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49656
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 11:21:04 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Aug 2023 11:43:19 GMT
cta.svg
tpc.googlesyndication.com/sadbundle/2331266820447303663/ Frame 4EA5 		2 KB
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/2331266820447303663/cta.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1966580796&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1660112923&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923008&bpp=7&bdt=670&idt=527&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280%2C728x90%2C728x90&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=2497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=RIA4frzf2s&p=https%3A//www.farfeshplus.online&dtd=535
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73fdce173a12a73b44c2f244ef75fe82c9cc456ccbc9273180e3d795236cdac8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:43:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153925
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
842
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 11:21:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Aug 2023 11:43:19 GMT
txt3.svg
tpc.googlesyndication.com/sadbundle/2331266820447303663/ Frame 4EA5 		11 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/2331266820447303663/txt3.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1966580796&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1660112923&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923008&bpp=7&bdt=670&idt=527&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280%2C728x90%2C728x90&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=2497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=RIA4frzf2s&p=https%3A//www.farfeshplus.online&dtd=535
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ae4b01e95d88f876b4de342dc9f2415014f192ba1f6174af2cd2bbb92f79932
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:43:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153925
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3995
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 11:21:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Aug 2023 11:43:19 GMT
txt2.svg
tpc.googlesyndication.com/sadbundle/2331266820447303663/ Frame 4EA5 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/2331266820447303663/txt2.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1966580796&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1660112923&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923008&bpp=7&bdt=670&idt=527&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280%2C728x90%2C728x90&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=2497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=RIA4frzf2s&p=https%3A//www.farfeshplus.online&dtd=535
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b2b84e4f0ec0d6887a466a39879e8ad6b649a905d18544790da1af14a5414fdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:43:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153925
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3338
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 11:21:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Aug 2023 11:43:19 GMT
txt1.svg
tpc.googlesyndication.com/sadbundle/2331266820447303663/ Frame 4EA5 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/2331266820447303663/txt1.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1966580796&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1660112923&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923008&bpp=7&bdt=670&idt=527&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280%2C728x90%2C728x90&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=2497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=RIA4frzf2s&p=https%3A//www.farfeshplus.online&dtd=535
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
851cacd5365b711843722eac7b071364f1ef0d1ddafab92790a819f603b825fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:43:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153925
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3056
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 11:21:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Aug 2023 11:43:19 GMT
logo.svg
tpc.googlesyndication.com/sadbundle/2331266820447303663/ Frame 4EA5 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/2331266820447303663/logo.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1966580796&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1660112923&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923008&bpp=7&bdt=670&idt=527&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280%2C728x90%2C728x90&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=2497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=RIA4frzf2s&p=https%3A//www.farfeshplus.online&dtd=535
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
baac9dd57ed6ede936ed7949947f61108c6fe81cdd73a4da6e4d114c77000510
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:43:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153925
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1511
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 11:21:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Aug 2023 11:43:19 GMT
ES52.svg
tpc.googlesyndication.com/sadbundle/2331266820447303663/ Frame 4EA5 		10 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/2331266820447303663/ES52.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1966580796&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1660112923&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923008&bpp=7&bdt=670&idt=527&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280%2C728x90%2C728x90&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=2497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=RIA4frzf2s&p=https%3A//www.farfeshplus.online&dtd=535
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0f36443435214fd810552979ed4aff389de6ee66c854d16778497fa973aeb71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:43:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153925
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3994
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 11:21:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Aug 2023 11:43:19 GMT
l
www.google.com/ads/measurement/ Frame 4EA5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRIi6MuwVVplL-ouJkz5WuPpuqxU2vQgXzbI7MP-5vFhfa0IS1peyGVhkeh8iLfrXvkukl_UtwEw4xsfvCOQuvHfkTw7A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1966580796&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1660112923&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923008&bpp=7&bdt=670&idt=527&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280%2C728x90%2C728x90&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=2497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=RIA4frzf2s&p=https%3A//www.farfeshplus.online&dtd=535
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
adview
googleads.g.doubleclick.net/pagead/ Frame 4EA5 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CuwBjG1DzYrajI5GMtweX_Ya4BJvUmMdrit39htkP5Y_8wgMQASDg4tlWYJXyn4KwB6AB6cWqnQLIAQmpAiBxHFGqJLE-qAMByAMIqgTsAU_QX7yga42f0hKQNdTtMK2ULVOoDCDqwRsPd4q5jHf0YjkzS-dFWf83k0PvZNkfM0CjM3FxHt8EcAghUo4jUYSyOAaU2V2vyi2xh059Ata7R2XP52VaKA0yZEQ3DHGJU3FSGbmXtoZK9tM47lwLY10lJbHx3qtMrJqHq2dohKFBWSo-swY3qoqt7cRX8EgnvirKFBYu916FryiJnpDuJ4-U9mM2cFg5nXWSdQ94dvCv-hLmi3-k09aV7brAwTZLzs_WNTw3vgk1ogvzI5BT80z-gzJ5VSN6rLuNOlN_pRa7f3ubpCF7zROHqJGswASmysjdmgOSBQQIBBgBkgUECAUYBKAGLoAH_7nV4gGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBRDVqecC0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItODM2Nzc0OTk1NjkxNzAwNhgA&sigh=svMfwtgppm4&uach_m=[UACH]&template_id=419
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1966580796&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1660112923&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923008&bpp=7&bdt=670&idt=527&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280%2C728x90%2C728x90&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=2497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=RIA4frzf2s&p=https%3A//www.farfeshplus.online&dtd=535
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1966580796&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1660112923&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923008&bpp=7&bdt=670&idt=527&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280%2C728x90%2C728x90&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=2497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=RIA4frzf2s&p=https%3A//www.farfeshplus.online&dtd=535
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 10 Aug 2022 06:28:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9DFF 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
482559
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 04 Aug 2022 16:26:05 GMT
expires
Fri, 04 Aug 2023 16:26:05 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame AF14 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 07:40:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82071
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 10 Aug 2022 07:40:53 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame AF14 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 05:09:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4775
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 11 Aug 2022 05:09:09 GMT
truncated
/ Frame 3EEB 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a0c2ae224f3e90943ef2413f331ec0ccf87bf4b0ec03e108973b3205236306f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/ Frame 51B3 		15 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed8b1dd84b3d8427bacca74cf55cee3515615326b1c6b1351864dd2b78da3ff5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
17847
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3876
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 01:31:17 GMT
expires
Thu, 10 Aug 2023 01:31:17 GMT
last-modified
Wed, 20 Jul 2022 01:11:45 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame A633 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CNkXwG1DzYpbrLY6LjuwP2_ep8AOEiZnLa83Ry4GXEI2xluSSMRABIJWbyiFglaqUgqAHoAGyisGqAcgBCakCBKNYBowIqj7gAgCoAwHIA0iqBIcCT9CNxHhsV0CuH1hr_29CFYilnjD0AuuPi9bb7IjjpSirY-MyPnbtAroidZ5gaaMifG7l2vnZYsT9rhHIfGKU5Rdz9_b6gzYGAViyIGIArqJsdQOBP_xyw3NNRKNc3zxdSbFPwlqmmz3h6eN1ywuqVYcJN4TA6rxAc2VEcirzwanexnGQn82YhO4X_8lcxYyJM9XKSzRFAbkozsEIMOuD8-9HiOBpbvZzyOkpJeyrThDg3CSxMkLlRse_bHKTnl1ieyllMrrAJ_ZG-WaJRgDmTjHe9ER2E1L0LsoYvTxBkGzErKGwGh-vf7Q63UQv9BuEdd3vuPM1Kg66hS0pZ1acDBJCyZtm24rABO6Q-POUBOAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAe29b7VAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKeoDdIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi01NjIwMDcwOTkwMDU3MjgwgAoDyAsB2BMK0BUBmBYBgBcBshceChwIABIUcHViLTM4MzE4OTQ1NTkwMTQ2MTQY_fkT&sigh=lUXuVswxcZo&uach_m=[UACH]&template_id=419
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/ Frame A633 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/abg_lite_fy2021.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 05:36:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3130
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9660
x-xss-protection
0
server
cafe
etag
13823643058518418725
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 05:36:34 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame A633 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:01:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1640
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 06:01:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A633 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44011
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659958456967243"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Aug 2022 06:28:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame A633 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 05:59:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1770
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7596
x-xss-protection
0
server
cafe
etag
12715132177492665634
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 05:59:14 GMT
l
www.google.com/ads/measurement/ Frame A633 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT6HrB54wsyVDcaJUUGDIrRmqYxx1um1ch3mVG1evpl0O8_9vHJqt2tMpxRM7D9XWjX2AP0E9pmRJjqZch4U_C-LOADDA
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 66A3 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13842806366495536883/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 07:40:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82071
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 10 Aug 2022 07:40:53 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 66A3 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13842806366495536883/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 05:09:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4775
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 11 Aug 2022 05:09:09 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame B404 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=2065248459&adk=1530395088&adf=1056458448&pi=t.ma~as.2065248459&w=300&lmt=1660112923&psa=0&format=300x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922945&bpp=1&bdt=607&idt=412&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1760ac1a23b33a3-228f92b8e9cd00b3%3AT%3D1660112923%3ART%3D1660112923%3AS%3DALNI_MYsepQxJ79h40_6v6XfVTRdIlpAyw&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ZhN9XgVK8W&p=https%3A//www.farfeshplus.online&dtd=415
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=2065248459&adk=1530395088&adf=1056458448&pi=t.ma~as.2065248459&w=300&lmt=1660112923&psa=0&format=300x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922945&bpp=1&bdt=607&idt=412&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1760ac1a23b33a3-228f92b8e9cd00b3%3AT%3D1660112923%3ART%3D1660112923%3AS%3DALNI_MYsepQxJ79h40_6v6XfVTRdIlpAyw&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ZhN9XgVK8W&p=https%3A//www.farfeshplus.online&dtd=415
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1066
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 06:10:58 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
DV360-TheWorldIsYourCanvas-DE_DE-GilesAndCecilie-VAST-15sVideo-16x9_854_480_700_3000.mp4
cdn.flashtalking.com/163839/ Frame 496C 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/163839/DV360-TheWorldIsYourCanvas-DE_DE-GilesAndCecilie-VAST-15sVideo-16x9_854_480_700_3000.mp4
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
f8190b560a2d9246b5ed02dea00f25d4e3cfccef39fd06d6c0c881fab7112cf2

Request headers

Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 10 Aug 2022 06:28:44 GMT
x-amz-request-id
HTERHQ3780AFTBZZ
X-HW
1660112924.dop052.fr8.t,1660112924.cds241.fr8.shn,1660112924.dop052.fr8.t,1660112924.cds266.fr8.pr
Content-Range
bytes 0-1699852/1699853
Connection
Keep-Alive
Content-Length
1699853
x-amz-id-2
KtLMEj0+3RQOLSyGFiDGMa25N2A/RNGG2XTA3PCM5Hxe+Uazo3gD/Tv41JsB1+FrHqIIGozy/H8=
Last-Modified
Wed, 01 Jun 2022 06:03:27 GMT
ETag
"d5843d17fc3e1b0ff2d86edeabdcb154"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=30
Accept-Ranges
bytes
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5452420620895986848/ Frame C718 		11 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5452420620895986848/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3622919201&pi=t.ma~as.5788561387&w=728&lmt=1660112923&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922989&bpp=3&bdt=651&idt=522&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280%2C728x90&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1563&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=SoA8VOiTCe&p=https%3A//www.farfeshplus.online&dtd=525
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3806cd06f77242ca8ae341c503d477e48975cbd4bea0c52dbe3e4e7fdacc2108
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
270267
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3245
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Sun, 07 Aug 2022 03:24:17 GMT
expires
Mon, 07 Aug 2023 03:24:17 GMT
last-modified
Wed, 13 Jul 2022 11:27:37 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 4907 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CGXlbG1DzYobpIcSQygWJxJjIC66igNxrzpT9-ZcQ__WQ49cCEAEgrYmDJmCV8p-CsAegAdz0pdQDyAEJqQIgcRxRqiSxPqgDAcgDSKoE-gFP0EOQn3kWVDzFosiJc83BfxZ4abLYDkFf2xd7-Aaj9mqOclE8qfSwaDrG-QxA5MuTgAvmp2G6PORyldJGnv9qvPL3odKeZ2x4eswJWE-18vd9UoAVpiaEwDByDNOD2ztiNkYu7mWsP883-44JnRNVqvwfoSxcbB7TB59_93JemP9zCcPMeW0ucCW_BjMdMj5S6PARtI1OHG0DI_KYWHJhLVRb90DZrobcu_Ig-NGt_iPI47qcnlcSUD4C3wU84XHwBXsc2z8zijbPPaBPkOY6qzJ6TXYjZ3AJ8t_fB0Zmhm2ya_vVUADcUaOD0GrimN4XJZhzLpvRAUdAwAT61v3MiQSSBQQIBBgBkgUECAUYBKAGLoAHjIvaK6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcFENKm0QLSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi02MjY2MzEzMTkwMDg3MTczGAA&sigh=Qx2jTV3AgtY&uach_m=[UACH]&template_id=419
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3622919201&pi=t.ma~as.5788561387&w=728&lmt=1660112923&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922989&bpp=3&bdt=651&idt=522&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280%2C728x90&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1563&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=SoA8VOiTCe&p=https%3A//www.farfeshplus.online&dtd=525
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3622919201&pi=t.ma~as.5788561387&w=728&lmt=1660112923&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922989&bpp=3&bdt=651&idt=522&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280%2C728x90&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1563&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=SoA8VOiTCe&p=https%3A//www.farfeshplus.online&dtd=525
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 10 Aug 2022 06:28:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/ Frame 4907 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3622919201&pi=t.ma~as.5788561387&w=728&lmt=1660112923&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922989&bpp=3&bdt=651&idt=522&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280%2C728x90&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1563&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=SoA8VOiTCe&p=https%3A//www.farfeshplus.online&dtd=525
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 05:36:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3130
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9660
x-xss-protection
0
server
cafe
etag
13823643058518418725
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 05:36:34 GMT
index.html
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/ Frame D493 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69baa42b5243c9fad39140cd27772eb779a829f93bbc325e2e695fd8b74f4371
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
548757
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2318
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 03 Aug 2022 22:02:47 GMT
expires
Thu, 03 Aug 2023 22:02:47 GMT
last-modified
Fri, 15 Jul 2022 12:48:38 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame D33E 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssaSsTddMDYUGKPFcbVy-vuBhCQwlwHLfJR82GIqdM0vXYnq5WN8hlnIVf5bZUCSaA334f4GCqnalcbVzY3XMM0ihvumGa-PREIBoqeXQl7_pmre62wNYhUZuSv7S0trQLp2-4_engtl_mx6oN263y-ric4oUmY9HeG8t_A4tmVKPvhHwh7dMcRlcckVXQQBQnpDLpk7Ab_-537c1u7ZN4hVS6t6aCYO7PjIk96Q2fFBBIaYUIiQAm81Doym2dus_vuAKHaRFQPKy2Vf-EJH1Az977jiiZw92Lcow7FKwonDWvK41qaLiukbdx5Y5clE9siBZfyDJ38S8HSg5kjL6v2JdGU8ujFEem4ZaXoAoVTG8jO0yNbmgJAKk3xr5KMU1EYFthY3xBQgO0k4t7-_sj2B3-NIV-GErCEoEvyLaQugGVEUiJ57iEjeIOqRaYJwvjnIcy2GKLSECzmMnK12RA8GpXMk3rZS0GdAJe5t-R56Diru3szaCldk8gSNNpjl-Ci_dCvczDv-I6cST2hQ3bgRr5pZZAf0eB-Xq16fnc3Hdv6XXlbP9fqxyzQugicJ6L3w3NZDhBTpOeDUVi3PEejdmboNP3Pp6-BEZE8_sU-lBT3LC-v6lmlh1Sl_rhkP-sq8c7mPFecqKxN5TGZEmiiT2PHBVEfXkk7NTTXV2b8-nCh0bsR8oeysmyT-wEYAVMokmdCgyWzNSdLcyffSGP5ZvwK4UahDM_hkSjaUAtgHuVutyP1wg76V4kwzluOCCWxdz9N4S1EC1viR3SQh7SU3YEFOflZkS_lVhfBlqSAy6_ADMhBe5qCgSIDhxGzz6QhbpWXDL1UQtF3juq3TAaZiq6YP9qXRbXoBXIcxcT5_Ugdadmzpk5Rhr9tkAXORutMFt8ZMKdwMNnFivE3g3boAN4u9K0d3eWMMHBBGHzcaXJjDWnX-fNNtsUhlWaaXTkj7RqA9RXN4MynhiXLh7cYhK_h65o8Hg7ROAx-YkfgwZBW7Tr9ZhTrwba7edgtnk_2NQOCaePLIS4W8dsq723OYVO67SIsDgIlpLCmcVGmicoPFF3JXB7DDRwqN0fIFXoqeLkIGWkZRPyiNKzKt70bpb7sFePw7gJwUud93EkRAcU2QA83s-Y51YfiXxZcqXYJuYtGm1KhnOZSs_7FXp53CUue3GWpDJ0ozeZfHvkdru8eIXKN14I9q9ebY6K9JNu67HM3t3C7jPiQv1mFm87z17U2k102uygTN9GDC-GUPqg9vAIkXlOuykylfjgCrMXPH5NBWceKGyE720KxOlwUzXl0eU3cgSmdmxiP&sai=AMfl-YQ0XKIPAuuPFzLY47rSsVtaTmiIMlO8R72MLGV6JRpm3mDgBJKbGfB1hJ046ViLzqD23e8q2LK4k9QhmaV34rZ7F2WDV-hwVEqGUh5H-v0WeMmgmSbOh5PKnDZKyc6vqZWVHGllHoym4GMXwJtvaxXsdorFd6HIG28d3b9YmKfr00p0GfOQbVfM2jbmSK-TvbIAYS2FEXUwxyoWZ379mnhxYe3DqYo&sig=Cg0ArKJSzM-Ei4iSmWRhEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=439&cbvp=1&cstd=437&cisv=r20220808.18679&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Wed, 10 Aug 2022 06:28:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dpixel
cms.quantserve.com/ Frame EB31 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPivLwKD1_iaKXHlQEVk1MU&google_cver=1&google_push=AehlK4BKQaswTnxHlgW1FTeVbhuz1ElLXZ_DXAYeQ7jZ2aq92aQHdqtZCFJ3_toW7GJJ8mwzYvjCitvXujCipuVTaWVmc_So-X0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=8400035594&adk=833794805&adf=3132389021&pi=t.ma~as.8400035594&w=160&lmt=1660112923&psa=0&format=160x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922945&bpp=1&bdt=608&idt=362&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600%2C336x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mE4KS0So69&p=https%3A//www.farfeshplus.online&dtd=366
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:44 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EB31
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEPVUOOG8pdv20jATPz7cN-w&google_cver=1&google_push=AehlK4BaCmyzYA80_Z0vajnse2Hq9xU-xZJ3qTGiSVJw6TmBr8HGdvbgKhWmqfI9YNIMZSxlYxfv72Una_Nbd7G5sentjCXsWz0
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4BaCmyzYA80_Z0vajnse2Hq9xU-xZJ3qTGiSVJw6TmBr8HGdvbgKhWmqfI9YNIMZSxlYxfv72Una_Nbd7G5sentjCXsWz0&google_hm=Q0FFU0VQVlVPT0c4cGR2Mj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4BaCmyzYA80_Z0vajnse2Hq9xU-xZJ3qTGiSVJw6TmBr8HGdvbgKhWmqfI9YNIMZSxlYxfv72Una_Nbd7G5sentjCXsWz0&google_hm=Q0FFU0VQVlVPT0c4cGR2MjBqQVRQejdjTi13
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=8400035594&adk=833794805&adf=3132389021&pi=t.ma~as.8400035594&w=160&lmt=1660112923&psa=0&format=160x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922945&bpp=1&bdt=608&idt=362&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600%2C336x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mE4KS0So69&p=https%3A//www.farfeshplus.online&dtd=366
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 10 Aug 2022 06:28:44 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4BaCmyzYA80_Z0vajnse2Hq9xU-xZJ3qTGiSVJw6TmBr8HGdvbgKhWmqfI9YNIMZSxlYxfv72Una_Nbd7G5sentjCXsWz0&google_hm=Q0FFU0VQVlVPT0c4cGR2MjBqQVRQejdjTi13
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame EB31 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEErAD3N0k7HaXO-UXDP5Unk&google_cver=1&google_push=AehlK4Axoa7FQ3t03C23GAKjGeWH9Qi8fYZ-GB-YKaQjgHOm12TlLYvTUqaXnK1sSKNE1dZ1-cQYXqtxt9jw1n4kua0jv95iew
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=8400035594&adk=833794805&adf=3132389021&pi=t.ma~as.8400035594&w=160&lmt=1660112923&psa=0&format=160x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922945&bpp=1&bdt=608&idt=362&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600%2C336x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mE4KS0So69&p=https%3A//www.farfeshplus.online&dtd=366
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:44 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
i06h3oafka4abmrrar1717aqce2ibqga
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame EB31 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOD3a1EbOnsdIaRGrcSYpNs&google_cver=1&google_push=AehlK4ARICo7fupnV4tPn-R6Z9F4rLY83XIUAIn5TOKIes5-AG2QnoxgmBpm09WPkBcQx15vykxwwi2FMpYKIk44jhlXemPf4Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=8400035594&adk=833794805&adf=3132389021&pi=t.ma~as.8400035594&w=160&lmt=1660112923&psa=0&format=160x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922945&bpp=1&bdt=608&idt=362&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600%2C336x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mE4KS0So69&p=https%3A//www.farfeshplus.online&dtd=366
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame EB31
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIm7g_5fjSM5Y_kt-9aBI58&google_cver=1&google_push=AehlK4Dr3l5yS21D7iO4K9xqDn-i2vqoo1SynTCsljDBvzegHO5eQnj8cAQ5P4IQs6Ofcfm_pbd...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZOOERFVVMtUy1GRTVP&google_push=AehlK4Dr3l5yS21D7iO4K9xqDn-i2vqoo1SynTCsljDBvzegHO5eQnj8cAQ5P4IQs6Ofcfm_pbdXbvTKO1sT977vzExwaTBtLzE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZOOERFVVMtUy1GRTVP&google_push=AehlK4Dr3l5yS21D7iO4K9xqDn-i2vqoo1SynTCsljDBvzegHO5eQnj8cAQ5P4IQs6Ofcfm_pbdXbvTKO1sT977vzExwaTBtLzE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=8400035594&adk=833794805&adf=3132389021&pi=t.ma~as.8400035594&w=160&lmt=1660112923&psa=0&format=160x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922945&bpp=1&bdt=608&idt=362&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600%2C336x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mE4KS0So69&p=https%3A//www.farfeshplus.online&dtd=366
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZOOERFVVMtUy1GRTVP&google_push=AehlK4Dr3l5yS21D7iO4K9xqDn-i2vqoo1SynTCsljDBvzegHO5eQnj8cAQ5P4IQs6Ofcfm_pbdXbvTKO1sT977vzExwaTBtLzE
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
pixel
cm.g.doubleclick.net/ Frame EB31
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIrFWEFZvCbPUcmk-woFNLs&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIrFWEFZvCbPUcmk-woFNLs&google_hm=YvNQG2SNzLmPXUfux7me6QAABGoAAAIB&google_nid=index&google_push=AehlK4A6LPGwxzvufO8lgqUo4px7euGEYVv3a...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIrFWEFZvCbPUcmk-woFNLs&google_hm=YvNQG2SNzLmPXUfux7me6QAABGoAAAIB&google_nid=index&google_push=AehlK4A6LPGwxzvufO8lgqUo4px7euGEYVv3aKNTwbU6V1NN37Shej9UDGTsKJVUaxSjWtnwC9qWjoE8t9_IMszpbRuqmMtbLA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=8400035594&adk=833794805&adf=3132389021&pi=t.ma~as.8400035594&w=160&lmt=1660112923&psa=0&format=160x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922945&bpp=1&bdt=608&idt=362&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600%2C336x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mE4KS0So69&p=https%3A//www.farfeshplus.online&dtd=366
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2F97UpV1%2FBLP%2F3RZpt9tIQk9rH%2BoC3b69%2BuJp7%2FRxBiabOQjPeQxtwwqU7A4n6L4AxnMGYWd2%2B0O7Xt2Hyy%2FF8nAgtf5uCAxSkdXK1Rui1pwXlkQigOHuNCp2cCZkoiHA7F9jHMhzrmZSA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIrFWEFZvCbPUcmk-woFNLs&google_hm=YvNQG2SNzLmPXUfux7me6QAABGoAAAIB&google_nid=index&google_push=AehlK4A6LPGwxzvufO8lgqUo4px7euGEYVv3aKNTwbU6V1NN37Shej9UDGTsKJVUaxSjWtnwC9qWjoE8t9_IMszpbRuqmMtbLA
cache-control
no-cache
cf-ray
7386ac53a8f468f2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
trk
ag.innovid.com/ Frame EB31 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEHw1o4JXJNGhNETCNrlC-zo&google_cver=1&google_push=AehlK4Dx_lFDIWeUKEw_m6YDlZ1Pn9p3GSeMWbCgIqbgCrRkXeNd_Q5VKuio1NJoLzVb_YNrNaUKrOG5_mSMSn4goBEYZcrdvw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=8400035594&adk=833794805&adf=3132389021&pi=t.ma~as.8400035594&w=160&lmt=1660112923&psa=0&format=160x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922945&bpp=1&bdt=608&idt=362&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600%2C336x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mE4KS0So69&p=https%3A//www.farfeshplus.online&dtd=366
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8101:d7b0:e7f4:5b5e:7c21 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:45 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
1
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame EB31 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L_s7o2Na81MGj_AZkUKRWtLXckF1jH4vkm4g0n-NQKrJiVIgP-FIJi9ModRBYMArjy9mEv
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=8400035594&adk=833794805&adf=3132389021&pi=t.ma~as.8400035594&w=160&lmt=1660112923&psa=0&format=160x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922945&bpp=1&bdt=608&idt=362&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600%2C336x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mE4KS0So69&p=https%3A//www.farfeshplus.online&dtd=366
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:44 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
s
googleads.g.doubleclick.net/pagead/drt/ Frame 46CD 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=250&slotname=6076681977&adk=2278793534&adf=3181854402&pi=t.ma~as.6076681977&w=300&lmt=1660112923&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923419&bpp=1&bdt=1082&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600&nras=1&correlator=2329524702554&frm=20&pv=2&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4778&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=43&uci=a!17&btvi=3&fsb=1&xpc=S9xagpeohj&p=https%3A//www.farfeshplus.online&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=250&slotname=6076681977&adk=2278793534&adf=3181854402&pi=t.ma~as.6076681977&w=300&lmt=1660112923&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923419&bpp=1&bdt=1082&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600&nras=1&correlator=2329524702554&frm=20&pv=2&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4778&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=43&uci=a!17&btvi=3&fsb=1&xpc=S9xagpeohj&p=https%3A//www.farfeshplus.online&dtd=4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1066
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 06:10:58 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 20D5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=250&slotname=6076681977&adk=2278793534&adf=3181854402&pi=t.ma~as.6076681977&w=300&lmt=1660112923&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923419&bpp=1&bdt=1082&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600&nras=1&correlator=2329524702554&frm=20&pv=2&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4778&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=43&uci=a!17&btvi=3&fsb=1&xpc=S9xagpeohj&p=https%3A//www.farfeshplus.online&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:01:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1640
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 06:01:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 20D5 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=250&slotname=6076681977&adk=2278793534&adf=3181854402&pi=t.ma~as.6076681977&w=300&lmt=1660112923&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923419&bpp=1&bdt=1082&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600&nras=1&correlator=2329524702554&frm=20&pv=2&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4778&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=43&uci=a!17&btvi=3&fsb=1&xpc=S9xagpeohj&p=https%3A//www.farfeshplus.online&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44011
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659958456967243"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Aug 2022 06:28:44 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame BEDE 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1576807414729870166/Heroal_D_72_970x250_DE.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 13:42:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60347
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 10 Aug 2022 13:42:57 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame BEDE 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1576807414729870166/Heroal_D_72_970x250_DE.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 05:09:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4775
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 11 Aug 2022 05:09:09 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame EF6A 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1738279810&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1660112923&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922966&bpp=2&bdt=629&idt=464&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=ZnV6vXKrNG&p=https%3A//www.farfeshplus.online&dtd=467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1738279810&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1660112923&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922966&bpp=2&bdt=629&idt=464&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=ZnV6vXKrNG&p=https%3A//www.farfeshplus.online&dtd=467
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1066
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 06:10:58 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
gen_csp
pagead2.googlesyndication.com/pagead/ Frame 0590 		0
20 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COPE2MjSu_kCFTkFewodOZYAdA&gqi=G1DzYqLeFtqIgAec47e4BA&layout=/sadbundle/%24csp%253Der3%24/13842806366495536883/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=2065248459&adk=1530395088&adf=1056458448&pi=t.ma~as.2065248459&w=300&lmt=1660112923&psa=0&format=300x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922945&bpp=1&bdt=607&idt=412&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1760ac1a23b33a3-228f92b8e9cd00b3%3AT%3D1660112923%3ART%3D1660112923%3AS%3DALNI_MYsepQxJ79h40_6v6XfVTRdIlpAyw&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ZhN9XgVK8W&p=https%3A//www.farfeshplus.online&dtd=415
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D33E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 16:26:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
482559
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Aug 2023 16:26:05 GMT
truncated
/ Frame D33E 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9ecf8a9950fa915a5edb0375000dee72ebc2685054c865a72ae9cb0a0b43a4a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
gen_csp
pagead2.googlesyndication.com/pagead/ Frame 20D5 		0
20 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CK-a3MjSu_kCFdjOsgodMbENtQ&gqi=G1DzYrjGGpP4gAez_Y7YCw&layout=/sadbundle/%24csp%253Der3%24/4990041485613105039/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=250&slotname=6076681977&adk=2278793534&adf=3181854402&pi=t.ma~as.6076681977&w=300&lmt=1660112923&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923419&bpp=1&bdt=1082&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600&nras=1&correlator=2329524702554&frm=20&pv=2&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4778&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=43&uci=a!17&btvi=3&fsb=1&xpc=S9xagpeohj&p=https%3A//www.farfeshplus.online&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 0590 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86a9b3cd983d408fa76352ad037930e1d281ae9116dd6fe378fb0092d53f9615

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
gen_csp
pagead2.googlesyndication.com/pagead/ Frame B783 		0
20 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CK-v3MjSu_kCFZPw7QodGcsBRA&gqi=G1DzYs-WG9HH7gPJ-LSgAg&layout=/sadbundle/%24csp%253Der3%24/1576807414729870166/Heroal_D_72_970x250_DE.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1738279810&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1660112923&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922966&bpp=2&bdt=629&idt=464&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=ZnV6vXKrNG&p=https%3A//www.farfeshplus.online&dtd=467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 51B3 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 13:42:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60347
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 10 Aug 2022 13:42:57 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 51B3 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 05:09:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4775
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 11 Aug 2022 05:09:09 GMT
e6f40d138158e41bbc4290d1d8f9ae48.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/ Frame 51B3 		84 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/e6f40d138158e41bbc4290d1d8f9ae48.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63b31da7c560861dc044a6b35c1b51b9664daf1008174e88053ca298a429c8ac
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
151533
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22268
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 01:11:45 GMT
server
sffe
date
Mon, 08 Aug 2022 12:23:11 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Aug 2023 12:23:11 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 034A 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1066
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 06:10:58 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame A0FD 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=280&slotname=9134183485&adk=3378407940&adf=438727914&pi=t.ma~as.9134183485&w=336&lmt=1660112923&psa=0&format=336x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923300&bpp=1&bdt=963&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=3262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=39&uci=a!13&btvi=1&fsb=1&xpc=4MUJuJ2tiO&p=https%3A//www.farfeshplus.online&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 05:59:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1770
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7596
x-xss-protection
0
server
cafe
etag
12715132177492665634
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 05:59:14 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2CE3
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=280&slotname=9134183485&adk=3378407940&adf=438727914&pi=t.ma~as.9134183485&w=336&lmt=1660112923&psa=0&format=336x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923300&bpp=1&bdt=963&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=3262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=39&uci=a!13&btvi=1&fsb=1&xpc=4MUJuJ2tiO&p=https%3A//www.farfeshplus.online&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 06:28:44 GMT
expires
Wed, 10 Aug 2022 06:28:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 06:28:44 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame F472 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
72176
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 10:25:48 GMT
expires
Wed, 09 Aug 2023 10:25:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame C718 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5452420620895986848/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 13:42:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60347
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 10 Aug 2022 13:42:57 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C718 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5452420620895986848/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 05:09:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4775
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 11 Aug 2022 05:09:09 GMT
321b20d6f1e1117231f20a0756ab7cf6.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5452420620895986848/ Frame C718 		76 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5452420620895986848/321b20d6f1e1117231f20a0756ab7cf6.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5452420620895986848/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6ab4f9a3174d8ff5b06299a2694497bea1d78f277f2720f203ecbe21d7d623d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
285847
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19325
x-xss-protection
0
last-modified
Wed, 13 Jul 2022 11:27:37 GMT
server
sffe
date
Sat, 06 Aug 2022 23:04:37 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 06 Aug 2023 23:04:37 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame D493 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Aug 2022 06:28:44 GMT
index.js
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/ Frame D493 		23 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6e080e881e29a77d25b2707d3d130d52bf039080f439ffe7618ed9ebe5c0d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 22:02:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
548757
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4226
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:48:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 03 Aug 2023 22:02:47 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2503 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssgpdyr6ulA9tdttpbJ2ABGq7m3AGXeB0qdqBXclD8JCV2D4_LUNxPBdawClkWnEu9N5j6Eim6OJne4J5XXkheVjJ8hW7dVHxL37snA7dkZ2bWLi6ysNuGOsbqlep6i2cHl25USViSCJOqAofBWX76CfQEqM49rZId9fuhIutQEPiY&sai=AMfl-YRDRsB4oAs3QAcRowkI6gpSbiGjbMsGfZRGYuGEwBPFFsieo764qt183A5NfxEafooyVTz_dX7fSttDVR2dVE15gUCclbqAsLs&sig=Cg0ArKJSzEAUB2zS7DpwEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Aug 2022 06:28:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame B783 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aacd82f3a6e0e9b82a08788d517939b088afe0e7bcbbec1eb371f7cd79eefbd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 83BB 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 05:59:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1771
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7596
x-xss-protection
0
server
cafe
etag
12715132177492665634
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 05:59:14 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 1E06
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 06:28:45 GMT
expires
Wed, 10 Aug 2022 06:28:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 06:28:45 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 94D2 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3622919201&pi=t.ma~as.5788561387&w=728&lmt=1660112923&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922989&bpp=3&bdt=651&idt=522&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280%2C728x90&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1563&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=SoA8VOiTCe&p=https%3A//www.farfeshplus.online&dtd=525
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3622919201&pi=t.ma~as.5788561387&w=728&lmt=1660112923&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922989&bpp=3&bdt=651&idt=522&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280%2C728x90&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1563&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=SoA8VOiTCe&p=https%3A//www.farfeshplus.online&dtd=525
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1067
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 06:10:58 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 4907 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3622919201&pi=t.ma~as.5788561387&w=728&lmt=1660112923&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922989&bpp=3&bdt=651&idt=522&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280%2C728x90&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1563&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=SoA8VOiTCe&p=https%3A//www.farfeshplus.online&dtd=525
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:01:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1641
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 06:01:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4907 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3622919201&pi=t.ma~as.5788561387&w=728&lmt=1660112923&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922989&bpp=3&bdt=651&idt=522&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280%2C728x90&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1563&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=SoA8VOiTCe&p=https%3A//www.farfeshplus.online&dtd=525
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44011
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659958456967243"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Aug 2022 06:28:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 3B04 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 05:59:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1771
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7596
x-xss-protection
0
server
cafe
etag
12715132177492665634
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 05:59:14 GMT
passback_160x600.js
static.adsafeprotected.com/ Frame 4DB6 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/passback_160x600.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:5400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
95e9b520e4fa4708a1c77240f74659b7964412a25f37c656cb1cb05cfed6b324

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 23:06:35 GMT
content-encoding
gzip
age
544930
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 18 Feb 2022 23:29:36 GMT
server
AmazonS3
etag
W/"e27cc778cdbd4fb2ab2c39d090d5c119"
vary
Accept-Encoding
x-amz-version-id
8Lk6nwqXh6k6nfZmyjbOHVq75QkTtjZi
via
1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA56-P7
content-type
application/javascript
x-amz-cf-id
vTBCc9KLtzjkibenioGCTqV7_hUzpJAwfEyR9dyW4si10KQt_X89Dg==
si
googleads.g.doubleclick.net/pagead/drt/ Frame 3F50
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 06:28:45 GMT
expires
Wed, 10 Aug 2022 06:28:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 06:28:45 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame A633 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0690a9f47a388fcf00b536d62844d0c94513e0cfed499683222d71f1ece6bcb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F537 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
482560
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 04 Aug 2022 16:26:05 GMT
expires
Fri, 04 Aug 2023 16:26:05 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
pagead2.googlesyndication.com/bg/ Frame A240 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 13:08:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
62439
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14146
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 13:08:06 GMT
logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/ Frame A240 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/logo.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=280&slotname=9134183485&adk=3378407940&adf=438727914&pi=t.ma~as.9134183485&w=336&lmt=1660112923&psa=0&format=336x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923300&bpp=1&bdt=963&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=3262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=39&uci=a!13&btvi=1&fsb=1&xpc=4MUJuJ2tiO&p=https%3A//www.farfeshplus.online&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85b1dd00466b81ac688c61c8f9e5c5fc8c45e3cacbee1476cc9f51c2f0fc2668
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
154243
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2191
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 11:12:09 GMT
server
sffe
date
Mon, 08 Aug 2022 11:38:02 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Aug 2023 11:38:02 GMT
txt1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/ Frame A240 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/txt1.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=280&slotname=9134183485&adk=3378407940&adf=438727914&pi=t.ma~as.9134183485&w=336&lmt=1660112923&psa=0&format=336x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923300&bpp=1&bdt=963&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=3262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=39&uci=a!13&btvi=1&fsb=1&xpc=4MUJuJ2tiO&p=https%3A//www.farfeshplus.online&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa92fe5dfb6eb1e1d79ab08a1ebb220a92493c6702846f9c8a02f0d785da132c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
154243
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21978
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 11:12:09 GMT
server
sffe
date
Mon, 08 Aug 2022 11:38:02 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Aug 2023 11:38:02 GMT
cta.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/ Frame A240 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/cta.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=280&slotname=9134183485&adk=3378407940&adf=438727914&pi=t.ma~as.9134183485&w=336&lmt=1660112923&psa=0&format=336x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923300&bpp=1&bdt=963&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=3262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=39&uci=a!13&btvi=1&fsb=1&xpc=4MUJuJ2tiO&p=https%3A//www.farfeshplus.online&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3f8b5ad6cfb1808cab74534896a3513105461c56516031f7799eff9f0768be6
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
154243
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1150
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 11:12:09 GMT
server
sffe
date
Mon, 08 Aug 2022 11:38:02 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Aug 2023 11:38:02 GMT
img1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/ Frame A240 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/img1.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=280&slotname=9134183485&adk=3378407940&adf=438727914&pi=t.ma~as.9134183485&w=336&lmt=1660112923&psa=0&format=336x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923300&bpp=1&bdt=963&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=3262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=39&uci=a!13&btvi=1&fsb=1&xpc=4MUJuJ2tiO&p=https%3A//www.farfeshplus.online&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b2d712c45710fbfb6b4afb6291497785938fe80eada67ced184a4e81261d80c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
154243
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29768
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 11:12:09 GMT
server
sffe
date
Mon, 08 Aug 2022 11:38:02 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Aug 2023 11:38:02 GMT
img2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/ Frame A240 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/img2.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=280&slotname=9134183485&adk=3378407940&adf=438727914&pi=t.ma~as.9134183485&w=336&lmt=1660112923&psa=0&format=336x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923300&bpp=1&bdt=963&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=3262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=39&uci=a!13&btvi=1&fsb=1&xpc=4MUJuJ2tiO&p=https%3A//www.farfeshplus.online&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20529ace0ea3b33a1657c81a45814e8a9bf4090d35396b62b5ab65ab4e7fb1f9
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
154243
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30035
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 11:12:09 GMT
server
sffe
date
Mon, 08 Aug 2022 11:38:02 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Aug 2023 11:38:02 GMT
img3.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/ Frame A240 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/img3.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=280&slotname=9134183485&adk=3378407940&adf=438727914&pi=t.ma~as.9134183485&w=336&lmt=1660112923&psa=0&format=336x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923300&bpp=1&bdt=963&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=3262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=39&uci=a!13&btvi=1&fsb=1&xpc=4MUJuJ2tiO&p=https%3A//www.farfeshplus.online&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1da5d7eb848212173820b2f28da139205d7a6e379552463ca2bc958a6ca343b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
154242
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37033
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 11:12:09 GMT
server
sffe
date
Mon, 08 Aug 2022 11:38:03 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Aug 2023 11:38:03 GMT
gen_csp
pagead2.googlesyndication.com/pagead/ Frame 4907 		0
20 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMbi4cjSu_kCFUSIsgodCSIGuQ&gqi=G1DzYt2PII-2x_APxMWC8AE&layout=/sadbundle/%24csp%253Der3%24/5452420620895986848/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3622919201&pi=t.ma~as.5788561387&w=728&lmt=1660112923&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922989&bpp=3&bdt=651&idt=522&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280%2C728x90&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1563&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=SoA8VOiTCe&p=https%3A//www.farfeshplus.online&dtd=525
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 2503 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=11b4b122-8bbf-1083-a49e-fb935a4ae0d4&tv=%7Bc:kRO1Ey,pingTime:-10,time:1042,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNC4wLjUxMTIuNzkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1660112925205%7C%7C46e0262b875522ff65b1d69b021b5337%7C%7Cb4bf91f622d70e9512a166bc36c81122%7C%7C55f75b8950aa9b397cdb1ef35a6a32ec%7C%7C951d21f18e2ca4a782defcfa312d47e2%7C%7C2c5b5103f888623b04925e81cc59b286%7C%7Cdebc3b69396c30c2d7e9841634acc532%7C%7Cad0efad646abdef813bd4e81fd1e8768%7C%7C1629390669,im:%7BpWait:153%7D%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=8400035594&adk=833794805&adf=3132389021&pi=t.ma~as.8400035594&w=160&lmt=1660112923&psa=0&format=160x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922945&bpp=1&bdt=608&idt=362&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600%2C336x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mE4KS0So69&p=https%3A//www.farfeshplus.online&dtd=366
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Aug 2022 06:28:45 GMT
X-Server-Name
dt37.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
pagead2.googlesyndication.com/bg/ Frame 9DFF 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 13:08:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
62439
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14146
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 13:08:06 GMT
truncated
/ Frame BEDE 		121 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9768390e63dd0e69cda6a0195e127c6cef278929dbe93bd64c811086d708c555

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/jpeg
si
googleads.g.doubleclick.net/pagead/drt/ Frame B404
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=2065248459&adk=1530395088&adf=1056458448&pi=t.ma~as.2065248459&w=300&lmt=1660112923&psa=0&format=300x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922945&bpp=1&bdt=607&idt=412&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1760ac1a23b33a3-228f92b8e9cd00b3%3AT%3D1660112923%3ART%3D1660112923%3AS%3DALNI_MYsepQxJ79h40_6v6XfVTRdIlpAyw&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ZhN9XgVK8W&p=https%3A//www.farfeshplus.online&dtd=415
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 06:28:45 GMT
expires
Wed, 10 Aug 2022 06:28:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 06:28:45 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
l
www.google.com/ads/measurement/ Frame A0FD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS6CIzQ8DQWu6OUQjpPfcJzRkHtAMnOFgOzbFMhYyNTX_d51iWsYeKKRAcTeOanukLhstLXSSAvQdaJH1WQXzgiFFCpHg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=280&slotname=9134183485&adk=3378407940&adf=438727914&pi=t.ma~as.9134183485&w=336&lmt=1660112923&psa=0&format=336x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923300&bpp=1&bdt=963&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=3262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=39&uci=a!13&btvi=1&fsb=1&xpc=4MUJuJ2tiO&p=https%3A//www.farfeshplus.online&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js
pagead2.googlesyndication.com/bg/ Frame 4D0C 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc9812c4bbf933c8cef8bd54b652f4af15e0ac7ed61b83ada67415483054d85d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 07 Aug 2022 12:50:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
236290
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14039
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 07 Aug 2023 12:50:35 GMT
cta2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6379025172620985042/ Frame 4D0C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6379025172620985042/cta2.png
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c9513781c4f234afb112e19cd27a1559181c12ab88f286edccdbe1ad47af11d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
507932
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2333
x-xss-protection
0
last-modified
Fri, 15 Jan 2021 16:38:36 GMT
server
sffe
date
Thu, 04 Aug 2022 09:23:13 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 04 Aug 2023 09:23:13 GMT
cta.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6379025172620985042/ Frame 4D0C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6379025172620985042/cta.png
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d8d2edfda89260c624baa30f56ed31c8243343364078c45be228897dfa0fadf
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
28821
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2047
x-xss-protection
0
last-modified
Fri, 15 Jan 2021 16:38:36 GMT
server
sffe
date
Tue, 09 Aug 2022 22:28:24 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 09 Aug 2023 22:28:24 GMT
title.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6379025172620985042/ Frame 4D0C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6379025172620985042/title.png
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10e4dc131f719bf4ce0093e1682047905563c54c331d00d47614d07fd7a553c0
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
507932
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2720
x-xss-protection
0
last-modified
Fri, 15 Jan 2021 16:38:36 GMT
server
sffe
date
Thu, 04 Aug 2022 09:23:13 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 04 Aug 2023 09:23:13 GMT
txt.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6379025172620985042/ Frame 4D0C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6379025172620985042/txt.png
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec8d94b4fc714cc3fe9c80e6f3c504a275d594de8aac68c22b89dad97bd7a919
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
507932
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2590
x-xss-protection
0
last-modified
Fri, 15 Jan 2021 16:38:36 GMT
server
sffe
date
Thu, 04 Aug 2022 09:23:13 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 04 Aug 2023 09:23:13 GMT
splash.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6379025172620985042/ Frame 4D0C 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6379025172620985042/splash.png
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21d1b0b20f828bfc30a28d955358f5365617fa9a43d1b4b4899ffb4bcc58ac1a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
28821
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12084
x-xss-protection
0
last-modified
Fri, 15 Jan 2021 16:38:36 GMT
server
sffe
date
Tue, 09 Aug 2022 22:28:24 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 09 Aug 2023 22:28:24 GMT
logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6379025172620985042/ Frame 4D0C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6379025172620985042/logo.png
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6542d6957eb2019397fc494426e9dcdd6dd4e36ef7ac5543975c0f46195684a1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
28821
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2141
x-xss-protection
0
last-modified
Fri, 15 Jan 2021 16:38:36 GMT
server
sffe
date
Tue, 09 Aug 2022 22:28:24 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 09 Aug 2023 22:28:24 GMT
dust2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6379025172620985042/ Frame 4D0C 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6379025172620985042/dust2.png
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
38d0f5ea1cf620acf5dd9b7ed2d362684913db9d367e3cbdb3c2ffa8a1ce0846
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
28821
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7198
x-xss-protection
0
last-modified
Fri, 15 Jan 2021 16:38:36 GMT
server
sffe
date
Tue, 09 Aug 2022 22:28:24 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 09 Aug 2023 22:28:24 GMT
dust3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6379025172620985042/ Frame 4D0C 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6379025172620985042/dust3.png
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edfb87037c9b1119a254db457e60d604dc1f3ddb366127fbd8f3571bab693066
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
28821
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7721
x-xss-protection
0
last-modified
Fri, 15 Jan 2021 16:38:36 GMT
server
sffe
date
Tue, 09 Aug 2022 22:28:24 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 09 Aug 2023 22:28:24 GMT
dust1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6379025172620985042/ Frame 4D0C 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6379025172620985042/dust1.png
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f99bb0292828d2a14de5f044b9736fdc037567686c76892785dc443d0644b68
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
28821
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3751
x-xss-protection
0
last-modified
Fri, 15 Jan 2021 16:38:36 GMT
server
sffe
date
Tue, 09 Aug 2022 22:28:24 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 09 Aug 2023 22:28:24 GMT
rahmen.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6379025172620985042/ Frame 4D0C 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6379025172620985042/rahmen.png
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eee0942126b19590f3f73f1adab415019273bd7fb86963c3b3bedec3a9a971b2
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
28821
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3962
x-xss-protection
0
last-modified
Fri, 15 Jan 2021 16:38:36 GMT
server
sffe
date
Tue, 09 Aug 2022 22:28:24 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 09 Aug 2023 22:28:24 GMT
bg2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6379025172620985042/ Frame 4D0C 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6379025172620985042/bg2.jpg
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad3833d8c1c354d0eba5c33a4ed269b580316a98172c44a7eb46ceb09e755f59
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
507932
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24977
x-xss-protection
0
last-modified
Fri, 15 Jan 2021 16:38:36 GMT
server
sffe
date
Thu, 04 Aug 2022 09:23:13 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 04 Aug 2023 09:23:13 GMT
bg1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6379025172620985042/ Frame 4D0C 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6379025172620985042/bg1.jpg
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
674910f918d7e1679bc0405ce6f19495c7e4cb463af2f81ec96ae604161b9a10
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
507932
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20884
x-xss-protection
0
last-modified
Fri, 15 Jan 2021 16:38:36 GMT
server
sffe
date
Thu, 04 Aug 2022 09:23:13 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 04 Aug 2023 09:23:13 GMT
csi
csi.gstatic.com/ Frame 496C 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l6n8de55&c=4850074243342&slotId=2425037121671&qqid=CJm20cjSu_kCFZaodwod-LkC_A&fb=outstream-lima&gpm_i=8&gpm_c=8&gpm_a=7&smb=1000&br=700&mt=video%2Fmp4&vs=854x480&ulv=1&cll=0&vast_v=2.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=FTPrivacy&icdi=16x16&vmfc=8&vhc=0&ccc=0&msm=1&aits=0&webm=0&vp9=0&vamt=application%2Fjavascript%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=true&vms=1&bit=0&umsem=0&met.4=atrd.yj&ape=1&ple=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220801_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4023::78 Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:45 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame A0FD 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bab49784fe3dbfb8041d19939acbddae364f78ba5884ad9fbf6b48ee8062afe2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
IAS_PassbackAds_160x600.png
static.adsafeprotected.com/ Frame 4DB6 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/IAS_PassbackAds_160x600.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:5400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
13340dfc25a96d245772fb41c7aa01c32723b80d8dd8240864b747610d2ff745

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
Ax9g4_p37qT.TuZCPzwZssuxM41dY1J7
via
1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
etag
"eef84d4a7321b73260b41707db98756f"
age
343964
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
16777
last-modified
Fri, 18 Feb 2022 23:28:48 GMT
server
AmazonS3
date
Sat, 06 Aug 2022 06:56:02 GMT
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=604800
x-amz-cf-pop
FRA56-P7
accept-ranges
bytes
x-amz-cf-id
Flc29D_leaWqjTcuZyy4rLNUQMjS4njs58Usb5p4wV-DpyCRblBJLg==
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 20D5 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=250&slotname=6076681977&adk=2278793534&adf=3181854402&pi=t.ma~as.6076681977&w=300&lmt=1660112923&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923419&bpp=1&bdt=1082&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600&nras=1&correlator=2329524702554&frm=20&pv=2&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4778&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=43&uci=a!17&btvi=3&fsb=1&xpc=S9xagpeohj&p=https%3A//www.farfeshplus.online&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 05:59:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1771
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7596
x-xss-protection
0
server
cafe
etag
12715132177492665634
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 05:59:14 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 46CD
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=250&slotname=6076681977&adk=2278793534&adf=3181854402&pi=t.ma~as.6076681977&w=300&lmt=1660112923&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923419&bpp=1&bdt=1082&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600&nras=1&correlator=2329524702554&frm=20&pv=2&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4778&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=43&uci=a!17&btvi=3&fsb=1&xpc=S9xagpeohj&p=https%3A//www.farfeshplus.online&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 06:28:45 GMT
expires
Wed, 10 Aug 2022 06:28:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 06:28:45 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
l
www.google.com/ads/measurement/ Frame 83BB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRGGwIbojnhAprpQeSvVIOqTseeEutkmi6_hcFl1IQerWeufjCoLVxw47RLRUG8sQJsnncWix2BDP7WRsnMZUmhTHsJoA
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js
pagead2.googlesyndication.com/bg/ Frame D598 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc9812c4bbf933c8cef8bd54b652f4af15e0ac7ed61b83ada67415483054d85d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 07 Aug 2022 12:50:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
236290
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14039
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 07 Aug 2023 12:50:35 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame EF6A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1738279810&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1660112923&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922966&bpp=2&bdt=629&idt=464&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=ZnV6vXKrNG&p=https%3A//www.farfeshplus.online&dtd=467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 06:28:45 GMT
expires
Wed, 10 Aug 2022 06:28:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 06:28:45 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame C718 		4 KB
621 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400|Roboto:700
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5452420620895986848/321b20d6f1e1117231f20a0756ab7cf6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 06:08:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 10 Aug 2022 06:28:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Aug 2022 06:28:45 GMT
83ac4927bd457a6c0d725d2020a9152a.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5452420620895986848/media/ Frame C718 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5452420620895986848/media/83ac4927bd457a6c0d725d2020a9152a.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5452420620895986848/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42602978c9a802fda0871c82889b18d2754e5994fd904863cfca17210c1932c1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
285848
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4434
x-xss-protection
0
last-modified
Wed, 13 Jul 2022 11:27:37 GMT
server
sffe
date
Sat, 06 Aug 2022 23:04:37 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 06 Aug 2023 23:04:37 GMT
56b43f72be8b6be639cdd483e7f48c12.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5452420620895986848/media/ Frame C718 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5452420620895986848/media/56b43f72be8b6be639cdd483e7f48c12.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5452420620895986848/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
985a75678aeb2265ad5871fa4e1bc207eefa788e1d5a47bf5dd848e3d9847765
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
285848
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1314
x-xss-protection
0
last-modified
Wed, 13 Jul 2022 11:27:37 GMT
server
sffe
date
Sat, 06 Aug 2022 23:04:37 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 06 Aug 2023 23:04:37 GMT
274674026d8dd2c5d812b10082d42630.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5452420620895986848/media/ Frame C718 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5452420620895986848/media/274674026d8dd2c5d812b10082d42630.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5452420620895986848/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a61c6bcec31dfb6363ab2bcd0cc1a3712e541af485f81ce2dbb891868d30e80d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
285848
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5569
x-xss-protection
0
last-modified
Wed, 13 Jul 2022 11:27:37 GMT
server
sffe
date
Sat, 06 Aug 2022 23:04:37 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 06 Aug 2023 23:04:37 GMT
a5bf343fc0690061d886f0354836e6c1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5452420620895986848/media/ Frame C718 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5452420620895986848/media/a5bf343fc0690061d886f0354836e6c1.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5452420620895986848/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bae5abbb0a526cf58dde037e49c8ea8f804d50d751e45e4314bdb3ec0ae31925
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
285848
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4160
x-xss-protection
0
last-modified
Wed, 13 Jul 2022 11:27:37 GMT
server
sffe
date
Sat, 06 Aug 2022 23:04:37 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 06 Aug 2023 23:04:37 GMT
truncated
/ Frame 83BB 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3cad3ba09310db42c8436baf0d6e4d01718445c837dde31e41bdafd5e8e0f291

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
bgrd.jpg
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame D493 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/bgrd.jpg
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7310148aef9b5a6415c86ad58145e45ca053cb4dd04ee071a3840355f955966b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 07 Aug 2022 12:08:04 GMT
x-content-type-options
nosniff
age
238841
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8938
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:48:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 07 Aug 2023 12:08:04 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D33E 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssaSsTddMDYUGKPFcbVy-vuBhCQwlwHLfJR82GIqdM0vXYnq5WN8hlnIVf5bZUCSaA334f4GCqnalcbVzY3XMM0ihvumGa-PREIBoqeXQl7_pmre62wNYhUZuSv7S0trQLp2-4_engtl_mx6oN263y-ric4oUmY9HeG8t_A4tmVKPvhHwh7dMcRlcckVXQQBQnpDLpk7Ab_-537c1u7ZN4hVS6t6aCYO7PjIk96Q2fFBBIaYUIiQAm81Doym2dus_vuAKHaRFQPKy2Vf-EJH1Az977jiiZw92Lcow7FKwonDWvK41qaLiukbdx5Y5clE9siBZfyDJ38S8HSg5kjL6v2JdGU8ujFEem4ZaXoAoVTG8jO0yNbmgJAKk3xr5KMU1EYFthY3xBQgO0k4t7-_sj2B3-NIV-GErCEoEvyLaQugGVEUiJ57iEjeIOqRaYJwvjnIcy2GKLSECzmMnK12RA8GpXMk3rZS0GdAJe5t-R56Diru3szaCldk8gSNNpjl-Ci_dCvczDv-I6cST2hQ3bgRr5pZZAf0eB-Xq16fnc3Hdv6XXlbP9fqxyzQugicJ6L3w3NZDhBTpOeDUVi3PEejdmboNP3Pp6-BEZE8_sU-lBT3LC-v6lmlh1Sl_rhkP-sq8c7mPFecqKxN5TGZEmiiT2PHBVEfXkk7NTTXV2b8-nCh0bsR8oeysmyT-wEYAVMokmdCgyWzNSdLcyffSGP5ZvwK4UahDM_hkSjaUAtgHuVutyP1wg76V4kwzluOCCWxdz9N4S1EC1viR3SQh7SU3YEFOflZkS_lVhfBlqSAy6_ADMhBe5qCgSIDhxGzz6QhbpWXDL1UQtF3juq3TAaZiq6YP9qXRbXoBXIcxcT5_Ugdadmzpk5Rhr9tkAXORutMFt8ZMKdwMNnFivE3g3boAN4u9K0d3eWMMHBBGHzcaXJjDWnX-fNNtsUhlWaaXTkj7RqA9RXN4MynhiXLh7cYhK_h65o8Hg7ROAx-YkfgwZBW7Tr9ZhTrwba7edgtnk_2NQOCaePLIS4W8dsq723OYVO67SIsDgIlpLCmcVGmicoPFF3JXB7DDRwqN0fIFXoqeLkIGWkZRPyiNKzKt70bpb7sFePw7gJwUud93EkRAcU2QA83s-Y51YfiXxZcqXYJuYtGm1KhnOZSs_7FXp53CUue3GWpDJ0ozeZfHvkdru8eIXKN14I9q9ebY6K9JNu67HM3t3C7jPiQv1mFm87z17U2k102uygTN9GDC-GUPqg9vAIkXlOuykylfjgCrMXPH5NBWceKGyE720KxOlwUzXl0eU3cgSmdmxiP&sai=AMfl-YQ0XKIPAuuPFzLY47rSsVtaTmiIMlO8R72MLGV6JRpm3mDgBJKbGfB1hJ046ViLzqD23e8q2LK4k9QhmaV34rZ7F2WDV-hwVEqGUh5H-v0WeMmgmSbOh5PKnDZKyc6vqZWVHGllHoym4GMXwJtvaxXsdorFd6HIG28d3b9YmKfr00p0GfOQbVfM2jbmSK-TvbIAYS2FEXUwxyoWZ379mnhxYe3DqYo&sig=Cg0ArKJSzM-Ei4iSmWRhEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1164&vt=11&dtpt=725&dett=3&cstd=437&cisv=r20220808.18679&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Aug 2022 06:28:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
l
www.google.com/ads/measurement/ Frame 3B04 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS1eWbzs-tQGuAnSP_0fy6hhcx41VQ0JZeYTDa4BEVbXIKpRGr0CG9IT7z8snSLTIU6SI7oxfELnP5ctcLY2-uxZkOp1g
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
si
googleads.g.doubleclick.net/pagead/drt/ Frame 034A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 06:28:45 GMT
expires
Wed, 10 Aug 2022 06:28:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 06:28:45 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js
pagead2.googlesyndication.com/bg/ Frame F472 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc9812c4bbf933c8cef8bd54b652f4af15e0ac7ed61b83ada67415483054d85d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 07 Aug 2022 12:50:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
236290
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14039
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 07 Aug 2023 12:50:35 GMT
truncated
/ Frame 3B04 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
097c32160654c300579bbdace63ca035c075ec78e42182b54161fd7fa02ece96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 3EEB 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C8xsuG1DzYsL-Hp6SygWIhbSoBrCB49Fj3djRv7gOp_3SjdElEAEgrYmDJmCV8p-CsAegAbiE5PkCyAEJqQJPLqKnuUS0PqgDAcgDCKoE9QFP0Gvi_fdy4iIQ-p24DWbJCaoE-hqoCXFDjDyRMYg6anEuZ1OJpuW0mCLFO0v0VvhY3jGFv1jh5owsozCJysxgadlvODxSx4p3-UVXsD7ZiLIVWd2e4SI3TAUGlcbM-H3AQqK-zzpXyckgeZh4c66tIhl7JC8N_dZNxgM3zkQl3oOO8XgmaD-djGVHgGznXrGi3IShgf0zUqDIgNl2sVWmHqTpgl7IpwlryUVj1KoZOPYeAmqF7S0RaJ7AjrNU079ehfRbSVU2bf508h21Mbwhg-XcFas7wQOHV16OGaTp1xFN7I1hmXQRtbu367ES3qZfYT86csAE0pif-NUDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7D7m4YBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwUQjf6rA9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMC0BUBgBcBshccChoIABIUcHViLTYyNjYzMTMxOTAwODcxNzMYAA&sigh=fnlBwPfGpds&uach_m=[]&template_id=419&cbvp=2
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3713237092&pi=t.ma~as.5788561387&w=728&lmt=1660112923&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922975&bpp=3&bdt=637&idt=491&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=963&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=ip6Eyayggw&p=https%3A//www.farfeshplus.online&dtd=493
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 10 Aug 2022 06:28:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
pagead2.googlesyndication.com/bg/ Frame AF14 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 13:08:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
62439
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14146
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 13:08:06 GMT
logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/ Frame AF14 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/logo.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85b1dd00466b81ac688c61c8f9e5c5fc8c45e3cacbee1476cc9f51c2f0fc2668
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
154243
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2191
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 11:12:09 GMT
server
sffe
date
Mon, 08 Aug 2022 11:38:02 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Aug 2023 11:38:02 GMT
txt1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/ Frame AF14 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/txt1.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa92fe5dfb6eb1e1d79ab08a1ebb220a92493c6702846f9c8a02f0d785da132c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
154243
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21978
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 11:12:09 GMT
server
sffe
date
Mon, 08 Aug 2022 11:38:02 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Aug 2023 11:38:02 GMT
cta.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/ Frame AF14 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/cta.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3f8b5ad6cfb1808cab74534896a3513105461c56516031f7799eff9f0768be6
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
154243
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1150
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 11:12:09 GMT
server
sffe
date
Mon, 08 Aug 2022 11:38:02 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Aug 2023 11:38:02 GMT
img1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/ Frame AF14 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/img1.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b2d712c45710fbfb6b4afb6291497785938fe80eada67ced184a4e81261d80c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
154243
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29768
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 11:12:09 GMT
server
sffe
date
Mon, 08 Aug 2022 11:38:02 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Aug 2023 11:38:02 GMT
img2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/ Frame AF14 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/img2.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20529ace0ea3b33a1657c81a45814e8a9bf4090d35396b62b5ab65ab4e7fb1f9
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
154243
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30035
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 11:12:09 GMT
server
sffe
date
Mon, 08 Aug 2022 11:38:02 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Aug 2023 11:38:02 GMT
img3.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/ Frame AF14 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/img3.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4990041485613105039/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1da5d7eb848212173820b2f28da139205d7a6e379552463ca2bc958a6ca343b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
154242
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37033
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 11:12:09 GMT
server
sffe
date
Mon, 08 Aug 2022 11:38:03 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Aug 2023 11:38:03 GMT
css
fonts.googleapis.com/ Frame 51B3 		2 KB
540 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/e6f40d138158e41bbc4290d1d8f9ae48.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0e53fe7669a287b3f57bb942dcf1a1fc61c969891ddce211874c475996f8a029
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 06:27:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 10 Aug 2022 06:28:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Aug 2022 06:28:45 GMT
5d2621bd596ef5c2c83d009be66f5432.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/media/ Frame 51B3 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/media/5d2621bd596ef5c2c83d009be66f5432.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1b041f5710b8d2adc88aa7ee849409cfac64f18cab33a2c4b83de35844a016d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
17821
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13530
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 01:11:45 GMT
server
sffe
date
Wed, 10 Aug 2022 01:31:44 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 10 Aug 2023 01:31:44 GMT
UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
pagead2.googlesyndication.com/bg/ Frame 66A3 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 13:08:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
62439
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14146
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 13:08:06 GMT
sale_white.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13842806366495536883/ Frame 66A3 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13842806366495536883/sale_white.png
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53d26929d0a6cf2e90ae51ade0a15f1f45a3cd017631322fc7391b58b5fecaec
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
410335
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4349
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 15:35:12 GMT
server
sffe
date
Fri, 05 Aug 2022 12:29:50 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 05 Aug 2023 12:29:50 GMT
sale_red.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13842806366495536883/ Frame 66A3 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13842806366495536883/sale_red.png
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd24b34a27fce760fcc344b87da4de9b4a4f810cf6c9437364927561e258b77f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
410335
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4353
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 15:35:12 GMT
server
sffe
date
Fri, 05 Aug 2022 12:29:50 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 05 Aug 2023 12:29:50 GMT
logo.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13842806366495536883/ Frame 66A3 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13842806366495536883/logo.svg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e88a703cd40665a296900c9537430c82b36789465ea0ebc48122cc8dd9904bd7
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
410335
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4005
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 15:35:12 GMT
server
sffe
date
Fri, 05 Aug 2022 12:29:50 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 05 Aug 2023 12:29:50 GMT
CTA.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13842806366495536883/ Frame 66A3 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13842806366495536883/CTA.svg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bca5848863da2330453f1a6408a3e94623c50877ae30d7f4f7f17d7191007a55
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
410335
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2878
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 15:35:12 GMT
server
sffe
date
Fri, 05 Aug 2022 12:29:50 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 05 Aug 2023 12:29:50 GMT
background.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13842806366495536883/ Frame 66A3 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13842806366495536883/background.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9d65ad68b624600c52b7918ca6de659f9977728a62cf7f86c618cc0057c02bf
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
410335
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45644
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 15:35:12 GMT
server
sffe
date
Fri, 05 Aug 2022 12:29:50 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 05 Aug 2023 12:29:50 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2503 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu36kavZsITuuSa1w6pzhch6p7bDZg2e5pVkG_zp0bRlMZrQj003LTr7LJPND19fp45zWR7HlHCfFNayzX6mcF2mQQNeprB9BeR5uvp1vM7EG_HqdP9MT-_5PLgULnxVcWLVJbb2DnEnArlJ93FEvhA1NP-MBoAoXN07ObzmVZGwuJZdjvBETGhcTxTMbyeaJsLr_LcC7fFjJ9XEAPjnrMEdcrSQa1_i_e254C01BQPel3AoEtXpJH17T0fGriado-pwl00gtJ0EuFp_FX1cstaTlIzSIhfwrdgwys6RYGgvBP68zqH4UK7Fmd3NXSYyKgC4DrPp46PuQXhRUMkRcorARvOSklsVntQghjwcCbt-XFHtNMg5M1ZOv4AbiZd_gAZ-_8O9rIirwuEc3pA32Vi2-PYpW94fV5qzni0tg27jGzzQKA2-7NbsxVgVFz0HLY52JPypd-Adp7Ancl3p2ARGtjt40AzxZJ9TQw9rZKIQzIvCCP6EiQpc1Krlflbi5m-fzIZXjd5brQRqpW-eUvOukY1L5UZQkzGJN1ELiOdP2auZKuX9BRw4TFfuXzidcC_ZaM5Gr5XBAWSbrVyuz3fYRytt5RuOaEfSYAq9XKHJuBk5ocp1UTCa1hYx40PcDwITAOjScZET6Eax7HojkatwvjzSGkNtMzmcC9x4Rw_sE_bSYnxb59wHm9wECdmC9JpaKywjNHL1iqrumKOtqVekCKNyIiIIvMvvKhVJw4tYeNzwyahGApJ3CdhyUSsQMBKrTDGpGxZZBK1-orpwySrcY7vs_9L1pHy5u5NsAp6dcmoxHg3oIAZOMObQqYRzMullVWx9AAU2GrZ3Mn0jEwMbeVrchzk295f0g5LnW_uRQhAgzB-K3V9TYWs5c3KbSX_CQ2OjKj71qj2Qw-JBwsi65NXfz4o-zOZx-dwzfTzbqTXThcwhvsnU3dNn4Bc8WZbr4-WTEcgooxEt8LSqJQ-gbSN17v2vhXgl_5yS2LL7ERCRUYYmllG4x_rS6GGScXbI4SuDliPIis1cKD68a4ORAGy2ocW3bs5dNsQGFJcRCt34qnlaFp7LPAyj56X2vQsbzG0NScuMwqnr2egIfzQ6lGqvvRUz2XtQBS4XcxK7xNB2Nf1nvAaQPlY81veBBusKbG0VMGAGFfalGw_M7q7J0CtJkmYs9rnNMvsEzRxwhq0tWliGK4H7M-jDR0K0jICe-jY2NQhXakEaSHh-YtvlF0XkAxTfzQ_r3QYs-xStZGfP718-FUNtwfxrsQcYnf4nS7WSljUqdQUJvwa&sai=AMfl-YSsn1rD9ELnQ578h37VA34f-GEqnUJbkk2GLhqwXUUwkrLDI-SL5vnsA-W1RQdBHw_6T_KXD8tZlBdLfzWjtKg1GPgfNTerQhrS6DggX52GJ0Tt_dv_fYqsgW-6yA4reEfsQ0Z4YttSaDluc4o-Yg--de4yEQ&sig=Cg0ArKJSzMUsbW999DhbEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1716&vt=11&dtpt=1435&dett=4&cstd=275&cisv=r20220808.72535&vwbs=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Aug 2022 06:28:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 4907 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3622919201&pi=t.ma~as.5788561387&w=728&lmt=1660112923&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922989&bpp=3&bdt=651&idt=522&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280%2C728x90&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1563&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=SoA8VOiTCe&p=https%3A//www.farfeshplus.online&dtd=525
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 05:59:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1771
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7596
x-xss-protection
0
server
cafe
etag
12715132177492665634
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 05:59:14 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 94D2
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3622919201&pi=t.ma~as.5788561387&w=728&lmt=1660112923&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922989&bpp=3&bdt=651&idt=522&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280%2C728x90&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1563&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=SoA8VOiTCe&p=https%3A//www.farfeshplus.online&dtd=525
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 06:28:45 GMT
expires
Wed, 10 Aug 2022 06:28:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 06:28:45 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
btn.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame D493 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/btn.png
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30f634e5cee1ff5942cb19c0667435e895c64969f3c9dbab99b06b83d218a924
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 22:02:47 GMT
x-content-type-options
nosniff
age
548758
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1420
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:48:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 03 Aug 2023 22:02:47 GMT
UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
pagead2.googlesyndication.com/bg/ Frame F537 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 13:08:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
62439
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14146
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 13:08:06 GMT
truncated
/ Frame 20D5 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a9c35d8c4b6d3f6fb7342dd5b1d01eeb7fd5e23d1c2fe37d3e7a462b74bcc5bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C718 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400|Roboto:700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 07 Aug 2022 05:29:41 GMT
x-content-type-options
nosniff
age
262744
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 07 Aug 2023 05:29:41 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C718 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400|Roboto:700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 08:01:51 GMT
x-content-type-options
nosniff
age
512814
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Aug 2023 08:01:51 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 51B3 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 07 Aug 2022 05:29:41 GMT
x-content-type-options
nosniff
age
262744
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 07 Aug 2023 05:29:41 GMT
391f7a7a4277d1f9d837ec833bbc3a24.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/media/ Frame 51B3 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/media/391f7a7a4277d1f9d837ec833bbc3a24.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ac456c259cc6079c8419221cfa83da523d6ac408e5b805a2168a7795924b4ad
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
17820
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13776
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 01:11:45 GMT
server
sffe
date
Wed, 10 Aug 2022 01:31:45 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 10 Aug 2023 01:31:45 GMT
bubble.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame D493 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/bubble.png
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c409f494ee43633c5e2caaeac201b20d165c0bf295d05133ceaf9ac385cab97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 22:02:48 GMT
x-content-type-options
nosniff
age
548757
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11555
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:48:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 03 Aug 2023 22:02:48 GMT
l
www.google.com/ads/measurement/ Frame 4907 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTl1NmMGXsaPFtR2tgXOEE8y-Dx03OpDS-R664FogVLv8neWjFSvUYGqSi8jKwa0KyhwZmd2MsuO6d17q-BlcnahMyvVA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3622919201&pi=t.ma~as.5788561387&w=728&lmt=1660112923&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922989&bpp=3&bdt=651&idt=522&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280%2C728x90&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1563&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=SoA8VOiTCe&p=https%3A//www.farfeshplus.online&dtd=525
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
truncated
/ Frame 4907 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ace12dd025e2b8563461e7165f2b30188459a6b2d8cba341114e13abf9bf578e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
pagead2.googlesyndication.com/bg/ Frame BEDE 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 13:08:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
62439
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14146
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 13:08:06 GMT
dieter.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame D493 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/dieter.png
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7d6728628ef211d3b30f62aae45ab63fd79dc5ab17ad2dcf6f1bbce1268700d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 22:02:48 GMT
x-content-type-options
nosniff
age
548757
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5444
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:48:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 03 Aug 2023 22:02:48 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220808&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecf03e3ee3620756fd88a58febebd41416c102e60ccc5325f5da6f5150cddec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Aug 2022 06:28:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11054
x-xss-protection
0
UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
pagead2.googlesyndication.com/bg/ Frame C718 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 13:08:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
62439
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14146
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 13:08:06 GMT
h1.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame D493 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/h1.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc7154e7e7fdd3d5dbc82764f1a95a5ed863553b8981324adc409172e2e90184
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 22:02:48 GMT
x-content-type-options
nosniff
age
548757
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1167
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:48:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 03 Aug 2023 22:02:48 GMT
3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js
pagead2.googlesyndication.com/bg/ Frame 51B3 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc9812c4bbf933c8cef8bd54b652f4af15e0ac7ed61b83ada67415483054d85d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 07 Aug 2022 12:50:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
236290
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14039
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 07 Aug 2023 12:50:35 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Aug 2022 06:28:45 GMT
h2.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame D493 		691 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/h2.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e6d5cbec4fa0435b5307accc162df34fff6f4eb29050eaf1bc2ce28e2c4cdf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 22:02:48 GMT
x-content-type-options
nosniff
age
548758
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
691
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:48:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 03 Aug 2023 22:02:48 GMT
dt
dt.adsafeprotected.com/ Frame 2503 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=11b4b122-8bbf-1083-a49e-fb935a4ae0d4&tv=%7Bc:kRO1SR,time:1930,type:e,im:%7BpLoad:1345%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:1930,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B1925~0%5D,as:%5B1925~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:211,fm:te5qE9S+11%7C12%7C131%7C14%7C15%7C161%7C162%7C163%7C17*.886862-62195782%7C171%7C172%7C173%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1h%7C1i1%7C1j11%7C1k1%7C1l%7C1m,idMap:17*,rmeas:1,rend:0,renddet:DIV%7D&br=c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
nyidt.adsafeprotected.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Aug 2022 06:28:46 GMT
X-Server-Name
dt37.303net.pvt
P3P
CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame 0590 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssq8Persw4qaW81Og_xFqK_P-Cpbl33XxboWcrUB5z8mhldzJ1F8pPEUABAxLMxuvXzb0sHOx89coYxhEkxtEvhBU466EnwnZCU9O-tjVLQVZJlO4rwIsNPEuIRXPTqW-mJBdi2xUDlJOqscebDFLN1WTsLecx1pcC64U5yMfA&sai=AMfl-YTfgAIYJb46nGH3PgyhdP-EUnY3Iki10oR6Ou7uhgnDbxll6NyVCptIVb0tRgs0vOQzeB6f_Q-Z3bW_1Q7Db8IoGt6Ppm1EHfCx9X6p8TUkFJU4P4Y28NJaR7d3&sig=Cg0ArKJSzA9x9E5tga1wEAE&cid=CAASF-Ro9DcbZi2ABUvwU8d4bF522ltR5Q7P&id=lidar2&mcvt=1083&p=0,0,600,160&mtos=1083,1083,1083,1083,1083&tos=1083,0,0,0,0&v=20220808&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=1530395088&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660112924298&rpt=623&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3B04 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvMOILWS5uL870fElMf9jKPfAa8-_s1rL0nB9uU4ZbGAWkQdIXANxSf_ucTC7cglu0uwsdjT3FrOqj-gBArRP-dDZ0iU569tLgEXF_OEgZQlr2WlWUo06Uadn6yc1SFUe_d0xkVp-9uxNLM&sai=AMfl-YTVjzQhwd-vUFZgdKREmeh7MguFhanMza0S2ftVcJ--y0bHv7NDX5TM0OBgZKpf1k3QtAlT49sBeBAn7wDfg-GOCcr2ubAusljRB8QPg7L-Pa6RPWyzHfmjzCo&sig=Cg0ArKJSzE2QhvWUhn9WEAE&cid=CAASF-Rov0Sh0obKOE3v4jaVlpoW9W5ZgtV8&id=lidar2&mcvt=1085&p=300,1440,900,1600&mtos=1085,1085,1085,1085,1085&tos=1085,0,0,0,0&v=20220808&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=2962285566&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660112923819&rpt=1166&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
h3.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame D493 		826 B
853 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/h3.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1785cd16abf8a5b653b566a70daae72ddda696445bd3b40b810d65137e23985
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 22:02:48 GMT
x-content-type-options
nosniff
age
548758
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
826
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:48:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 03 Aug 2023 22:02:48 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 84E5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.farfeshplus.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
39677
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 19:27:29 GMT
expires
Wed, 09 Aug 2023 19:27:29 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A8AF 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5de5bebd25e93e31f9670156cec4e6ced37ac5d4a98c8ec6b0068249ad7a29e8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nry23V2uS2wake0UWJmZ5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.farfeshplus.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-nry23V2uS2wake0UWJmZ5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 06:28:46 GMT
expires
Wed, 10 Aug 2022 06:28:46 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9DFF 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BG5o6G1DzYvb1KMeV3gPhj52ABQAAAAA4AeAEAg&bg=!8_Cl8LTNAAZGjrx1Zo47ACkAdvg8Wo6xrmOPm-H4_Mb7EIgcMOjvfnsBhdGCQ1nYe0SxQitLkOXpmwIAAAIFUgAAAAJoAQeZAx3IRtZBnPmr14pcMNaItMaMp06FGWwiNE9JREKCzYuU_UKUAeM7aeMJvotVjTmj9ncHczQH6UpiFBTcasRNKb-P37zHZt4lPZWrqRqwZ0lD6DtYaMCR6kumT5-t6KU0C_zyrFfhE4OEEi790H-yCC_vHJm91hk6jVsq6hgKttaNKQSoQvDsMFephgZ7ROoLts5sMLzrK2zdcwWtFyflG45CvCmU61GuMUnvslpwL2JDkYjaDMtPODVMxs_P8fOvA8gEI4D8jNLi1g4807S7HDFOyevcV79Jj4kxpuBYq7TTO3y1uYd2eGX7Z7p5IZQV6nc51CZenwHq2GDQTLZnHn9g_R87aYQYVSIOWKMFtwjSYliSI6fgL1CXskZ-vJP7GC0UHJwpQgF632_SgPFTarRaw8aq3QasZ-MXVFleWHCZbTZmAjrkOZELjGvTEJgW9qDkpqtr6L1qNTBQebEO0JD4APWK-CGLX_he_pGE3xn2r8o_For0Oy-bz9-tkutA0hMSe1enUSogNVz1_btZixA3ETqxlAIegzp1tkoF1-BovvsXN4MxA6vTunuY-rYB56-5n73UEjrAKY5hr_pTAV77WK0iFLMCcdT_yNgpXpAcJn3hEclCBfdqgujlnDNCUyZnljvpJFfQ0hus8rOYGtWAWWtFFKjU9oBZPUUPbeJr8kLXzshgNoFDow7c6l0vAIWFIYfhebB5VUzLhGcgqPm8eysT5Hq0GjCk360i8BdmWt_fJa0yhPnF1yHCzQ5ASFZh1fsMRMjDtEnBhbj58QQXJwUfs4AkVMoWUw4QvmZYZIenvfHOLf2ixP0mM4dhCqnW9mXn4BRBRjwu-WuMNv4jjxe7_o6xwgGsrJyTkUDXlqbtbdQLUXlo7MCHmtDYAWeDy-UhDb42wkU8vPPLa2RD5LsgpiEFzAWp-wagnFjr5Oz279yPT3lAyMShvOxO5U-FiUKSomGLhkNP2pstNYaUq_ExBxrT-xJfwwDnpkrZSnNVoOWHoTHBs6XMec32ptaymHZeWcCe-G1DQ6MpfBlPYDJ2-7dVia2fl_EcuQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B783 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv-xJAtnQzqS4CfFoMN5_2FmJymq9EUusJZEkxntTz9NDZ-uJTzkM7M4CTKXTjU1855vp4F7V0alVaNPjD7XIzJ7QSXF76UWJYbR8pTl5DY5GpfgXAE_c5CsbPLuoBJ92W_CHTPv4Puuged&sai=AMfl-YR4-vaPF_BO6Yu6kD7dFJVPboeEt0GaRIwDYr4LUkdi70HZhah_p_dixtnk5hZH4MnxO85-LM0XBDNZuQev5T7W4byWYPYGesblIurEZgwbvSpidwAwz_Gn5yo&sig=Cg0ArKJSzAhFz4zptudWEAE&cid=CAASF-RoA8fpaPTSxBWG6fSOuRD6DWLehNFV&id=lidar2&mcvt=1026&p=0,0,195.90625,760&mtos=1026,1026,1026,1026,1026&tos=1026,0,0,0,0&v=20220808&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=1067503192&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660112924422&rpt=616&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C600 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZCz4__W7ket6-Q_dENfmnPO0gnJbSeIbLlQNXWW6pQ0rL9yKhttiSK8l6S1XAs_2joRcHujEj1lNSf6zi9LMDEtzV-qYCzuo7XZEoRAmj6gaTbi3ghAr-2qVj0Mmw7dKxdhhKQefldkux&sai=AMfl-YTJjdetAx-rV806ns7Zchw7PQGKk3s_qc76HJSg-6FLQxUj2Zh6INltjQGkQ98Y_PxoetfEpXkakh8eQPIsMNfsK3N1Mcqg2XxjMil1cwt8CNw9SgijOynisQU&sig=Cg0ArKJSzOFfxu1N76KJEAE&cid=CAASF-Ro5vP43RLeUjjoakXGRdVnsSByBaev&id=ampim&o=436,1110&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1081&mtos=0,0,1081,1081,1081&tos=0,0,1081,0,0&tfs=1134&tls=2215&g=100&h=100&tt=2215&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=1704484574
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
h4.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame D493 		967 B
994 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/h4.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27f35250bb878747b818e2264255e07ec6d3bb732f367a76769154f072fc4af8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 22:02:48 GMT
x-content-type-options
nosniff
age
548758
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
967
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:48:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 03 Aug 2023 22:02:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F472 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B2EfrG1DzYqHsOdXQmwf0m7bQDAAAAAA4AeAEAg&bg=!ra6lrurNAAZGjrx1Zo47ACkAdvg8Wm7WuZ50QZxYwoxhJZNmJ6JRhplzdxe-TUx4QThhfw_LEGNkYwIAAAHDUgAAAAJoAQeZA5Ch1P61XYNB7DQozsFRdLpXF191Wfr_CONJJWIBdi2PBfSyTXBwVM9CVicg31b_Sr-cREO7QLPxfIE_f3Oo63XfoUEl5vwEyA3q2xifpm8JXFyhdgtSl_eDPrFGkf2ZD8XSQxAhPIlBRMwYltbBUGgyY67gTwoz3-lIkwtxwMPO1PS1x01HTyoLGO5S5cHFyiFg4gxz1uJBQn5X_yVkDHN3_vznh4GiZiJLQgZ7D7xJGe72Imd8zI8LzVxRNCbBghx9RUDnl4WflEJiNb2PuOx8niqThj4j6hkns2ErdcvgWOS4x18-5V_kuWFXYKYG8KOdnsSmDpMqKC-Jq4fiDtMOUmMpENlG9cFBaG1roJtTJ5ch2ZmEAZFD7y2mXTRmB-r6XqFz3uNi6Hs_mKLAEKuL6e_-FvHFh75MQqZmubN0mBWevj1zEynL8VqmUY16EzW1VQYeQUeLujguWZFUMve1ZZU1LG0umK_M5A6pLxNkIDOfvUQGcgT44eKdhKP5-vetlC8KdOqYN0Q8bdogQaOTxUjUUWYuxooR6zUDXeBTGqiwQwLKqlJTNXe9FZUA9ogWqTb_V9WfY4C2QNWa88aSw6x7uCVeAGJ3-NEGDx2cibBV1vivZwCnAu4v-gl2fIPjnypi8SoqMyjPEFrZB0_O1kkU82NH-DcRUqC3LrETdBHhaz05uyytwV0uIsZEYLef1X2us_vZtaNJMDfmfxYMKACcKOcN5FE6dI07T2I9QYo_VBcbp2qTTH5G30Vn4YZ94zS5oWcR-eDVaaQqFrBSk2OUdcVomagiskzx-2GYwUeuieeLT9n_5mie_XE_w8KkzJ26w-jVC1Ftv5qvv-g7zx5xOysH9wQ-BKZWkER82HT7AhbGgqcbeVoxHC_r0-7K6ZyizF4Udtlr_Q_McnMe4UE9ZxuoIuwR4NdLLCss7_2PmNkzDhStBBHDoEwdMscTzMlRS4jDQHz9lX2QYIfC0HnTTdJPoBmGr1u5fye8HCZYqmUtQDcj9Z7utf0AcjJC7cKhqWxW1WGJsbaxJ_msLBKkI2IeRh7SsABw2V7SfVKkguDpHsg28U58ZIsVWXpDqdD8gAZMYaOEhGMjr8ILpvjGlCPqCBT4Dn4IzUheCd-wDLeMEn_A_m8XLtcVyOIzGRqZiavjeAofI_Af0_0meYaEIFMVxRVJ6uuA1ikJGNrk8Au2zn4SNAhZXXv_PEQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
h5.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame D493 		621 B
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/h5.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1316c59ebb7ebf3879a5d7f1fb1644a34769bcaa22e24ce93d7b2e9c43fa0db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 22:02:48 GMT
x-content-type-options
nosniff
age
548758
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
621
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:48:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 03 Aug 2023 22:02:48 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A8AF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220808&jk=3278476289912146&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
pagead2.googlesyndication.com/bg/ Frame 84E5 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 13:08:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
62440
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14146
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 13:08:06 GMT
h6.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame D493 		682 B
709 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/h6.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a7dfd2734ca75fc47845a64852c3ec5869642c6680a400baf9b2f651144d8f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 22:02:48 GMT
x-content-type-options
nosniff
age
548758
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
682
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:48:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 03 Aug 2023 22:02:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F537 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1Ot8G1DzYs6mO6qZx_APyMuumAgAAAAAOAHgBAI&bg=!ZmWlZSHNAAZGjrx1Zo47ACkAdvg8WkLANqsiX8RMZTTVaedohK1rzkoFnTh1ljsCs5uNH4uYu0cwTgIAAAF1UgAAAAJoAQeZA3elWwmL_y0Oex_ZadX2awIo4-wM-emlgmPjtnClP3DL0qn3hFWO9NAyXInk8grzioh4-_5_3Eo5H6BaMuUTxzLAGrSpPHErXdLv9HK0sONX7avH9Afz5MzB2wCbZYKKSG4M3AMxU_tT61um0uuev3h_m4GSVEI4cpzGn4saRnj5oox3BCP-iPS6SPZVOkmWvuradynXNT_IkleNKpuwVN9oI5hmsakw5rF5q6nb9oNfa2y_3kXcltDCMheGT5bNdTR1wTSwd9v3caW_bDsDxncY858Y2_Jxnif2-bZnY5iLFLFXUmX3OXhk3vjMZVgAw5PWAAsz-AYcOPm42RRaldlNqe5jJaVxoVM7vV9apqvCN5adlsJxREF_39Uq3UdoBP1kV4IPZ7nZ8RXTy_y-zaYmmF0omHuCGKHfKai7muL__-X2kFoiEyHvySKlgJI61lhXiNQQ_8xl5mnnBKZKQJwz4eLaYteWCPUI7xgxArag7RmUm20FpfEBIUiAynIeKEgsBdZzu3ka6GHdrkKCj8TIncqTlZ4Dhz-9F-lr9VmJdBEbIEeT8rQjZpdXKah0llVXBVwmbkBzPyK9bv0z9BdnzwR8ADCXb8onCiMKEu5QvaeVsRDHD6CdSu7i__iZDtRds5TqTTHHvCqsQ-WKYKm08O-S-MUH_iZsmHGFQa13UC1dn7ZLbfFlwjJVJ6qYvhw3SqjxijW-JRdcwGyZ5U8Ca5BFd1CfnLwnCtPk3iKNrJsCC9BTwpdB0maEpKQIsHkr8KTGjilfdXdD9YEYMVsbOt-JqvqbNI_6o8m_0FVr_KX-_DfyFK53iHqMNvmEUn3Z-Ytfj62jQhy6DN63bZ5IUa8F3xgC5LdDQIhZFEwaPa-tewgRCk-qZkJyvGrEPbxedNNhrIAKxslKIzhryhjqy-G4MvAoETKHVUgOV6T7Ggp-qLk8tsLIThzOGPAQ41XUnIUGeFkgRaQImYMR5vb3sfsPPQbKu3l17PW9CF-0S1LHniALjcvKhVo9FOejtu4lWJu9aE09_LhO_dMVWaDPFAcdV_v342qyIW6CvY7OyZxrAaP-di69L6h31UHb07nsMJAwas7mDlZ4TMJsPygqB7QT7I3_cLOoEpDoageFEcbo_3kf0o4NSCnTEtGx2e3HX3Vt2P6UmtOVijqF6FTMwiOtjYwt9g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hand.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame D493 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/hand.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9fce620efedb3a0ab107c356a4980ebff44cb931313fa31fd201b2e28121cfae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 22:02:48 GMT
x-content-type-options
nosniff
age
548758
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1491
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:48:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 03 Aug 2023 22:02:48 GMT
introlog.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame D493 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/introlog.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
deb8237504c89676bea6de8c9995746c9b150c0a7ba958372aea28d3874a7358
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 22:02:48 GMT
x-content-type-options
nosniff
age
548758
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3529
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:48:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 03 Aug 2023 22:02:48 GMT
siegel.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame D493 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/siegel.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2041c7780dcb51eb3a3318ba9ad92f69e5dcf1ee0af75bda2b430353a2133d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 07 Aug 2022 12:08:04 GMT
x-content-type-options
nosniff
age
238842
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4943
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:48:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 07 Aug 2023 12:08:04 GMT
generate_204
tpc.googlesyndication.com/ Frame 84E5 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?39NTcQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 3EEB 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvz5DysaPw75O-QpFGDQcgCwDJh8KVdvXf1zdOHk3WRICWgbDveKcTBd38VqkY_MOBX45wMLGUFgkrYb08RlLEDj4Sf3onaO_iRYTn3XnxwN0hhi2BWwTk8EKogn7LZO1xWhewh6DYRO7OD&sai=AMfl-YS0KuodLXLNZYaCek_HMw3_lEE8dumdUxzi_uh9TDsNVgZ8cY0WB6jm5yQREVZ1JhkRsHeuJZt4OKVhW0aRgzFLUOj8O3GXljRBCT21_V7gQ4x3NRFEm0v4fL4&sig=Cg0ArKJSzAV2INv4ai0REAE&cid=CAASF-RoLGOzv9Cta12UhJA_AoBLIRjLuLG4&id=ampim&o=436,963&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=1920&tls=2920&g=100&h=100&tt=2920&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220808&jk=3278476289912146&bg=!dHeldzPNAAZGjrx1Zo47ACkAdvg8WnGjEykP7aKcbqLak8jHHEDcoMgfehkuwhq90Si5DXMk7JVWPQIAAAB0UgAAAAJoAQeZAuwlHbxJbIKJgUUhHOafum6GvHZWkyn7M8X4RQGzZQM0Jk1p7zdm9ywXG95kXxEEd7lDYYKiG6U1b50iRRYMPQn8pdSgPx6Sh-_mwvcykNtF6t_2mvw7IvVdeHC4xfMzcPKpYw01gyJtpZeAJ9aiuRx4QMxWlakmG368K3CWOJG9Dsk_mxrzjdDEmcbpwXvTZUv9xrGNTIqN-sHnwglTKvOY7H6uo1HAtpvIIkFH-2IRYcp7PJjmBiCGlDupdDYX-Zq-7M2DjGug-E7dseqOpFjIsfcXhojMJ9y2OokQTJ2gF-zpWr94j-YcuSgM-4fQ-OimgkuCNO1Okoy4geu_ems5utTnZ6bhwpnLvpZGUZP0QKPk3AZA5Tuvi6H6Ls0xpgHS1EWml_lIvqjkknwZ0GIE4sCx8zWxj-Dw88EKZ3wsTjXj8HbO8IDcCU2LfLjvRM60j1xS6eO_7chmAU51ynxZdEHXpeMLu_Pjov0zumw4s5ZJfXithJi7buZ3whWjGqCqxYdqfG1OwXUX84yCaxkTiphUY8sgzA2UccsGy1cq7HHcI1kBQQXM8Ql0g7MdNGN-_imrAG1rDigQNRCA3rOwOtGngz6FEY6hDIoMK4g95Q-Xiajx_oUHE-Ur6Y1gHr-kPlh87rmyyP1SX5Y8iUk1m8oMTXd7wy8H5eOazLGtm1cPRI8B2IxTX4nN6WNlLHOgaEgOsdUTvfdQpwV6TIoWx5rb56z3grd1i6a_Lase8bZ_sMDu_xGdAyTClmyOB-zUMvDjEO4rVHaKYGRgvlw6CLKSGXybas3cFxsZ2UG3CHLq8BJqtPtOJpsc_8b9-8V4av2tldbRymqgoc6B9itTALNJjuc6ERUpjS81pUi5VDuYUIaTyCNE4GIZDcsS-v-8QNPABlVP5dAsx6a5PVDgeUFt9QWS8IIjmzfz6W0V5WKRahjm4ChJxkcec7n30If-vUrZlcQcyh-PQ4QsfP2jqfVpUf71ryaAFGrG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.farfeshplus.online
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js?cb=31068846
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Aug 2022 06:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.farfeshplus.online
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js?cb=31068846
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Aug 2022 06:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3278476289912146&correlator=3517353612944001&eid=31068846%2C31061690%2C31068520%2C31062930&output=ldjh&gdfp_req=1&vrg=2022080401&ptt=17&impl=fifs&iu_parts=21939239661%3A22477364305%2Capl%2Cfarfeshapl%2Cdisplay%2Cdynamic&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&ifi=58&adks=3899787530&sfv=1-0-38&fsapi=false&prev_scp=refresh%3Dtrue%26test%3Devent&eri=1&sc=1&cookie=ID%3D45e7d6a8bb8793e1%3AT%3D1660112923%3AS%3DALNI_MYOo3ilxmveiNMD6HWhpRM2mytIRg&abxe=1&dt=1660112927584&lmt=1660112927&dlt=1660112922337&idt=875&adxs=0&adys=1219&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=19&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=516&ohw=300&psts=AEC3cPLEC5p1exrRec7vYVQlnhNd%2CAEC3cPLEC5p1exrRec7vYVQlnhNd%2CAEC3cPLEC5p1exrRec7vYVQlnhNd%2CAEC3cPLEC5p1exrRec7vYVQlnhNd%2CAEC3cPLEC5p1exrRec7vYVQlnhNd%2CAEC3cPLEC5p1exrRec7vYVQlnhNd%2CAEC3cPLEC5p1exrRec7vYVQlnhNd%2CAEC3cPLEC5p1exrRec7vYVQlnhNd%2CAEC3cPLEC5p1exrRec7vYVQlnhNd%2CAEC3cPLEC5p1exrRec7vYVQlnhNd%2CAEC3cPLEC5p1exrRec7vYVQlnhNd%2CAEC3cPLEC5p1exrRec7vYVQlnhNd&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=true&a3p=EhsKDGlkNS1zeW5jLmNvbRid2cOzqDBIAFICCGo.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js?cb=31068846
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
44164712446dca8936e231298ccc8b35c0998035553a78d16ad44e46e70e4925
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9442
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.farfeshplus.online
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D157 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080401.js?cb=31068846
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.farfeshplus.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 06:28:43 GMT
expires
Thu, 10 Aug 2023 06:28:43 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4AFD 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNXBERCuvK_DAhigve7LATAB&v=APEucNUR4r-R_OKG68BtNkMepju9qhtIk7YZB2a2rwop0Wu9ufkvzPsJrvhB6sSxWuqGnCgBP4DmjT7eYF48F4T9uS8bt_8IQjhsNXGLfgc6RGUGbgCZTCBV8gSJP3oTBVxg7vJckFjiwDdM-583PUw54T9g18M9wBghuK5AaIMcZBAe4TVCFkI
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 06:28:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame D157 		83 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AYcduorNScKkUfcSWyVsXuA8nKH3GzpA-PCCztYhccEnisUF_C3lUeAcYGk4w42TLOynheeCa3j3Gln0bAhiuviUMhpwgCO2GqKWG7wlFoMr82cmrxCUZlHHXgY5bVtrXjr71H6FRcBDnuI7AQqc4SHjn9Iw&dbm_d=AKAmf-AIrO4JhD2ugpsyOgvCrd0af_T-SVfY2OWM62y8Uk5rR5l9bdUfvbqVt1ZiHiLUtW2qHedYa-lQXEaLYKKn5BwT3WaGYy0GsOEgFG4lFiX0S80IbEhdxZAtTjSMl_Wtk_EUfzdMYMlxqo9IiMa_IHnwxdnA4G1IHLjmgIk6o1YezXd41MSjo2Ll38F-8IqvcFZxzD-5SrZn9RCBrDeCDuy-nbr_Ktd7u5INDJAx6NHtqfwV7tIdqv_D2CPRMMvs83X69zGAGirfLyAwbqHRKr0OdzZkM6kl9Qk3bGrqCI7EiN1etSsfPf16kt5alwTUESypf4Pr06iO1QX8SIt2U6LAIA2kCkCCqbb4GtjVXZou8oQulbvvxrNXFv-cryt6SAt4kx-pu4gD01P6yXjGoBlh-4N_Tr8phrGLlNqJJIdby5Wv3sJ6rDPmbJNM1vSJW_IrET2hXPQpaW_-HSJej5ybLtHSdMwjWurgi5Es2CTDFSsblB0WZlKqyq6WFjfp-gRHj1b5DMGQZ0_f-_X2v7pAGXOOjW9VoL5SHd9AJ-9J2ggjiXIz7nvG7qyGlhVIIs70H2qNhlghtZK927Atlewcs1RXFFxn37P3xrZ0tZS6JJ4uegZYp40V_Fy3GqY3jzzyLxAaIyzAyVO8eO4mOKj9mOT4eM9T5TzibkiT6OE9hlGQbAKIP2D0T7lzOkEjegrUyHjqaPQLC8s918yYG6siC8bxFZV6vfvUxYNzlqAi-JQ2SoYKXkvxTJs4tvLO3xYzXlmpSRB_t1FA0Q2GkN8qO0PK0qVb8uIz9_6IEz9b7zP6tCpD5PUyVE0Hc0LZNimJQrPSqlUVqanO3QrhlMaFq8Hnw9ANiyVZb1POR3PuTcmqMoZAQhwQzfMqDP8uM4p1bQAaT0cHrv7CUJgz8qrZBOOxW9MW5gYijNE2Op333bQugLq-vzy-U-FOs4li5m03h4zp0WHCcJCyuIKctr7l-xO8jZhTj0fXf0sHg4b0OhU2maByPzaKR7qRtxMk1duZq9VPbJPutiGa7XusAcbPGc-DA0TengrrBbYYr2Vuf2Sd4o7mgRYDbUOgSVIUc02LkCmRO8g2KrBljYlBj8TqcKVJ0MA5prMrab99uOPgH0JQYCFS8Xc3yOxdeY3p7dQV6hBNLJPqODTvXh8vNrP486Igg-GeU3nPiOVPt8oVNHrnbQ8dJMWVA87OMlfJtYKXUvSLP-mN5bCEvzWeMqp8FujBdqQLu4jO1oP1U8lzPUBYkOfwhCH7xRsLoouUtqqPlmzAfrWUWZlm7dysIk-Aq2ETVpGhXeNqBTKrkE0DdGZ8sLYbOzSy9D9rIM9mXqXaARYY5Or6Eky07f5tEvcZY2NQYkkha-g7MHOmDc2_wi29zuxugRV7MKGUyaYershxcHR4gjq-rS-BO1-zOKtYyQ7KKep3_nHsGfD5i80htaSj1m0T6GenS3l-u5cADkZ9X5633yNPpzlW5af0HkLgZMW20bxf6XrffO5ntkoa1_l2iM1lH5SlhHjceyLHPLed8Dy0z_QZm3RrChlNtfEMZXL3hcCKt2aBYLIxAoaT_bEfrj3UeGf_xapcByBpZZG6W4MQMQBN-Y6DlheRZk0t4lUFC34bhzFb2B2iWryiP3BcyBo3tr0SXiFH7yw6Gm5iwsNozuPu1mC0IF8W7JXkDM8FGb1h3O62zgZzWTtIbjBh7kT4KDcP7YJoeGPZq-7VwdVZOoJc9AEifAtqeOZrWC-QbmV6kh61vS7J4U1rg1PJIVdHrdyDkAiReAH6UiIbcevgusuQKTk0EUTtTzoZ8tJfTclYMGKvlkyeoKuQKXUcdk0-wtAzgynvbxXLGDgUqNOfpvIiS0lIYfvFKMy2lTzZbpHOJwKwOH-0nxsKinu7ysrBnGZkztvtUiGsDuvBNdlMrh_ZvHmGTWsILUhGbWfuaxaTdhdPcdEUv4EO7zQNGc3LLOrJnVDAuQYheDM1786gC5-PI-PdLuNuW20R0Do2X189Vjop3YhhInf_ZlhhUAr42AG_OtPhK4yEUBTx3SpUk6BVnU959zYZZeiEznUFzNmAiYIFAWmVNXkQb4FRVZUlyHpaSO3h6iEiOlJeV_mkxTb3aCIW3vutIkpuqDKRfDnMgaAyUs0lgV8hwxOZGvKd9QlWd1sOLWpci6xYmxCptLuWDFaGCbd1RDuf-GRj62l3uyFOpIFxoiR-iUkWno24Tnq3b48NGiZygbx9CDf5BYdfcWwv--YMSncZElxZUswvUT4DqvvfxA5tEvKFRQJd49vpFHZN_0ChP35TJGGJZ3HxqO8TECsiMUnFptApkE1dSEMtpAfY1L7OndAKVJujd6E02nfT3Dtc8QgPXv684jwIwq3i6Vpf4LwQAVbxT6-RG6e70RvYkyG9HAbBxs7yFMVr_qQ_c7W6mXyxodazESgSDSOi07tNkYEb4w6MCLIONmyxDo_OIQ55uPB80t2wHP0KrxRfTXyaMHs4C_MXsuPjEm2vCIbft-VsbL37YMlpu46P2aFfWl5VTz060WKhxBmWdD1zjReyEg4ARJneLedMiGspGWwkb2P9JL75lBBzjpbEfL3z_H-xc5tH-sW_WHhb8bfMJXy-Uy8QJ-n8Dpj-uDHLnAP4k0WA7kamlcKfntKIyHCnyBekxhW5i5Tge4CM90gAMySmdcehL6PV9QTgontbyrfxWrpO2WH7vcW1vY-w07httydXgoU8PJt90oeBWakfHCY0Nj4kJQMwkA6GW7WzzMXmuLh_bP-XReghSXOgwwoxNQqpXq_jEZgJUSx5wWkeHWIkXaXkXgwGtGjimFXXL8ceyE983-bWyawExcrz5zAbUEw9mfQi4AMjifr_7yHJjaR-EoF00-u4s2bGCmc1XbqTB0quTeQFdMl3McLGJOD4_xKVn0ulQpcw4OOQY6C8zzwxtO4d7AQSSDql_-R5nEeG7veCU2vOkDBfhNJpgw70iLDbwPlGC-kaof7ii-20pc_HSXlLBxHWlxhDULBQS74hx3-8Z-wi5P1G2TqhrVqR6b1Qi88fz_5k3kZJn4NB1CFkMza0g7N__fnEI-in37p3gBgIItwhn1nn8gidoe5r1u3nL2UGUlU1Jwm2lMXeb6DkXdiIEmed1ecP_Nz4UbQ9y2tmX-aeuXnAw1ju8_PWWEM51XUu2v60S0L-zWLYFSB-Tsc53gO1KSiT-4QZOmA_ltNuRpeCHmJQFbXKsDx5MakuTdIb51nJZxS1iNuUiWFYxEHrYqqjCEkpR-eBqUrJvn0Zk1BzZBpEsF0C6oKQ9FRjL6P5xt8WnUAujKtjnlPBSNko_mU6MpH3o0JW4BZs0FYA8bMi41aDSOihGwJn64Ymhd5UeOU_6pwuqDH3QALu0xrrNM0uC2TNCMpFvSw8DSM02P0StCcHy_78tr8EYSMQRlZdze2Tgc550h-cKbzRw09s4a3JEqvIJRvkroDnr7-1NtmXuLIVTr3MjI0PpRcUgYN9Ugza09Y8k-WVf-7nnJUqOhLZlWE-OLW-RGSbjcIam4hd_yuQt0fFFh1ewJuKp11mwZd6QZDmn5PYl4Ksf6WERYr6QsjcZz57CCI1OWrNSY_FpN3XDYQEl5bMIGwQUvzxRrnaApzIB-0qhMRUjzFdxdz4oly3ycvZE92G8-BOQZcZl-p6rflfB0HWAvGEo14fudSTroXc-3nT93rVTRPhAYfNGDfOFIscHp7RTQJygE2mppNAHHDkR8vl77r4k-84VV3b2eJ59pc2eHMroQqLAjCt&cid=CAASJORob_hea054Pp-kVCOemLtCalFa8nywZzjEvEQKYqYpqqrb-w&rfl=1%2Chttps%253A%252F%252Fwww.farfeshplus.online%252F%240
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad4d10298d3f85cb5d13345d2490307d5e027411e992d9e905315c54e157fd94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35412
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D157 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BHxH8TkeHCkbz2hnmlis8SipegOE7pprv_Bq4fY6ydyXcFUuzP-1HFbrVod8IQ0BD7PxPXhQQJlNjPGUuoJn8VlzJjI1nYkKSTRpqgVUr7QqaChlY
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame D157 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/window_focus_fy2021.js
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:01:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1644
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 06:01:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D157 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44011
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659958456967243"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Aug 2022 06:28:48 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame D157 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 05:59:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1774
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7596
x-xss-protection
0
server
cafe
etag
12715132177492665634
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 05:59:14 GMT
rum
dsum-sec.casalemedia.com/ Frame 4AFD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAMQxBjDHsCdTM3uDCBrjHQ&google_cver=1
43 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAMQxBjDHsCdTM3uDCBrjHQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNXBERCuvK_DAhigve7LATAB&v=APEucNUR4r-R_OKG68BtNkMepju9qhtIk7YZB2a2rwop0Wu9ufkvzPsJrvhB6sSxWuqGnCgBP4DmjT7eYF48F4T9uS8bt_8IQjhsNXGLfgc6RGUGbgCZTCBV8gSJP3oTBVxg7vJckFjiwDdM-583PUw54T9g18M9wBghuK5AaIMcZBAe4TVCFkI
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
7386ac68ef5d92a8-FRA
pragma
no-cache
date
Wed, 10 Aug 2022 06:28:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B1pXutwEHvWRYRD06xXG4vOxmSrezkrYaKcOxG%2Fk64HhQgi1S9jdDeEwHCWmqd%2BLilDoE2tZ9tS5sThkGLy2Wh%2B2QmZON%2FEAQC2oEcUBzUASz93l5Z7Q2JUhG%2BXnESgIDXCXLw1VXKJGYg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAMQxBjDHsCdTM3uDCBrjHQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4AFD
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvNQG2SNzLmPXUfux7me6QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAMQxBjDHsCdTM3uDCBrjHQ&google_cver=1
43 B
908 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAMQxBjDHsCdTM3uDCBrjHQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNXBERCuvK_DAhigve7LATAB&v=APEucNUR4r-R_OKG68BtNkMepju9qhtIk7YZB2a2rwop0Wu9ufkvzPsJrvhB6sSxWuqGnCgBP4DmjT7eYF48F4T9uS8bt_8IQjhsNXGLfgc6RGUGbgCZTCBV8gSJP3oTBVxg7vJckFjiwDdM-583PUw54T9g18M9wBghuK5AaIMcZBAe4TVCFkI
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
7386ac691f8f92a8-FRA
pragma
no-cache
date
Wed, 10 Aug 2022 06:28:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ppwvkbVn8UrgM9ZFGUBrjdUW050W0WuKAf%2B1cV8MyagmNAochUADbVw7DCYyW1PMGEozSrhGbydeo317iItoUqJaKKU4pfau8riAsbv%2F%2FZ4OuhqCi1LY%2FnNKshk2K0Bi2GDHZfuKoGpB8w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAMQxBjDHsCdTM3uDCBrjHQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 4AFD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEEtp-tZTmCs4PSrruPkZ588&google_cver=1
43 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEEtp-tZTmCs4PSrruPkZ588&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNXBERCuvK_DAhigve7LATAB&v=APEucNUR4r-R_OKG68BtNkMepju9qhtIk7YZB2a2rwop0Wu9ufkvzPsJrvhB6sSxWuqGnCgBP4DmjT7eYF48F4T9uS8bt_8IQjhsNXGLfgc6RGUGbgCZTCBV8gSJP3oTBVxg7vJckFjiwDdM-583PUw54T9g18M9wBghuK5AaIMcZBAe4TVCFkI
Protocol
HTTP/1.1
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Aug 2022 06:28:48 GMT
X-Proxy-Origin
81.95.5.36; 81.95.5.36; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
a9c13f38-f4d7-4f72-9d4d-9deb2ce5fa0f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEEtp-tZTmCs4PSrruPkZ588&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4AFD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ4NjA5NjUxMzUzODQyMDY5
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ4NjA5NjUxMzUzODQyMDY5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNXBERCuvK_DAhigve7LATAB&v=APEucNUR4r-R_OKG68BtNkMepju9qhtIk7YZB2a2rwop0Wu9ufkvzPsJrvhB6sSxWuqGnCgBP4DmjT7eYF48F4T9uS8bt_8IQjhsNXGLfgc6RGUGbgCZTCBV8gSJP3oTBVxg7vJckFjiwDdM-583PUw54T9g18M9wBghuK5AaIMcZBAe4TVCFkI
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 10 Aug 2022 06:28:48 GMT
X-Proxy-Origin
81.95.5.36; 81.95.5.36; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
2bfdab9a-7e23-48c2-a6ca-e09f6250c696
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ4NjA5NjUxMzUzODQyMDY5
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame D157 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
Origin
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 11:11:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69426
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Aug 2022 11:11:42 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220808/r20110914/elements/html/ Frame D157 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220808/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AYcduorNScKkUfcSWyVsXuA8nKH3GzpA-PCCztYhccEnisUF_C3lUeAcYGk4w42TLOynheeCa3j3Gln0bAhiuviUMhpwgCO2GqKWG7wlFoMr82cmrxCUZlHHXgY5bVtrXjr71H6FRcBDnuI7AQqc4SHjn9Iw&dbm_d=AKAmf-AIrO4JhD2ugpsyOgvCrd0af_T-SVfY2OWM62y8Uk5rR5l9bdUfvbqVt1ZiHiLUtW2qHedYa-lQXEaLYKKn5BwT3WaGYy0GsOEgFG4lFiX0S80IbEhdxZAtTjSMl_Wtk_EUfzdMYMlxqo9IiMa_IHnwxdnA4G1IHLjmgIk6o1YezXd41MSjo2Ll38F-8IqvcFZxzD-5SrZn9RCBrDeCDuy-nbr_Ktd7u5INDJAx6NHtqfwV7tIdqv_D2CPRMMvs83X69zGAGirfLyAwbqHRKr0OdzZkM6kl9Qk3bGrqCI7EiN1etSsfPf16kt5alwTUESypf4Pr06iO1QX8SIt2U6LAIA2kCkCCqbb4GtjVXZou8oQulbvvxrNXFv-cryt6SAt4kx-pu4gD01P6yXjGoBlh-4N_Tr8phrGLlNqJJIdby5Wv3sJ6rDPmbJNM1vSJW_IrET2hXPQpaW_-HSJej5ybLtHSdMwjWurgi5Es2CTDFSsblB0WZlKqyq6WFjfp-gRHj1b5DMGQZ0_f-_X2v7pAGXOOjW9VoL5SHd9AJ-9J2ggjiXIz7nvG7qyGlhVIIs70H2qNhlghtZK927Atlewcs1RXFFxn37P3xrZ0tZS6JJ4uegZYp40V_Fy3GqY3jzzyLxAaIyzAyVO8eO4mOKj9mOT4eM9T5TzibkiT6OE9hlGQbAKIP2D0T7lzOkEjegrUyHjqaPQLC8s918yYG6siC8bxFZV6vfvUxYNzlqAi-JQ2SoYKXkvxTJs4tvLO3xYzXlmpSRB_t1FA0Q2GkN8qO0PK0qVb8uIz9_6IEz9b7zP6tCpD5PUyVE0Hc0LZNimJQrPSqlUVqanO3QrhlMaFq8Hnw9ANiyVZb1POR3PuTcmqMoZAQhwQzfMqDP8uM4p1bQAaT0cHrv7CUJgz8qrZBOOxW9MW5gYijNE2Op333bQugLq-vzy-U-FOs4li5m03h4zp0WHCcJCyuIKctr7l-xO8jZhTj0fXf0sHg4b0OhU2maByPzaKR7qRtxMk1duZq9VPbJPutiGa7XusAcbPGc-DA0TengrrBbYYr2Vuf2Sd4o7mgRYDbUOgSVIUc02LkCmRO8g2KrBljYlBj8TqcKVJ0MA5prMrab99uOPgH0JQYCFS8Xc3yOxdeY3p7dQV6hBNLJPqODTvXh8vNrP486Igg-GeU3nPiOVPt8oVNHrnbQ8dJMWVA87OMlfJtYKXUvSLP-mN5bCEvzWeMqp8FujBdqQLu4jO1oP1U8lzPUBYkOfwhCH7xRsLoouUtqqPlmzAfrWUWZlm7dysIk-Aq2ETVpGhXeNqBTKrkE0DdGZ8sLYbOzSy9D9rIM9mXqXaARYY5Or6Eky07f5tEvcZY2NQYkkha-g7MHOmDc2_wi29zuxugRV7MKGUyaYershxcHR4gjq-rS-BO1-zOKtYyQ7KKep3_nHsGfD5i80htaSj1m0T6GenS3l-u5cADkZ9X5633yNPpzlW5af0HkLgZMW20bxf6XrffO5ntkoa1_l2iM1lH5SlhHjceyLHPLed8Dy0z_QZm3RrChlNtfEMZXL3hcCKt2aBYLIxAoaT_bEfrj3UeGf_xapcByBpZZG6W4MQMQBN-Y6DlheRZk0t4lUFC34bhzFb2B2iWryiP3BcyBo3tr0SXiFH7yw6Gm5iwsNozuPu1mC0IF8W7JXkDM8FGb1h3O62zgZzWTtIbjBh7kT4KDcP7YJoeGPZq-7VwdVZOoJc9AEifAtqeOZrWC-QbmV6kh61vS7J4U1rg1PJIVdHrdyDkAiReAH6UiIbcevgusuQKTk0EUTtTzoZ8tJfTclYMGKvlkyeoKuQKXUcdk0-wtAzgynvbxXLGDgUqNOfpvIiS0lIYfvFKMy2lTzZbpHOJwKwOH-0nxsKinu7ysrBnGZkztvtUiGsDuvBNdlMrh_ZvHmGTWsILUhGbWfuaxaTdhdPcdEUv4EO7zQNGc3LLOrJnVDAuQYheDM1786gC5-PI-PdLuNuW20R0Do2X189Vjop3YhhInf_ZlhhUAr42AG_OtPhK4yEUBTx3SpUk6BVnU959zYZZeiEznUFzNmAiYIFAWmVNXkQb4FRVZUlyHpaSO3h6iEiOlJeV_mkxTb3aCIW3vutIkpuqDKRfDnMgaAyUs0lgV8hwxOZGvKd9QlWd1sOLWpci6xYmxCptLuWDFaGCbd1RDuf-GRj62l3uyFOpIFxoiR-iUkWno24Tnq3b48NGiZygbx9CDf5BYdfcWwv--YMSncZElxZUswvUT4DqvvfxA5tEvKFRQJd49vpFHZN_0ChP35TJGGJZ3HxqO8TECsiMUnFptApkE1dSEMtpAfY1L7OndAKVJujd6E02nfT3Dtc8QgPXv684jwIwq3i6Vpf4LwQAVbxT6-RG6e70RvYkyG9HAbBxs7yFMVr_qQ_c7W6mXyxodazESgSDSOi07tNkYEb4w6MCLIONmyxDo_OIQ55uPB80t2wHP0KrxRfTXyaMHs4C_MXsuPjEm2vCIbft-VsbL37YMlpu46P2aFfWl5VTz060WKhxBmWdD1zjReyEg4ARJneLedMiGspGWwkb2P9JL75lBBzjpbEfL3z_H-xc5tH-sW_WHhb8bfMJXy-Uy8QJ-n8Dpj-uDHLnAP4k0WA7kamlcKfntKIyHCnyBekxhW5i5Tge4CM90gAMySmdcehL6PV9QTgontbyrfxWrpO2WH7vcW1vY-w07httydXgoU8PJt90oeBWakfHCY0Nj4kJQMwkA6GW7WzzMXmuLh_bP-XReghSXOgwwoxNQqpXq_jEZgJUSx5wWkeHWIkXaXkXgwGtGjimFXXL8ceyE983-bWyawExcrz5zAbUEw9mfQi4AMjifr_7yHJjaR-EoF00-u4s2bGCmc1XbqTB0quTeQFdMl3McLGJOD4_xKVn0ulQpcw4OOQY6C8zzwxtO4d7AQSSDql_-R5nEeG7veCU2vOkDBfhNJpgw70iLDbwPlGC-kaof7ii-20pc_HSXlLBxHWlxhDULBQS74hx3-8Z-wi5P1G2TqhrVqR6b1Qi88fz_5k3kZJn4NB1CFkMza0g7N__fnEI-in37p3gBgIItwhn1nn8gidoe5r1u3nL2UGUlU1Jwm2lMXeb6DkXdiIEmed1ecP_Nz4UbQ9y2tmX-aeuXnAw1ju8_PWWEM51XUu2v60S0L-zWLYFSB-Tsc53gO1KSiT-4QZOmA_ltNuRpeCHmJQFbXKsDx5MakuTdIb51nJZxS1iNuUiWFYxEHrYqqjCEkpR-eBqUrJvn0Zk1BzZBpEsF0C6oKQ9FRjL6P5xt8WnUAujKtjnlPBSNko_mU6MpH3o0JW4BZs0FYA8bMi41aDSOihGwJn64Ymhd5UeOU_6pwuqDH3QALu0xrrNM0uC2TNCMpFvSw8DSM02P0StCcHy_78tr8EYSMQRlZdze2Tgc550h-cKbzRw09s4a3JEqvIJRvkroDnr7-1NtmXuLIVTr3MjI0PpRcUgYN9Ugza09Y8k-WVf-7nnJUqOhLZlWE-OLW-RGSbjcIam4hd_yuQt0fFFh1ewJuKp11mwZd6QZDmn5PYl4Ksf6WERYr6QsjcZz57CCI1OWrNSY_FpN3XDYQEl5bMIGwQUvzxRrnaApzIB-0qhMRUjzFdxdz4oly3ycvZE92G8-BOQZcZl-p6rflfB0HWAvGEo14fudSTroXc-3nT93rVTRPhAYfNGDfOFIscHp7RTQJygE2mppNAHHDkR8vl77r4k-84VV3b2eJ59pc2eHMroQqLAjCt&cid=CAASJORob_hea054Pp-kVCOemLtCalFa8nywZzjEvEQKYqYpqqrb-w&rfl=1%2Chttps%253A%252F%252Fwww.farfeshplus.online%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:21:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
448
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 06:21:20 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220808/r20110914/ Frame D157 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220808/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AYcduorNScKkUfcSWyVsXuA8nKH3GzpA-PCCztYhccEnisUF_C3lUeAcYGk4w42TLOynheeCa3j3Gln0bAhiuviUMhpwgCO2GqKWG7wlFoMr82cmrxCUZlHHXgY5bVtrXjr71H6FRcBDnuI7AQqc4SHjn9Iw&dbm_d=AKAmf-AIrO4JhD2ugpsyOgvCrd0af_T-SVfY2OWM62y8Uk5rR5l9bdUfvbqVt1ZiHiLUtW2qHedYa-lQXEaLYKKn5BwT3WaGYy0GsOEgFG4lFiX0S80IbEhdxZAtTjSMl_Wtk_EUfzdMYMlxqo9IiMa_IHnwxdnA4G1IHLjmgIk6o1YezXd41MSjo2Ll38F-8IqvcFZxzD-5SrZn9RCBrDeCDuy-nbr_Ktd7u5INDJAx6NHtqfwV7tIdqv_D2CPRMMvs83X69zGAGirfLyAwbqHRKr0OdzZkM6kl9Qk3bGrqCI7EiN1etSsfPf16kt5alwTUESypf4Pr06iO1QX8SIt2U6LAIA2kCkCCqbb4GtjVXZou8oQulbvvxrNXFv-cryt6SAt4kx-pu4gD01P6yXjGoBlh-4N_Tr8phrGLlNqJJIdby5Wv3sJ6rDPmbJNM1vSJW_IrET2hXPQpaW_-HSJej5ybLtHSdMwjWurgi5Es2CTDFSsblB0WZlKqyq6WFjfp-gRHj1b5DMGQZ0_f-_X2v7pAGXOOjW9VoL5SHd9AJ-9J2ggjiXIz7nvG7qyGlhVIIs70H2qNhlghtZK927Atlewcs1RXFFxn37P3xrZ0tZS6JJ4uegZYp40V_Fy3GqY3jzzyLxAaIyzAyVO8eO4mOKj9mOT4eM9T5TzibkiT6OE9hlGQbAKIP2D0T7lzOkEjegrUyHjqaPQLC8s918yYG6siC8bxFZV6vfvUxYNzlqAi-JQ2SoYKXkvxTJs4tvLO3xYzXlmpSRB_t1FA0Q2GkN8qO0PK0qVb8uIz9_6IEz9b7zP6tCpD5PUyVE0Hc0LZNimJQrPSqlUVqanO3QrhlMaFq8Hnw9ANiyVZb1POR3PuTcmqMoZAQhwQzfMqDP8uM4p1bQAaT0cHrv7CUJgz8qrZBOOxW9MW5gYijNE2Op333bQugLq-vzy-U-FOs4li5m03h4zp0WHCcJCyuIKctr7l-xO8jZhTj0fXf0sHg4b0OhU2maByPzaKR7qRtxMk1duZq9VPbJPutiGa7XusAcbPGc-DA0TengrrBbYYr2Vuf2Sd4o7mgRYDbUOgSVIUc02LkCmRO8g2KrBljYlBj8TqcKVJ0MA5prMrab99uOPgH0JQYCFS8Xc3yOxdeY3p7dQV6hBNLJPqODTvXh8vNrP486Igg-GeU3nPiOVPt8oVNHrnbQ8dJMWVA87OMlfJtYKXUvSLP-mN5bCEvzWeMqp8FujBdqQLu4jO1oP1U8lzPUBYkOfwhCH7xRsLoouUtqqPlmzAfrWUWZlm7dysIk-Aq2ETVpGhXeNqBTKrkE0DdGZ8sLYbOzSy9D9rIM9mXqXaARYY5Or6Eky07f5tEvcZY2NQYkkha-g7MHOmDc2_wi29zuxugRV7MKGUyaYershxcHR4gjq-rS-BO1-zOKtYyQ7KKep3_nHsGfD5i80htaSj1m0T6GenS3l-u5cADkZ9X5633yNPpzlW5af0HkLgZMW20bxf6XrffO5ntkoa1_l2iM1lH5SlhHjceyLHPLed8Dy0z_QZm3RrChlNtfEMZXL3hcCKt2aBYLIxAoaT_bEfrj3UeGf_xapcByBpZZG6W4MQMQBN-Y6DlheRZk0t4lUFC34bhzFb2B2iWryiP3BcyBo3tr0SXiFH7yw6Gm5iwsNozuPu1mC0IF8W7JXkDM8FGb1h3O62zgZzWTtIbjBh7kT4KDcP7YJoeGPZq-7VwdVZOoJc9AEifAtqeOZrWC-QbmV6kh61vS7J4U1rg1PJIVdHrdyDkAiReAH6UiIbcevgusuQKTk0EUTtTzoZ8tJfTclYMGKvlkyeoKuQKXUcdk0-wtAzgynvbxXLGDgUqNOfpvIiS0lIYfvFKMy2lTzZbpHOJwKwOH-0nxsKinu7ysrBnGZkztvtUiGsDuvBNdlMrh_ZvHmGTWsILUhGbWfuaxaTdhdPcdEUv4EO7zQNGc3LLOrJnVDAuQYheDM1786gC5-PI-PdLuNuW20R0Do2X189Vjop3YhhInf_ZlhhUAr42AG_OtPhK4yEUBTx3SpUk6BVnU959zYZZeiEznUFzNmAiYIFAWmVNXkQb4FRVZUlyHpaSO3h6iEiOlJeV_mkxTb3aCIW3vutIkpuqDKRfDnMgaAyUs0lgV8hwxOZGvKd9QlWd1sOLWpci6xYmxCptLuWDFaGCbd1RDuf-GRj62l3uyFOpIFxoiR-iUkWno24Tnq3b48NGiZygbx9CDf5BYdfcWwv--YMSncZElxZUswvUT4DqvvfxA5tEvKFRQJd49vpFHZN_0ChP35TJGGJZ3HxqO8TECsiMUnFptApkE1dSEMtpAfY1L7OndAKVJujd6E02nfT3Dtc8QgPXv684jwIwq3i6Vpf4LwQAVbxT6-RG6e70RvYkyG9HAbBxs7yFMVr_qQ_c7W6mXyxodazESgSDSOi07tNkYEb4w6MCLIONmyxDo_OIQ55uPB80t2wHP0KrxRfTXyaMHs4C_MXsuPjEm2vCIbft-VsbL37YMlpu46P2aFfWl5VTz060WKhxBmWdD1zjReyEg4ARJneLedMiGspGWwkb2P9JL75lBBzjpbEfL3z_H-xc5tH-sW_WHhb8bfMJXy-Uy8QJ-n8Dpj-uDHLnAP4k0WA7kamlcKfntKIyHCnyBekxhW5i5Tge4CM90gAMySmdcehL6PV9QTgontbyrfxWrpO2WH7vcW1vY-w07httydXgoU8PJt90oeBWakfHCY0Nj4kJQMwkA6GW7WzzMXmuLh_bP-XReghSXOgwwoxNQqpXq_jEZgJUSx5wWkeHWIkXaXkXgwGtGjimFXXL8ceyE983-bWyawExcrz5zAbUEw9mfQi4AMjifr_7yHJjaR-EoF00-u4s2bGCmc1XbqTB0quTeQFdMl3McLGJOD4_xKVn0ulQpcw4OOQY6C8zzwxtO4d7AQSSDql_-R5nEeG7veCU2vOkDBfhNJpgw70iLDbwPlGC-kaof7ii-20pc_HSXlLBxHWlxhDULBQS74hx3-8Z-wi5P1G2TqhrVqR6b1Qi88fz_5k3kZJn4NB1CFkMza0g7N__fnEI-in37p3gBgIItwhn1nn8gidoe5r1u3nL2UGUlU1Jwm2lMXeb6DkXdiIEmed1ecP_Nz4UbQ9y2tmX-aeuXnAw1ju8_PWWEM51XUu2v60S0L-zWLYFSB-Tsc53gO1KSiT-4QZOmA_ltNuRpeCHmJQFbXKsDx5MakuTdIb51nJZxS1iNuUiWFYxEHrYqqjCEkpR-eBqUrJvn0Zk1BzZBpEsF0C6oKQ9FRjL6P5xt8WnUAujKtjnlPBSNko_mU6MpH3o0JW4BZs0FYA8bMi41aDSOihGwJn64Ymhd5UeOU_6pwuqDH3QALu0xrrNM0uC2TNCMpFvSw8DSM02P0StCcHy_78tr8EYSMQRlZdze2Tgc550h-cKbzRw09s4a3JEqvIJRvkroDnr7-1NtmXuLIVTr3MjI0PpRcUgYN9Ugza09Y8k-WVf-7nnJUqOhLZlWE-OLW-RGSbjcIam4hd_yuQt0fFFh1ewJuKp11mwZd6QZDmn5PYl4Ksf6WERYr6QsjcZz57CCI1OWrNSY_FpN3XDYQEl5bMIGwQUvzxRrnaApzIB-0qhMRUjzFdxdz4oly3ycvZE92G8-BOQZcZl-p6rflfB0HWAvGEo14fudSTroXc-3nT93rVTRPhAYfNGDfOFIscHp7RTQJygE2mppNAHHDkR8vl77r4k-84VV3b2eJ59pc2eHMroQqLAjCt&cid=CAASJORob_hea054Pp-kVCOemLtCalFa8nywZzjEvEQKYqYpqqrb-w&rfl=1%2Chttps%253A%252F%252Fwww.farfeshplus.online%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc4bff6074be2ad7702c978cbeb585f577c317443b756187d418d976a2683f59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:25:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
202
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11825
x-xss-protection
0
server
cafe
etag
9647346768486398696
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 06:25:26 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D157 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 16:26:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
482563
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Aug 2023 16:26:05 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8239 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
59276
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 14:00:52 GMT
etag
48472445140208031
expires
Wed, 10 Aug 2022 14:00:52 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame D157 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
848229a565203a1b3b14ebd6b2036ec7d5014655e02b0415bb46c303cbbb8895

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/17514740910241995832/300x250-IG/ Frame 0EC4 		102 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17514740910241995832/300x250-IG/index.html?e=69&leftOffset=0&topOffset=0&c=kl5YJw9f8f&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70ff738bd23484181dbb349b5a69a2629933f3ee4603731fd983950bea0b6cd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 06:28:48 GMT
expires
Thu, 10 Aug 2023 06:28:48 GMT
last-modified
Tue, 26 Apr 2022 07:01:58 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame D157 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu2GXpZkK0Yg3soDdhxcIHgpqyeHMzEYVmPjajo1mjiLjB2BVEV36QX_InAykmoQHirqEnhrAwSGT1dH_SQS0FnQMFC6S49RElg1YhC-iZsEOkqf7-OnZvCiTVR89vyRIdGZsPlLSL9PDsNsAnnYesyhT1GQDyW6hzXj39uSJTpXQgdD_R4QGoCvlfYbxGiE3JEUl5fP_ww6nWmgsUHo4ZLorlmHHjQmPk2Xeg2lnaZbj0VKXySVXMN1XuOjK_IVX2eIGNTBdEaGiV9PUy-Sjc-z_QoWTx_5q3XXJOmGmBJUHwvvjh-sx3gvR29LTbfFpd0pO6kmsOMsTB_tJXPHfRo_d4-7Rm7QwCzcJhoS3JYYMhsApWyVtVNUAJiats3rMWbdemd9wrD-6KDLAs2bpevExoX9vlBsF5HNd_SDsSmhHn2jIUDMAl6sCSg7uXIBipOLMVTjoKUuiEP90B8USsWX-eXXujQyx-hO-P-2GU6_OOfpBPj75f2SXb3hf9jckgvwvPVcvSTm7wgjLIk_0lbxMGj5d65R-EsaArPopuIvPt_IveEe07TRBomalrWCF6fzRggESRmD5PFhfd8Vc5k5WfNFjgQztwcB62cpRD72xGVg_UvSuX3sLMtzMUxdRbGjvVkBKwQoHCpUvldyDQk5IMNNpQs1rtp2Te_iWPTXobFOsr2O7e0Hy3ZBf5X4RpOtJt3hhZptg8tH3biTHJvroIqLQ9VdoXbG5v7bXaeeBdJESmMNNzqgE54KSgnHKquYY1std9MDt3pzrZFVp8BFKgRY0HxweWuFajoTDazDtpH1D3wNEnCoJnOK-yDaERKnyVOmxQ8Hx4McjioPwae0-sJ9F4zw5BobL6T8nyC0m1Fhvvw_V8BA79zPVaL7R5A5hDyhPPs5v1_n13OzIc2-m17hBOS0cFuNV-gWur7rhC3uQvPf-VL0o2RTyqIwhDXT6jkfMyK-zgMeJq_Rbq2fYBadD1ryDxNgESx8NvEu0wf8z4ldCtAxGZnR3vVz2b31j2hQrWaqPUUJAo8pMFfqz4efYKk7O6yFCkO4d3jO03asie52a71zidKD6W2H3e8sUJeANen-l59XvlKdZMJptBFIiDo-juG7u8u_peQc8LM9TgMVI-cPCYcnbV9gdncr-8_9Ju7ob_AhlaFwXd2gWPVR9SIBFMs9BLENM_mytTrxed7k12JBiM6IUF4pkL1yThzJRgnGz7wka4RqQNlL-d-j8o7lnWmNRKBq2YysO6zpfcQ9IS4tnn68T7Yh2VvqYmhTFZ0Kea-6E2zLDApJ8_mFLDoXLvieVNcv9gy8hCDImfe2rdn7gMzTjm-cckW41FPJOKF6n146Z8rB0FkNj6sg50739DbGsvdjv9M-j0U&sai=AMfl-YRPmqV9FEXh75j884_ejVxM0_BevXrL7ABjyCbPzKNlEhyYmAZM74xkWXAqH6g2L1eaxSXxUaWfgLXMolyP6fjv16-A3YTzlJsODCQCFvCCoJT1fiYE10Tf1H4XDDIruPmtopM6GJ1tAAee2TxVYYIHyzLdh1c8E7KIwmSlBY58vrKAsyG6li4RQGmM6tKG-XzkFAzpbBgvlD34VeoXcLuwTSG1w0-NbyAY4OvE3NKBZps&sig=Cg0ArKJSzOnpwsfYJvJ4EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=53&cbvp=1&cstd=50&cisv=r20220808.46732&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Wed, 10 Aug 2022 06:28:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 901E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
482563
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 04 Aug 2022 16:26:05 GMT
expires
Fri, 04 Aug 2023 16:26:05 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 8239
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJaRubJqtEpd0XPgJ8RaR5g&google_cver=1&google_push=AehlK4CpGQRyFlKYhQ1tq7lF_TQRiTnNaWNKH7ulRl9fANATdEFsZmPurLGAVkQOxO-uN1tFs2Xsp3Eyscx1czmQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4CpGQRyFlKYhQ1tq7lF_TQRiTnNaWNKH7ulRl9fANATdEFsZmPurLGAVkQOxO-uN1tFs2Xsp3Eyscx1czmQmu4gK2ANkALAIw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4CpGQRyFlKYhQ1tq7lF_TQRiTnNaWNKH7ulRl9fANATdEFsZmPurLGAVkQOxO-uN1tFs2Xsp3Eyscx1czmQmu4gK2ANkALAIw
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 10 Aug 2022 06:28:48 GMT
Server
MT3 4475 c1dc35a master cdg-pixel-x33 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4CpGQRyFlKYhQ1tq7lF_TQRiTnNaWNKH7ulRl9fANATdEFsZmPurLGAVkQOxO-uN1tFs2Xsp3Eyscx1czmQmu4gK2ANkALAIw
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 10 Aug 2022 06:28:47 GMT
i.match
s.tribalfusion.com/z/ Frame 8239
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEFlM9eUiOJ739FLoY-vuKMI&google_cver=1&google_push=AehlK4ASKMDDlbRWVOd4lBbUi6zmt8YhYHwI4LUJALTSpSsQpcQ239TMgk2-adXT3-We5-pFSfPWeW4aQbvsjRFZCbnUkq9IlgIJI...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFlM9eUiOJ739FLoY-vuKMI&google_cver=1&google_push=AehlK4ASKMDDlbRWVOd4lBbUi6zmt8YhYHwI4LUJALTSpSsQpcQ239TMgk2-adXT3-We5-pFSfPWeW4aQbvsjRFZCbnUkq9IlgI...
43 B
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFlM9eUiOJ739FLoY-vuKMI&google_cver=1&google_push=AehlK4ASKMDDlbRWVOd4lBbUi6zmt8YhYHwI4LUJALTSpSsQpcQ239TMgk2-adXT3-We5-pFSfPWeW4aQbvsjRFZCbnUkq9IlgIJIQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4ASKMDDlbRWVOd4lBbUi6zmt8YhYHwI4LUJALTSpSsQpcQ239TMgk2-adXT3-We5-pFSfPWeW4aQbvsjRFZCbnUkq9IlgIJIQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
2606:4700:4400::6812:230b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:48 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
7386ac6b0c9bbbad-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:48 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
17
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
7386ac69db2fbbad-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFlM9eUiOJ739FLoY-vuKMI&google_cver=1&google_push=AehlK4ASKMDDlbRWVOd4lBbUi6zmt8YhYHwI4LUJALTSpSsQpcQ239TMgk2-adXT3-We5-pFSfPWeW4aQbvsjRFZCbnUkq9IlgIJIQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4ASKMDDlbRWVOd4lBbUi6zmt8YhYHwI4LUJALTSpSsQpcQ239TMgk2-adXT3-We5-pFSfPWeW4aQbvsjRFZCbnUkq9IlgIJIQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 8239 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEGfVvlazSTjED91iG5N1UbU&google_cver=1&google_push=AehlK4BcsgF0Y9_PGisFeCauy5ZQeG0Rj33nKA1n1poOrnvGPnoIJPg2rWveUaoQPnzAajQh0uikQq5EYAgpU1nALSdaZJNBKBSz7w
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 8239
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKXZgXbLbQ31HCWdYk5p2Ak&google_cver=1&google_push=AehlK4DtpLRjxBVJd3WH8MO7R9npRy1vCsSd3a0RcbCPpOyFqNVNsGoje2orIfL4M7CU4p-Vr-TOECkZeH3fmBoyiYFPuKK...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4DtpLRjxBVJd3WH8MO7R9npRy1vCsSd3a0RcbCPpOyFqNVNsGoje2orIfL4M7CU4p-Vr-TOECkZeH3fmBoyiYFPuKKw10uBVg&google_hm=NjYwMDg1NjgxNDY2NTIx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4DtpLRjxBVJd3WH8MO7R9npRy1vCsSd3a0RcbCPpOyFqNVNsGoje2orIfL4M7CU4p-Vr-TOECkZeH3fmBoyiYFPuKKw10uBVg&google_hm=NjYwMDg1NjgxNDY2NTIxNDExMg%3D%3D
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 10 Aug 2022 06:28:48 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4DtpLRjxBVJd3WH8MO7R9npRy1vCsSd3a0RcbCPpOyFqNVNsGoje2orIfL4M7CU4p-Vr-TOECkZeH3fmBoyiYFPuKKw10uBVg&google_hm=NjYwMDg1NjgxNDY2NTIxNDExMg%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
attr
cm.g.doubleclick.net/pixel/ Frame 8239 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J9y58w5gfqTGniuFlq9OU0FEoAQ0zSybb5a_YijZrkf-ezU0nA
Requested by
Host: 6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enabler_01_248.js
s0.2mdn.net/879366/ Frame 0EC4 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_248.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17514740910241995832/300x250-IG/index.html?e=69&leftOffset=0&topOffset=0&c=kl5YJw9f8f&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17514740910241995832/300x250-IG/index.html?e=69&leftOffset=0&topOffset=0&c=kl5YJw9f8f&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 21:45:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31389
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41094
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:45:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Aug 2022 21:45:39 GMT
gsap_3.2.4_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 0EC4 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17514740910241995832/300x250-IG/index.html?e=69&leftOffset=0&topOffset=0&c=kl5YJw9f8f&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17514740910241995832/300x250-IG/index.html?e=69&leftOffset=0&topOffset=0&c=kl5YJw9f8f&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23276
x-xss-protection
0
last-modified
Thu, 05 Mar 2020 03:53:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 Aug 2022 06:28:48 GMT
UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
pagead2.googlesyndication.com/bg/ Frame 901E 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 13:08:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
62442
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14146
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 13:08:06 GMT
Matter-Medium.woff2
s0.2mdn.net/sadbundle/17514740910241995832/300x250-IG/ Frame 0EC4 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17514740910241995832/300x250-IG/Matter-Medium.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17514740910241995832/300x250-IG/index.html?e=69&leftOffset=0&topOffset=0&c=kl5YJw9f8f&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6fa5dc780f82954c6195014b45ed176062dfc326190b544ba0c67330beaae685
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17514740910241995832/300x250-IG/index.html?e=69&leftOffset=0&topOffset=0&c=kl5YJw9f8f&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 14:49:48 GMT
x-content-type-options
nosniff
age
142740
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32568
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 07:01:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Aug 2023 14:49:48 GMT
Matter-Regular.woff2
s0.2mdn.net/sadbundle/17514740910241995832/300x250-IG/ Frame 0EC4 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17514740910241995832/300x250-IG/Matter-Regular.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17514740910241995832/300x250-IG/index.html?e=69&leftOffset=0&topOffset=0&c=kl5YJw9f8f&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed0979994a8298d1881b572e86d0435c7e98c63ee01050a64bf68a9da07b6fc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17514740910241995832/300x250-IG/index.html?e=69&leftOffset=0&topOffset=0&c=kl5YJw9f8f&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 14:40:40 GMT
x-content-type-options
nosniff
age
402488
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32200
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 07:01:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 05 Aug 2023 14:40:40 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D157 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu2GXpZkK0Yg3soDdhxcIHgpqyeHMzEYVmPjajo1mjiLjB2BVEV36QX_InAykmoQHirqEnhrAwSGT1dH_SQS0FnQMFC6S49RElg1YhC-iZsEOkqf7-OnZvCiTVR89vyRIdGZsPlLSL9PDsNsAnnYesyhT1GQDyW6hzXj39uSJTpXQgdD_R4QGoCvlfYbxGiE3JEUl5fP_ww6nWmgsUHo4ZLorlmHHjQmPk2Xeg2lnaZbj0VKXySVXMN1XuOjK_IVX2eIGNTBdEaGiV9PUy-Sjc-z_QoWTx_5q3XXJOmGmBJUHwvvjh-sx3gvR29LTbfFpd0pO6kmsOMsTB_tJXPHfRo_d4-7Rm7QwCzcJhoS3JYYMhsApWyVtVNUAJiats3rMWbdemd9wrD-6KDLAs2bpevExoX9vlBsF5HNd_SDsSmhHn2jIUDMAl6sCSg7uXIBipOLMVTjoKUuiEP90B8USsWX-eXXujQyx-hO-P-2GU6_OOfpBPj75f2SXb3hf9jckgvwvPVcvSTm7wgjLIk_0lbxMGj5d65R-EsaArPopuIvPt_IveEe07TRBomalrWCF6fzRggESRmD5PFhfd8Vc5k5WfNFjgQztwcB62cpRD72xGVg_UvSuX3sLMtzMUxdRbGjvVkBKwQoHCpUvldyDQk5IMNNpQs1rtp2Te_iWPTXobFOsr2O7e0Hy3ZBf5X4RpOtJt3hhZptg8tH3biTHJvroIqLQ9VdoXbG5v7bXaeeBdJESmMNNzqgE54KSgnHKquYY1std9MDt3pzrZFVp8BFKgRY0HxweWuFajoTDazDtpH1D3wNEnCoJnOK-yDaERKnyVOmxQ8Hx4McjioPwae0-sJ9F4zw5BobL6T8nyC0m1Fhvvw_V8BA79zPVaL7R5A5hDyhPPs5v1_n13OzIc2-m17hBOS0cFuNV-gWur7rhC3uQvPf-VL0o2RTyqIwhDXT6jkfMyK-zgMeJq_Rbq2fYBadD1ryDxNgESx8NvEu0wf8z4ldCtAxGZnR3vVz2b31j2hQrWaqPUUJAo8pMFfqz4efYKk7O6yFCkO4d3jO03asie52a71zidKD6W2H3e8sUJeANen-l59XvlKdZMJptBFIiDo-juG7u8u_peQc8LM9TgMVI-cPCYcnbV9gdncr-8_9Ju7ob_AhlaFwXd2gWPVR9SIBFMs9BLENM_mytTrxed7k12JBiM6IUF4pkL1yThzJRgnGz7wka4RqQNlL-d-j8o7lnWmNRKBq2YysO6zpfcQ9IS4tnn68T7Yh2VvqYmhTFZ0Kea-6E2zLDApJ8_mFLDoXLvieVNcv9gy8hCDImfe2rdn7gMzTjm-cckW41FPJOKF6n146Z8rB0FkNj6sg50739DbGsvdjv9M-j0U&sai=AMfl-YRPmqV9FEXh75j884_ejVxM0_BevXrL7ABjyCbPzKNlEhyYmAZM74xkWXAqH6g2L1eaxSXxUaWfgLXMolyP6fjv16-A3YTzlJsODCQCFvCCoJT1fiYE10Tf1H4XDDIruPmtopM6GJ1tAAee2TxVYYIHyzLdh1c8E7KIwmSlBY58vrKAsyG6li4RQGmM6tKG-XzkFAzpbBgvlD34VeoXcLuwTSG1w0-NbyAY4OvE3NKBZps&sig=Cg0ArKJSzOnpwsfYJvJ4EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=153&vt=11&dtpt=100&dett=3&cstd=50&cisv=r20220808.46732&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP58.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Aug 2022 06:28:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0EC4 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_248&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc3c006e896750ae706ea38ff1d09d8aadfaa54586f2651b330aaeab80020748
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Aug 2022 06:28:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5483
x-xss-protection
0
IG.png_1650635493329_IG.png
s0.2mdn.net/dynamic/2/10955994/cdn.ad-lib.io/v2/partners/5c8fc746b301b0322c3f5247/assets/concepts/5f93205125133300060d9b9e/templates/5f93256625133300060da46f/content/ Frame 0EC4 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10955994/cdn.ad-lib.io/v2/partners/5c8fc746b301b0322c3f5247/assets/concepts/5f93205125133300060d9b9e/templates/5f93256625133300060da46f/content/IG.png_1650635493329_IG.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5386a8245c5b0487706a000d0dec7cbf1ce248ab8bcf841a05bb8f0f1529972a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17514740910241995832/300x250-IG/index.html?e=69&leftOffset=0&topOffset=0&c=kl5YJw9f8f&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 14:50:11 GMT
x-content-type-options
nosniff
age
142717
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3769
x-xss-protection
0
last-modified
Fri, 22 Apr 2022 13:51:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Aug 2023 14:50:11 GMT
boilerplate_arrow.png
s0.2mdn.net/sadbundle/17514740910241995832/300x250-IG/ Frame 0EC4 		269 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17514740910241995832/300x250-IG/boilerplate_arrow.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf35df2bb419b7d295e3d410951b22688d58ccd17c346c1cafdcfe7fb7f46c9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17514740910241995832/300x250-IG/index.html?e=69&leftOffset=0&topOffset=0&c=kl5YJw9f8f&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 09:13:08 GMT
x-content-type-options
nosniff
age
508540
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
269
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 07:01:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 04 Aug 2023 09:13:08 GMT
IGlogo-Concept8-300x250_0_0_1.00.png_1650635493329_IGlogo-Concept8-300x250_0_0_1.00.png
s0.2mdn.net/dynamic/2/10955994/cdn.ad-lib.io/v3/partners/5c8fc746b301b0322c3f5247/assets/singleFiles/6231c5254ddead99a7220ee9/original/ Frame 0EC4 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10955994/cdn.ad-lib.io/v3/partners/5c8fc746b301b0322c3f5247/assets/singleFiles/6231c5254ddead99a7220ee9/original/IGlogo-Concept8-300x250_0_0_1.00.png_1650635493329_IGlogo-Concept8-300x250_0_0_1.00.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
521d2b7c4f72a027b1330da48ece1b32eb543c97458e71947f2e28cfb13e8413
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17514740910241995832/300x250-IG/index.html?e=69&leftOffset=0&topOffset=0&c=kl5YJw9f8f&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 14:50:11 GMT
x-content-type-options
nosniff
age
142717
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2693
x-xss-protection
0
last-modified
Fri, 22 Apr 2022 13:51:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Aug 2023 14:50:11 GMT
cta_arrow.png
s0.2mdn.net/sadbundle/17514740910241995832/300x250-IG/ Frame 0EC4 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17514740910241995832/300x250-IG/cta_arrow.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68334b755bde450834448f6bd592f11597c16fac7551d5c1244d74f974e4fdf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17514740910241995832/300x250-IG/index.html?e=69&leftOffset=0&topOffset=0&c=kl5YJw9f8f&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 14:50:11 GMT
x-content-type-options
nosniff
age
142717
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3879
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 07:01:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Aug 2023 14:50:11 GMT
GettyImages-1155610132_265_84_0.69.jpeg_1650635493329_GettyImages-1155610132_265_84_0.69.jpeg
s0.2mdn.net/dynamic/2/10955994/cdn.ad-lib.io/v3/partners/5c8fc746b301b0322c3f5247/assets/singleFiles/62320716f71c39948ef534be/original/ Frame 0EC4 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10955994/cdn.ad-lib.io/v3/partners/5c8fc746b301b0322c3f5247/assets/singleFiles/62320716f71c39948ef534be/original/GettyImages-1155610132_265_84_0.69.jpeg_1650635493329_GettyImages-1155610132_265_84_0.69.jpeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f625679b23f8d389789c4939c0597601127db13ac8f96fc543a7937843f2094
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17514740910241995832/300x250-IG/index.html?e=69&leftOffset=0&topOffset=0&c=kl5YJw9f8f&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 14:50:11 GMT
x-content-type-options
nosniff
age
142717
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22926
x-xss-protection
0
last-modified
Fri, 22 Apr 2022 13:51:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Aug 2023 14:50:11 GMT
391f7a7a4277d1f9d837ec833bbc3a24.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/media/ Frame 51B3 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/media/391f7a7a4277d1f9d837ec833bbc3a24.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ac456c259cc6079c8419221cfa83da523d6ac408e5b805a2168a7795924b4ad
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
17823
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13776
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 01:11:45 GMT
server
sffe
date
Wed, 10 Aug 2022 01:31:45 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 10 Aug 2023 01:31:45 GMT
d34ccf238d4bf4e0765398db2e1d9d0c.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/media/ Frame 51B3 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/863300823173379816/media/d34ccf238d4bf4e0765398db2e1d9d0c.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0cd271e1a4ae2c2a2276470d9cb8d01671929f60aaa827ae221541c91337be5b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
17821
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16534
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 01:11:45 GMT
server
sffe
date
Wed, 10 Aug 2022 01:31:47 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 10 Aug 2023 01:31:47 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0EC4 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:28:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Aug 2022 06:28:48 GMT
truncated
/ Frame 0EC4 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/gif
GettyImages-1155610132_265_84_0.69.jpeg_1650635493329_GettyImages-1155610132_265_84_0.69.jpeg
s0.2mdn.net/dynamic/2/10955994/cdn.ad-lib.io/v3/partners/5c8fc746b301b0322c3f5247/assets/singleFiles/62320716f71c39948ef534be/original/ Frame 0EC4 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10955994/cdn.ad-lib.io/v3/partners/5c8fc746b301b0322c3f5247/assets/singleFiles/62320716f71c39948ef534be/original/GettyImages-1155610132_265_84_0.69.jpeg_1650635493329_GettyImages-1155610132_265_84_0.69.jpeg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17514740910241995832/300x250-IG/index.html?e=69&leftOffset=0&topOffset=0&c=kl5YJw9f8f&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f625679b23f8d389789c4939c0597601127db13ac8f96fc543a7937843f2094
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17514740910241995832/300x250-IG/index.html?e=69&leftOffset=0&topOffset=0&c=kl5YJw9f8f&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 14:50:11 GMT
x-content-type-options
nosniff
age
142717
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22926
x-xss-protection
0
last-modified
Fri, 22 Apr 2022 13:51:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Aug 2023 14:50:11 GMT
IG.png_1650635493329_IG.png
s0.2mdn.net/dynamic/2/10955994/cdn.ad-lib.io/v2/partners/5c8fc746b301b0322c3f5247/assets/concepts/5f93205125133300060d9b9e/templates/5f93256625133300060da46f/content/ Frame 0EC4 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10955994/cdn.ad-lib.io/v2/partners/5c8fc746b301b0322c3f5247/assets/concepts/5f93205125133300060d9b9e/templates/5f93256625133300060da46f/content/IG.png_1650635493329_IG.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17514740910241995832/300x250-IG/index.html?e=69&leftOffset=0&topOffset=0&c=kl5YJw9f8f&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5386a8245c5b0487706a000d0dec7cbf1ce248ab8bcf841a05bb8f0f1529972a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17514740910241995832/300x250-IG/index.html?e=69&leftOffset=0&topOffset=0&c=kl5YJw9f8f&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 14:50:11 GMT
x-content-type-options
nosniff
age
142717
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3769
x-xss-protection
0
last-modified
Fri, 22 Apr 2022 13:51:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Aug 2023 14:50:11 GMT
IGlogo-Concept8-300x250_0_0_1.00.png_1650635493329_IGlogo-Concept8-300x250_0_0_1.00.png
s0.2mdn.net/dynamic/2/10955994/cdn.ad-lib.io/v3/partners/5c8fc746b301b0322c3f5247/assets/singleFiles/6231c5254ddead99a7220ee9/original/ Frame 0EC4 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10955994/cdn.ad-lib.io/v3/partners/5c8fc746b301b0322c3f5247/assets/singleFiles/6231c5254ddead99a7220ee9/original/IGlogo-Concept8-300x250_0_0_1.00.png_1650635493329_IGlogo-Concept8-300x250_0_0_1.00.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17514740910241995832/300x250-IG/index.html?e=69&leftOffset=0&topOffset=0&c=kl5YJw9f8f&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
521d2b7c4f72a027b1330da48ece1b32eb543c97458e71947f2e28cfb13e8413
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17514740910241995832/300x250-IG/index.html?e=69&leftOffset=0&topOffset=0&c=kl5YJw9f8f&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 14:50:11 GMT
x-content-type-options
nosniff
age
142717
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2693
x-xss-protection
0
last-modified
Fri, 22 Apr 2022 13:51:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Aug 2023 14:50:11 GMT
UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
pagead2.googlesyndication.com/bg/ Frame 8186 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 13:08:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
62442
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14146
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 13:08:06 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 901E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B783gIFDzYrTUBs-4x_APpZ23-AoAAAAAOAHgBAI&bg=!EhGlEVXNAAZGjrx1Zo47ACkAdvg8WgBiCNe8M3khksxwheheHQR0oFbIuqKEArghhqip-mFf_WDgUgIAAAB_UgAAAAFoAQeZA0u3AD53R0UYjHdvLp4izENyisQxEkjzl_ELgnigzKr2BXmV8QWBUUHkd3kNoMC36tGkIfqr-jjoP8mJ-n-Lga_seSb9xaS9rI6DX90HBBXytZ7ftcVS93oKQyCKGePIyS0O8FxzqBz6NAXC2o9YT-xg3RPbdx4rMSZYwYSP4DtQAFJ3Zx06vbBat4TodaP4OtGIVd5B6dOI2bM8_Sn-LlZ-SUI9gF1C8wjAWNafplWyIJ3o1JhaHrTJUs1GoqPjNzha2xl-HsSRTxSQlBup6iR-x6lW9Dg8ZXb2FyXTuF3cZq2gX_p4JO3d4VpMsUAkiT8PyYPXn3sPC5aeBMSF0msP1L5sRULJlbzyrXmt9F4bTePZJWOWuXN4l7Dm3mXz9MoOqMCDHVb4lkQZWP8Nb9Wf5N6ae86lgUdxI8nzEXOS-uLglq0SXRiw4Cdb42G9x7qQIWgMiqZeQffvctGLT9YJYOxI1ugrOnRao1PVdq29f5lk82INMhmUce6yr7B1l_IlEUE8m4HOOdNDsdbAgS73-4qBsUfCezEASaGiIIOlADAW5nbVnsVPAcDeT1XjLNW0sSlvOV5wq7jufsLqWibETrUJryuQMQcCPPKKdOmfJ94ewT3I6N4ltdyBwwjMgSuc1ARs1o_S7F2YrmpTwL_C9rh_LGPUlgDJ_P4k6BzIBdFL9Upf1OreP3CZIeZJcNp6nAslxOJmQQ0gS_IIqaidLgE1bznO3g2bOZ-eZX_X1_Xobuufp1ijxVaCqMFpmC8zu3zE5YWdXNKWAsPpr5wDiuA7V7ChlIQ7W4MLJ0sLDRy2X9e2emmsYe1dcXaE_9S3-Swea1pNkRqpsO3Tfmnt0h62MEGwSkn19Vl-1RHxMfMewhwC4NtPthHZSYhKsZuIPq_1u85U0PT2cQFmDK9Gvqynr8W9upvFjeqElra32QHSdqFWm67QGRFnBxsrLOVDZSWc4pxrLZdkJfHhMH5vDhcOTmZuV5IG7VmGUDaWEIefXABboXCKWJcvTf4Lwc2UWF2K8mQXKijK_Y-CGC7lj2iA8aAXIYzY7zEbwquAyV1MWG4vId7iOWAXdZakceN8MQuHBwzEqdPLrcfoB1XX3Mi1bqovPllVNh8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D157 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu3_tkzOyKpKeRVnyp_CEVBzaz3eogD89pWs6Aac3TvANSQuWV4-6hWA9P27d4gQui7_Kh1zGn6H3Nq4209NdeSaDl7mI5-opNp6-HnXXrVhP8-z7E-KW6Inqim6WBDFNCEIYh5g5TVv-bH&sai=AMfl-YSir7jDYPvScBaZ7AHAqizdpvp2LK96OVPi73oJw6qhEuD1AkCCHarcVDKGyvQtpXCKJR5irTOEqkqGjF-aexTiUFQcyihjV3E4EpYrnPObrX74vzVVGWoo1jg&sig=Cg0ArKJSzGBqn7Rcc9tYEAE&cid=CAASJORob_hea054Pp-kVCOemLtCalFa8nywZzjEvEQKYqYpqqrb-w&id=lidar2&mcvt=1000&p=1219,0,1469,300&mtos=0,916,1000,1049,1167&tos=0,916,84,49,118&v=20220808&bin=7&avms=nio&bs=0,0&mc=0.8&if=1&vu=1&app=0&itpl=20&adk=3899787530&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660112928067&rpt=154&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 06:28:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

163 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| googletag function| $ function| jQuery object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots number| google_rum_task_id_counter string| google_user_agent_client_hint string| demandSupplySc string| demandSupplyCr number| demandSupplySr object| houseAdCampaigns string| demandSupplyTi number| demandSupplyAp object| demandSupplyTc object| demandSupplyTcI number| demandSupplyPDI object| demandSupply object| apstag object| $g object| dspbjs object| _app function| autoScroller function| ExpandCard function| ChgImg function| CgMainBG function| ChgImgBG function| ChgImgBGSrc function| chg_location function| OpenWindow function| ChgBgColor function| OpenLink function| PrintDocument function| SendDocument function| SendSong function| ChkFields function| MusicPlayer function| MainMusicPlayer function| MainMusicPlayer_tst function| ChkFields2 function| PostComment function| PostWish function| ShowWish number| CommentCounter function| ExpandComment function| PostEvent function| PostQuestion function| resizes function| AdhaCards function| FitrCards function| ChristmasCards function| GreetingCards function| getScrollingPosition function| HideFooter function| resize_box object| jQuery11130008367673229356054 function| gtag object| dataLayer object| _atrk_opts function| sticky_relocate number| dir number| MIN_TOP number| MAX_TOP function| autoscroll object| gptAdSlots string| url function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc function| openCity function| mouseOver function| mouseOut number| tot_GradCounter number| grad_current_counter object| OutsidePics object| subject object| sID object| category object| html_links function| grad_func object| google_tag_manager string| GoogleAnalyticsObject function| ga function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| onYouTubeIframeAPIReady boolean| apstagLOADED function| atrk boolean| _atrk_fired object| FB object| gaplugins object| gaData object| interstitialSlot undefined| staticSlot object| vmpbjs object| vpb object| adipolo object| __buffer object| jQuery1111006455644210416889 object| ID5 function| emptyFn object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| __AMP_LOG object| __AMP_ERRORS boolean| ampInaboxInitialized object| __AMP_MODE function| __AMP_REPORT_ERROR object| AMP object| GoogleGcLKhOms

26 Cookies

Domain/Path Name / Value
live.demand.supply/ Name: demandSupplyTi
Value: a683aaf6-8d0e-4279-b003-98d6543a4e4e
.farfeshplus.online/ Name: _ga_DNX5KLEBSB
Value: GS1.1.1660112923.1.0.1660112923.0
.farfeshplus.online/ Name: __asc
Value: 859362511828670ea89d3b4b594
.farfeshplus.online/ Name: __auc
Value: 859362511828670ea89d3b4b594
.farfeshplus.online/ Name: _ga_9NTBGJYJES
Value: GS1.1.1660112923.1.0.1660112923.0
.farfeshplus.online/ Name: _ga
Value: GA1.2.863081066.1660112923
.farfeshplus.online/ Name: _gid
Value: GA1.2.418760737.1660112923
.farfeshplus.online/ Name: _gat_gtag_UA_192956646_1
Value: 1
.casalemedia.com/ Name: CMID
Value: YvNQG2SNzLmPXUfux7me6QAA
.casalemedia.com/ Name: CMPS
Value: 1130
.casalemedia.com/ Name: CMPRO
Value: 1130
.farfeshplus.online/ Name: __gads
Value: ID=45e7d6a8bb8793e1:T=1660112923:S=ALNI_MYOo3ilxmveiNMD6HWhpRM2mytIRg
.adnxs.com/ Name: uuid2
Value: 548609651353842069
.doubleclick.net/ Name: IDE
Value: AHWqTUkEeCl_3nCdBftILSTBsI52_5-je2ErrKJ_g5EPwrM0sHEm79NEqgXjqGudM20
.quantserve.com/ Name: d
Value: EFcBCQHpJoEA
.quantserve.com/ Name: mc
Value: 62f3501c-b0d0a-fb8a1-d7abf
.agkn.com/ Name: ab
Value: 0001%3A5HsusSBbwtoL9GzBpFBNiboT3hjzvKeT
.agkn.com/ Name: u
Value: C|0CEAqhgycKoYMnAAAAAAAAQ13AQCAAQpAAAAAAA
.doubleclick.net/ Name: DSID
Value: NO_DATA
.innovid.com/ Name: uuid
Value: cdd7f2d4-303c-4bc7-bedc-64ecec98ebfe-20220810 02:28:45
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVTct`5p!]taL8i_iqf!oN/@E'zz<*Z0Qk=06pT/SMMpD3]-n4hxtNJ#`d%SdPm%iQP`TD._*PlZ[C[-kX-2t5=O
.casalemedia.com/ Name: CMTS
Value: 1189
.yahoo.com/ Name: A3
Value: d=AQABBCBQ82ICEJAmT0Gpm4UPxGNEzpV3VBAFEgEBAQGh9GL9YgAAAAAA_eMAAA&S=AQAAAvL57veByFbrptobUMVIa5I
.tribalfusion.com/ Name: ANON_ID
Value: aCnseFO5nP97PRo7UVrOxNiQYrNAamfZc3u8FLZaCtwIDgut4Lt6XUmmKFqIuuwqJcmR0PvjTXbKWtYX0VM1jG
.mathtag.com/ Name: uuid
Value: 67ba62f3-5020-4900-8807-ac21ca1e291f
.mathtag.com/ Name: mt_mop
Value: 4:1660112928

27 Console Messages

Source Level URL
Text
network error URL: https://www.farfeshplus.online/fontsNew/thesansarabic-plain-webfont.woff2
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://www.farfeshplus.online/fontsNew/thesansarabic-plain-webfont.woff
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security error URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/850270515666222008/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security error URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/850270515666222008/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security error URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/850270515666222008/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security error URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/850270515666222008/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security error URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/850270515666222008/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security error URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/850270515666222008/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security error URL: about:blank
Message:
The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/850270515666222008/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security error URL: about:blank
Message:
The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/850270515666222008/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=280&slotname=9134183485&adk=3378407940&adf=438727914&pi=t.ma~as.9134183485&w=336&lmt=1660112923&psa=0&format=336x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923300&bpp=1&bdt=963&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=3262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=39&uci=a!13&btvi=1&fsb=1&xpc=4MUJuJ2tiO&p=https%3A//www.farfeshplus.online&dtd=4
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/4990041485613105039/index.html".
security error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=280&slotname=9134183485&adk=3378407940&adf=438727914&pi=t.ma~as.9134183485&w=336&lmt=1660112923&psa=0&format=336x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923300&bpp=1&bdt=963&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C120x600&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=3262&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=39&uci=a!13&btvi=1&fsb=1&xpc=4MUJuJ2tiO&p=https%3A//www.farfeshplus.online&dtd=4
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/4990041485613105039/index.html".
other warning URL: https://cdn.ampproject.org/rtv/012207221643000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012207221643000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
security error URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 12)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/6379025172620985042/index.html".
security error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=2065248459&adk=1530395088&adf=1056458448&pi=t.ma~as.2065248459&w=300&lmt=1660112923&psa=0&format=300x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922945&bpp=1&bdt=607&idt=412&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1760ac1a23b33a3-228f92b8e9cd00b3%3AT%3D1660112923%3ART%3D1660112923%3AS%3DALNI_MYsepQxJ79h40_6v6XfVTRdIlpAyw&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ZhN9XgVK8W&p=https%3A//www.farfeshplus.online&dtd=415
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/13842806366495536883/index.html".
security error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=2065248459&adk=1530395088&adf=1056458448&pi=t.ma~as.2065248459&w=300&lmt=1660112923&psa=0&format=300x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922945&bpp=1&bdt=607&idt=412&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc1760ac1a23b33a3-228f92b8e9cd00b3%3AT%3D1660112923%3ART%3D1660112923%3AS%3DALNI_MYsepQxJ79h40_6v6XfVTRdIlpAyw&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ZhN9XgVK8W&p=https%3A//www.farfeshplus.online&dtd=415
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/13842806366495536883/index.html".
security error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=250&slotname=6076681977&adk=2278793534&adf=3181854402&pi=t.ma~as.6076681977&w=300&lmt=1660112923&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923419&bpp=1&bdt=1082&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600&nras=1&correlator=2329524702554&frm=20&pv=2&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4778&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=43&uci=a!17&btvi=3&fsb=1&xpc=S9xagpeohj&p=https%3A//www.farfeshplus.online&dtd=4
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/4990041485613105039/index.html".
security error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=250&slotname=6076681977&adk=2278793534&adf=3181854402&pi=t.ma~as.6076681977&w=300&lmt=1660112923&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112923419&bpp=1&bdt=1082&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600&nras=1&correlator=2329524702554&frm=20&pv=2&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4778&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=43&uci=a!17&btvi=3&fsb=1&xpc=S9xagpeohj&p=https%3A//www.farfeshplus.online&dtd=4
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/4990041485613105039/index.html".
security error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1738279810&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1660112923&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922966&bpp=2&bdt=629&idt=464&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=ZnV6vXKrNG&p=https%3A//www.farfeshplus.online&dtd=467
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/1576807414729870166/Heroal_D_72_970x250_DE.html".
security error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1738279810&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1660112923&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922966&bpp=2&bdt=629&idt=464&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=ZnV6vXKrNG&p=https%3A//www.farfeshplus.online&dtd=467
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/1576807414729870166/Heroal_D_72_970x250_DE.html".
other warning URL: https://cdn.ampproject.org/rtv/012207221643000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
security error URL: https://6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/863300823173379816/index.html".
security error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3622919201&pi=t.ma~as.5788561387&w=728&lmt=1660112923&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922989&bpp=3&bdt=651&idt=522&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280%2C728x90&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1563&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=SoA8VOiTCe&p=https%3A//www.farfeshplus.online&dtd=525
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/5452420620895986848/index.html".
security error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3622919201&pi=t.ma~as.5788561387&w=728&lmt=1660112923&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP58.asp&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660112922989&bpp=3&bdt=651&idt=522&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2fe4d66502454466-22b7c1ceeccd004a%3AT%3D1660112923%3AS%3DALNI_MaJGEvVuFi_LRY-RF6q4mZOeodovg&prev_fmts=0x0%2C120x600%2C120x600%2C336x280%2C160x600%2C300x250%2C300x600%2C300x250%2C760x280%2C728x90&nras=1&correlator=2329524702554&frm=20&pv=1&ga_vid=863081066.1660112923&ga_sid=1660112923&ga_hid=494893594&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1563&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C31067528%2C31068606%2C31061690%2C31068520%2C31062930&oid=2&pvsid=3278476289912146&tmod=1693731328&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=SoA8VOiTCe&p=https%3A//www.farfeshplus.online&dtd=525
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/5452420620895986848/index.html".
other warning URL: https://cdn.ampproject.org/rtv/012207221643000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6e92d5748f6d6371287435b8f7ed9d4e.safeframe.googlesyndication.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
adipolo.com
adservice.google.com
adservice.google.de
ag.innovid.com
ajax.googleapis.com
bid.g.doubleclick.net
c.amazon-adsystem.com
cdn.ampproject.org
cdn.flashtalking.com
cdn.id5-sync.com
certify-js.alexametrics.com
certify.alexametrics.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
connect.facebook.net
csi.gstatic.com
d.agkn.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
images.farfeshplus.online
imasdk.googleapis.com
jscdn.greeter.me
lb.eu-1-id5-sync.com
live.demand.supply
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
player.aplhb.adipolo.com
pr-bh.ybp.yahoo.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
region1.google-analytics.com
rtb.openx.net
s.tribalfusion.com
s0.2mdn.net
secure.flashtalking.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.adsafeprotected.com
sync.mathtag.com
tpc.googlesyndication.com
vast.doubleverify.com
web.facebook.com
www.facebook.com
www.farfeshplus.online
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www2.farfesh.com
104.18.19.126
104.244.36.20
108.138.17.30
13.32.121.55
141.95.98.68
142.250.181.226
142.250.186.162
162.19.138.116
165.227.238.198
172.217.16.130
18.119.62.241
185.18.205.174
185.18.205.182
185.29.134.244
185.89.210.90
198.47.127.19
2.18.232.99
2001:4860:4802:34::36
2001:4de0:ac18::1:a:3a
205.185.216.10
2600:9000:2491:5400:8:48e:53c0:93a1
2606:4700:10::6816:3556
2606:4700:4400::6812:230b
2606:4700::6810:8616
2607:f8b0:4023::78
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:801::2008
2a00:1450:4001:803::2001
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:1450:4001:809::2003
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2001
2a00:1450:4001:810::2006
2a00:1450:4001:811::2004
2a00:1450:4001:811::200a
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2003
2a00:1450:400e:810::200a
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d018:d29:3602:ab6e:8189:a819:79f3
2a05:d01c:1d8:8101:d7b0:e7f4:5b5e:7c21
2a06:98c1:3120::3
3.33.220.150
35.227.252.103
45.133.44.4
52.18.251.16
52.222.209.55
52.57.93.199
52.94.222.140
66.102.1.155
69.173.144.165
00f5c1a936e85ec2ebd8ae9b471fa45bdb8ea2126bf42fe219fb9446bbe806ae
0188fae44246f05fc19d2e525f22ee168e4899c8c2976c0689edbfd5713d67b0
01bd2be24c866eb7e7fb6e80a1c8b829429d0c5561b731939bce42ec75aa89a2
02b15fe2dd379519a9481c1a201eb5c11892c18d33127822ab4bdf69c715843e
043fcf99da99ebba01042cf4afc8afc9abc84a510b52198cc85051dc7d1b5fd2
055419370cfcd9852b4817adda8826937155bd8c2da1e7636db63e9893dbb8e5
065ca15ff96fad1c6a497d8ca908df91e2943d252745de0ef03ebae16e25bbbd
0690a9f47a388fcf00b536d62844d0c94513e0cfed499683222d71f1ece6bcb8
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
089dbe7c23474898fb6283daf81b3cd24809f97f615002ad72eac711db540589
097c32160654c300579bbdace63ca035c075ec78e42182b54161fd7fa02ece96
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
09bdd678609812f4311a2a3ae3b63b08b35029f886975555f704a3f79fbbe2d5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c67367731c6a34bfa860580cd4a5902d54d99b14a7f733ca1be13a6fe6d7678
0cd271e1a4ae2c2a2276470d9cb8d01671929f60aaa827ae221541c91337be5b
0d6746c7248aa903ecf97e6b71c8c81b10f9ad49a5c77dedfa49aff77be940ee
0e53fe7669a287b3f57bb942dcf1a1fc61c969891ddce211874c475996f8a029
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
0f67689da2d50f5d3fa9084183b2c1b4f0bf0493f0abb152266c1d6f5ac3b311
10e4dc131f719bf4ce0093e1682047905563c54c331d00d47614d07fd7a553c0
115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12d05b6d5e2b49c3f3fb2ded627a0e120256bfda04a08a83fd03d8db0dc1d3b2
13340dfc25a96d245772fb41c7aa01c32723b80d8dd8240864b747610d2ff745
13b3d907e5f12196acef4a97be670c4c1f23b8167d03e85d25a8493f0311ee5b
1502d2e19beb65aed367e78a8ee5d7ee14c82e693636988fc7780ca741793a75
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ac456c259cc6079c8419221cfa83da523d6ac408e5b805a2168a7795924b4ad
1b35871aecd23c2b4d17ccf35785b546ae3011e8551d2c54beb79fc68d241c18
1c9464895887e89bf485eb9a07e7ebe22ff70133a8bcb1e19a0774ecf67703a8
1d5496e35e009243a30cfa48df116a9a917035e94551898c956b3f88bc55145c
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
20529ace0ea3b33a1657c81a45814e8a9bf4090d35396b62b5ab65ab4e7fb1f9
21068b36778a59c50ec3b410358d6a264a3629514ff3285fcef4c85b3438c645
21c1baedf6650bb34b81dec56e17793342bb2d2b3ff229f5c771105a51090536
21d1b0b20f828bfc30a28d955358f5365617fa9a43d1b4b4899ffb4bcc58ac1a
21e4b5e7b98be139b22face383c7edd99a4eb95892f12c85aca5ffa6a2c10914
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
23dc04ce283fb7ab656d112b55f2d8d9d3f37eb8698e1defefc95c4ece328dd8
242cdaebdfa17e49c6135d974abe58b3dfdd98ed8aa2bca64d9838b44f6a30e6
2604b45b39193f2405a1a4b4f93b2d769fb6a67c8f1d0b097343e540c7911ec1
2657405e3e91a0f5d6490e8fe419c8f98e2437caca46a0c257563f11aefa3824
27925065d33095653c2bc9040eb529f106f0eb6236263a15915ee3c75c33fb11
27f35250bb878747b818e2264255e07ec6d3bb732f367a76769154f072fc4af8
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
29284b45a7fc45684d9643d2da72c9010f383f7cb63a82c783913719b266e0d2
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
29d19526c9a4e5ee721439c93c96cec5c9ce4c4a3e033bb333545b3cd5d5b6b1
2ac9db087c0f213e861b7b5a9edcd8ab73ba19f2ee899c18b7e9217dff3ecad9
2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c
2c147841f7b87a116369a6cd00eaf59f3c47f7bf0168572c8b2e02b4539fe69b
2c4f0bcb699b110d5cb89f843d624dda1bc7a5af9e41d26d1b67259f152f7a17
2dfc5a3a0c0e566dcef297390bc9719e95a3387c72d98520a736dc0fdf6b18a8
2e9e7402255ed620555809c90523c8111a4eb51832cc31e6008838ba33ed54bf
2f83c059fe628d108ce6accf80400acd0acfc8201776fc0204edad70ca2cbfc9
2f99bb0292828d2a14de5f044b9736fdc037567686c76892785dc443d0644b68
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc
30f634e5cee1ff5942cb19c0667435e895c64969f3c9dbab99b06b83d218a924
310e353c7311206ed767033f2debeb8b3eab1eb892836478f3f262a9ff1b68fd
31896f8d72716c4ddb86fd8400363e7c2c531a526052840c573c740c45f34ae7
34ab305cb15a1e818acd2df804210adb8dcb88d128527b1948590afa696965c5
34cd2db00c567f11e4d61fbafd2b1fe65a1e663b2d9de40533de20db60a0a073
35056c1afa8c32f713f9ce76056402ea38c11c1c3fdc3b12a420122699fb97c5
35c18d5d5696e34578123860c826b723ab1848a0b7f68e7c39f68205ce5d9687
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3806cd06f77242ca8ae341c503d477e48975cbd4bea0c52dbe3e4e7fdacc2108
38d0f5ea1cf620acf5dd9b7ed2d362684913db9d367e3cbdb3c2ffa8a1ce0846
392b17e3300df229a2cf6beeeb31dee8bca37b458d08d6a1cd6fbf824933c1db
3a44602c24b89885202fa9380b0b2794529f2fc070842f4256fa2e02d3f2e153
3a4fc14180ae118f278fef24fed0c73cb65bb14049d68f0f43b7041090965aa8
3b24b158b301234fff5a75a80081d67fb0f471e6316e847fe387d9927af0bab0
3cad3ba09310db42c8436baf0d6e4d01718445c837dde31e41bdafd5e8e0f291
3ce7b54170967680a14d6c53762436f8e19c6174e8c90e082420f653dce35fe5
3e9b735c5427ba143ec81be5b00b06b5902223a552d6ef8dd6f220351b2600ac
3fcee1208b4bcb58df6fbe5653aecd9e5630a7e06fef58c861ef2442345a59fb
400b356ca22f3e2283d3822a337d97c84c6c03c6ce51d79dae917a50d04f982d
4051c01deb8fa3fa9654865ab429319bdf168230949cd62f8f68b95c784c333d
414065eb8bccfeced9386a863dba180b1ab3153b18395b3bd4e855e0ee860f4e
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
42602978c9a802fda0871c82889b18d2754e5994fd904863cfca17210c1932c1
42a2138398903109e146c2aeec93115208dce08b843915bbd5be8a55ae15dfab
42fc207ebec992c03f7e8b3bf2f56ed07d798add6da0d4e91777eef7c9262875
43042a463b67481a52fa4fd63c07d65bf068e9c2aa2e90073b61c55d168cb6e2
44164712446dca8936e231298ccc8b35c0998035553a78d16ad44e46e70e4925
45304f215410bd82f9bd333bf646b18e488d6ba86b1b9fc6fea6d50a1048d677
4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4934174cd39db1f62680ac12ae44ad9aa040bd445d831ae65f79779b7f2e6e8f
4a1b1fe664f7b5245ee4004d44849642d47642c155f68a269d0d6006e62d09ec
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cda659884d023300f2ea181771a02c3aabe478c3e803be26ce68be70856b9a9
4d6af4a8993801d072d43f6918d244dad865c87b9c661b72bbe09c9bb0078a08
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e6d5cbec4fa0435b5307accc162df34fff6f4eb29050eaf1bc2ce28e2c4cdf3
50446c71ceb50da05427a213e11a2b9c2b3dac57ed1fe4af8ebb282470672eff
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50d76cd9ab4e560cf92c5e1389e577042fef840f21f4464fa919785bdd2906da
521d2b7c4f72a027b1330da48ece1b32eb543c97458e71947f2e28cfb13e8413
5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b
5386a8245c5b0487706a000d0dec7cbf1ce248ab8bcf841a05bb8f0f1529972a
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53d26929d0a6cf2e90ae51ade0a15f1f45a3cd017631322fc7391b58b5fecaec
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
552d2a8d8ca36821f304f196d543ef85641b22d556f549bad91deca4ffdebef5
555af24634857aaa6269bc23322154d1ab50855303f11641fed885a54e04c5a8
555eb4c0aefacdb9eaac9c59debe2fee03db5d4ffe0bf195e16a9400311d2064
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561aec52e5ec804ee143532298b8677dcf6da42fec6541484f50cdb94611d65b
58360c965ec385066ff2942e4f318757849c4fd3fe2277ceb2359f8246c04fcd
59e870bda64b6bce6549dcc64c48b63654c64fb42a7bb34f5f4d28d48fc054f7
5b0c868e05a8b05c5653a259a40647d60b3cfea7ed14903beaf1298d72e519fa
5c0454751b67d2cb1181486a5987ba0d3aecda39cca53bf51d23705fdb20c6bb
5de5bebd25e93e31f9670156cec4e6ced37ac5d4a98c8ec6b0068249ad7a29e8
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5ea995481d7dfddb5307f94aedabe955e8bdd9ba40b925007532997185cd35c6
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f625679b23f8d389789c4939c0597601127db13ac8f96fc543a7937843f2094
611c38f05c96ec32e94c9f536934519bf46d635d2dcc4feb4cd4d7e8ae109473
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63b31da7c560861dc044a6b35c1b51b9664daf1008174e88053ca298a429c8ac
6542d6957eb2019397fc494426e9dcdd6dd4e36ef7ac5543975c0f46195684a1
66bdbc6f334ad5094c875459d3a9b88c52f2f065759d45f0d5c8d0262d327ddf
674910f918d7e1679bc0405ce6f19495c7e4cb463af2f81ec96ae604161b9a10
68334b755bde450834448f6bd592f11597c16fac7551d5c1244d74f974e4fdf7
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
69baa42b5243c9fad39140cd27772eb779a829f93bbc325e2e695fd8b74f4371
6a0c2ae224f3e90943ef2413f331ec0ccf87bf4b0ec03e108973b3205236306f
6a5154bc76054450e38b7c60d0137cb161b53b726bb696b0fbd356a63b26db8b
6aed3a238eccdba51ccad99da44ae89e563a5e561cff593bdaa35982b8cc16f5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c4a0e0f904f05949387a622da12999ca9451e4fe248bc3cc33d611466f94981
6cb13cab2b0f024fef0f4604fc58761383645dce17a443b16a37b151f8eb9b95
6fa5dc780f82954c6195014b45ed176062dfc326190b544ba0c67330beaae685
70ff738bd23484181dbb349b5a69a2629933f3ee4603731fd983950bea0b6cd2
7310148aef9b5a6415c86ad58145e45ca053cb4dd04ee071a3840355f955966b
73fdce173a12a73b44c2f244ef75fe82c9cc456ccbc9273180e3d795236cdac8
74bb0cbb58741defba1828807c0b29c9ca1419f72378df004cfbe208321e7113
75a3c4df376bbd4bc194cbc937fe521ffc4d712544c7ea330d1b4802a076958f
7642527fb293d111c8eb43947e492b75dd9359ba85810cd2e0e0ee56b3d98b67
785625865a3ef35af76cba3f15ef1895925cff6e282d9aec1f20d8482efe30fa
78900e4e9068c8e5b0db08b4203f29204fe0683f35596971f73596f3608f0948
78d8c97602e3385a9d31943cc4719afdb191a15be3965143960a31d5408b0fb9
7a7dfd2734ca75fc47845a64852c3ec5869642c6680a400baf9b2f651144d8f9
7a9bd5e35a62f5749877795ff4430de2f4543e3a9bf60fc4368b1e34569226e4
7b2d712c45710fbfb6b4afb6291497785938fe80eada67ced184a4e81261d80c
7b99dd3a4c094f53e0fd89b146adb9458d64c1d6ac5b2e51774e3c1f276cf8b2
7c409f494ee43633c5e2caaeac201b20d165c0bf295d05133ceaf9ac385cab97
7eb2510ecbcb7a3940860c6d35e54fdbce097480e5fd0e5b9facd6d2c0dd2dd2
7fa651719293804b3ab13aeb4445088ac9c175595082625de6f1a6e3f3bb620a
813e08a0b6c28a3370c1b31ff8ca993a9655288f107b63425a898fe59fe4b806
82f960145fc2787df1efc837f7a5633cdf72e48d8945428d8168e3c5fc62fff7
83bbed9fabf29afd818f2dc6832dc08216f3d56badd9b69df5cd34c487c30f24
8452942ed5f585058adfc48e2cd76dfd930521fbc9bbc88382330fcf30b79a86
848229a565203a1b3b14ebd6b2036ec7d5014655e02b0415bb46c303cbbb8895
84a8ae2716c5ded3c8e7156842e9a539a0ba355d38154a74675041d65da61aff
851cacd5365b711843722eac7b071364f1ef0d1ddafab92790a819f603b825fb
85b1dd00466b81ac688c61c8f9e5c5fc8c45e3cacbee1476cc9f51c2f0fc2668
866c3e7e9c3ac0d8e0df50f622518445b0465dc4a34bbb6082b6c27391d77dbc
86a9b3cd983d408fa76352ad037930e1d281ae9116dd6fe378fb0092d53f9615
88f7a95d7936fdd87f077cdc042ae78b2bd206342905eaa0b758aa9e7bad0229
897b0eda2eb5e7df39acd929ba9f3f0b30d84594239cef6874c91aabff9e3f98
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
8a4ff76232f9c5b9a8829282a44f96a88ad7c45f64ac597228805b1e8e6074ef
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8bae478809f16d42ab1fa485486f0b06879c9df3fc47d5b7e6c7703f48689a5b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d8d2edfda89260c624baa30f56ed31c8243343364078c45be228897dfa0fadf
8db4db356541300d59ef29e42aada4010825fcc3dee28402411ceb12989f83b7
90acdec7799a0f5d492c728dace212a1a401dbcc19aa8ac89fb9af5e3fdb094c
9182a6a4cf9909394c564dc8863ef003224a64d43e48a5bda08b4db031169ebd
918659b2fe0c1db380be965d9297531fe01f9e1620e5bd82c789536a201219b7
924aace23e54fcf154a07509debd7336088b7546df4f6566062f477b6ed500a4
925ed48219a2d3c339c5d288fdae3f965efbca0e5ee4e369b7dcbb04b6ade06f
95e9b520e4fa4708a1c77240f74659b7964412a25f37c656cb1cb05cfed6b324
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
96f89ccaa9691f589914f0a82e81865ffa6ddc3c1a4017a16095b7aeedea7a5a
970eca5b2ecb52161d13600cfb3279ebac95e3c20f5331cd98b1e58fd77d8f70
9768390e63dd0e69cda6a0195e127c6cef278929dbe93bd64c811086d708c555
977fa7457d9090356470880119dee7d32a8c8a23beb9ddb4b13314ada5bcc545
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
984bf139d47c34ecb84a5ab9e3c9dacca8e4aa0217a73a2a5e4dece072eeebf8
985a75678aeb2265ad5871fa4e1bc207eefa788e1d5a47bf5dd848e3d9847765
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
9a4b4fd65128d556698d91d15c79cab646259badc9a3a090c5337cf28628fe71
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ae4b01e95d88f876b4de342dc9f2415014f192ba1f6174af2cd2bbb92f79932
9bd70ccdba8dde45e48b28bf7460bf01e0f21b048f94a33c041648849ed02f08
9c0d36d715f8ce60be660844dd82445753e8c19e64be004098dc8245eae93d91
9c9513781c4f234afb112e19cd27a1559181c12ab88f286edccdbe1ad47af11d
9cd84c9312be3bdd53a62ee8a1a7ca5f90e2131a139905b9d2d13adce0e318d1
9ecf8a9950fa915a5edb0375000dee72ebc2685054c865a72ae9cb0a0b43a4a3
9ed73b0c68e22a13cea6aa55c7613dc4b93d75214e1f61b1b633fb9d97db0680
9edd827965a6e1332c3aac5d7d0cc16269f4536a33817f25cb92703f5953c836
9fce620efedb3a0ab107c356a4980ebff44cb931313fa31fd201b2e28121cfae
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0bec107dc5e1169feb956927f5aa851ce5aa0231f38c0c99ac23cfe7c37a770
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1da5d7eb848212173820b2f28da139205d7a6e379552463ca2bc958a6ca343b
a2041c7780dcb51eb3a3318ba9ad92f69e5dcf1ee0af75bda2b430353a2133d1
a2e90c9c8fbbbfa403cbf4494e864806a46c55a644fa5cd2030e83ed7d91a1f1
a3f8b5ad6cfb1808cab74534896a3513105461c56516031f7799eff9f0768be6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a61c6bcec31dfb6363ab2bcd0cc1a3712e541af485f81ce2dbb891868d30e80d
a699e069b935c660a54c50f3b59c70f5e602fb93d3877d4b93583c2799464060
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9c35d8c4b6d3f6fb7342dd5b1d01eeb7fd5e23d1c2fe37d3e7a462b74bcc5bc
aa92fe5dfb6eb1e1d79ab08a1ebb220a92493c6702846f9c8a02f0d785da132c
aac9552f07e57bcbfa55fd1ecf3a698bfaf85fcba44fd1abeaf75e2ec9bc0caf
aacd82f3a6e0e9b82a08788d517939b088afe0e7bcbbec1eb371f7cd79eefbd8
ac7b85c89057a31981b2af0d754be1b67ab4af30d0d0b99e3088ea38562e2f38
acc86dcc8af614253a9292ae8940037da0a79d32b259f8415c603aa1024ed4c3
ace12dd025e2b8563461e7165f2b30188459a6b2d8cba341114e13abf9bf578e
ad3833d8c1c354d0eba5c33a4ed269b580316a98172c44a7eb46ceb09e755f59
ad4d10298d3f85cb5d13345d2490307d5e027411e992d9e905315c54e157fd94
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
af44d280920264564147250d0841eebf33288a04c932c182c06ec21600a228c2
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2aacc8fcb4e2a4803c92e5697bff78f91193ff22c2072850b5ffc786cc4b6fa
b2b84e4f0ec0d6887a466a39879e8ad6b649a905d18544790da1af14a5414fdb
b30f5c02c83f2272deab11c0744fa36ccbddaf90822af303030b9c142079c975
b396ad1f1cac053ea579e5989462b206af7fb863907bf319fe02d2a5ce29aebc
b4232d7975ca4fc1e6188befb8d99540d345e4b1dce5eb4b418bf4e49d4ceb65
b4daebe1b8920f9738e281da8af6b780e98c1dce00311fe3ed07e69d2a3efa69
b51cacc2f0f3ba8024bf5e2b1f4a09d73c0ba3763ba1e5ad5f574feaedcba99c
b6b69ba0757b1def6071366796fc763cc84df9c7c3f0a862f2fca906792c54b6
b7d6728628ef211d3b30f62aae45ab63fd79dc5ab17ad2dcf6f1bbce1268700d
b84170c704c9b4038e176ff9d9270fa0f80c49c6dae64ca19f5b0dbeda6902c6
b87b087902a91c8227ad1a391d43219abb4725af454d2856c2541b10b81cdfa5
b93ca25d6f46b958d7b9ba8af66a1f16d8b0e483ac51ef307cef71581b6be7e1
baac9dd57ed6ede936ed7949947f61108c6fe81cdd73a4da6e4d114c77000510
bab49784fe3dbfb8041d19939acbddae364f78ba5884ad9fbf6b48ee8062afe2
bae5abbb0a526cf58dde037e49c8ea8f804d50d751e45e4314bdb3ec0ae31925
bb820666b483dac59f85def4ea49edac67954b4359b1183a5e6bd6ee031fa048
bbabba6631d35956c6f20f923f934105428c75195fac6c9b234faa171ebc85fd
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bca5848863da2330453f1a6408a3e94623c50877ae30d7f4f7f17d7191007a55
bd2095b011c0d67cf8b867c5e56caeaf30eb675195419e4c008344b28b4e05f9
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
bf35df2bb419b7d295e3d410951b22688d58ccd17c346c1cafdcfe7fb7f46c9b
c1316c59ebb7ebf3879a5d7f1fb1644a34769bcaa22e24ce93d7b2e9c43fa0db
c1d9356630e581e6d5688f3d3d8e0b15b7356c69c7c7144e10bd0bdf8b01dddb
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c285d336c2834ded1deec44dd319b62efce246f36b952ee9210ef3a125ab5d4c
c2d452411bb9fcaf2f7743758b5856eb2429dc8eb79c37f38b223209ffb09161
c34c52853a47826f71598203a51cb0be8aafbbb5a89506332513ddf15e28f0c3
c3f6c8e9ca5e662dbdc7a3762d717aba29803eee3b4f039cbc2f16135522f446
c5d034d8d1ead860a1b8325f818c9afa94e376ef1d6775d3ebe9d16c58a1e64e
c6ab4f9a3174d8ff5b06299a2694497bea1d78f277f2720f203ecbe21d7d623d
c6e08e707b748fd83c9b8f493db89f1cb0231390aa02a294f1469cae38545ab5
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
cb1828e7d954e97e37d4eef3a5f19f4396d17613254be1c941ccd1012cfc6e27
cb93c3dc43c05cef4ae157c5f9461412c51fc83cf6e76b562318688fe73210b1
cbc11a4cca0873bc5eb909d2377e4c16aae92b7874dba89f746302b7ba301529
cc7154e7e7fdd3d5dbc82764f1a95a5ed863553b8981324adc409172e2e90184
cc788b49be81ed82d93fb1a05b588c1e537ac514a395503af9c2fc1b18a01cc7
cce45bed757c6288dd85428e91a2bb91927ce0f1a6cec010ac9f5db184670a7e
cd24b34a27fce760fcc344b87da4de9b4a4f810cf6c9437364927561e258b77f
cd28103c624fd7b94b2d3b657edb8900426f0784e47296ad07f8bb88b8d7e80c
cda44b86ab1d4b251e41df6c6f3d1e3efa3a73e630c6c79ebcaabe6e65147e95
ce68615abfb9e61c10226b2e98651f95b0343080b0678769a3bba5f89b6ef129
cf019a1e03162a3ab267c3dc07d7eb9b1ddb76ce703755c49a7ca9edbd1d87db
cf99cfb5ddd705ffb0ca32e221ab207947968503732683f40f6751a40baf1898
d02d8d87d19ae8912e7a070c65894d492d6fc2f03ed9798bc270b2d7121dc98b
d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35
d1690f7baeec0cb5bd6635dc5c1ede1b1894c3f03c37ba0a1b4bff555d761ce8
d2054477037f12656430de0119ca2bdd04296d7cec623fd8f58c6d746637d15c
d55a3b8b5069b05e8fc4cf48a7e8ad1c40ba9d11626dc32b0451d6ea0b09d850
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d6d673775b5bd99d9bafb2e5b1b878718c7e3ca7378f4bd981ee094e3421981c
d799661141d7e532bfca5a2eeb7eeeac0b56a24d424fe2bab1ea77b3cfd50e19
d80270fca800211f69c6daf5166d3a8245d8aac8c236b158709cb6b5a39406c5
d93f4f764048996df486e96b2c68f15f4f3b1c110eaff398b681c15b43aa9772
d989ad4ebc20d1c076c92ea738a85e166ed21a6e7ae65992d98021d60af8a35c
d9d65ad68b624600c52b7918ca6de659f9977728a62cf7f86c618cc0057c02bf
d9f5159bdce22970954434465e61b0bbcaaef31dd427d8d6baf1233b5575b5ee
db8bf8f0e0f2aed7fe4115072fc24c929aa16624e8c9d02982bcc78480757351
dba0ac0f28c8a92196e7bbdf099903b5f2931247773245a737ebc0f96978de76
dc4bff6074be2ad7702c978cbeb585f577c317443b756187d418d976a2683f59
dc9812c4bbf933c8cef8bd54b652f4af15e0ac7ed61b83ada67415483054d85d
dc9b9b710d984c7d3a1e6dfa70e03d31ce299040beb02b0ad6608d2eac9eda01
ddd426287e38fba1384b717adf07989a4a582fe010239da0843c7f26012adf7e
ddfa452f752c05d749643b4221e6e18c92c0e8b6085b5ffa0ffe357935dbf60b
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
deb8237504c89676bea6de8c9995746c9b150c0a7ba958372aea28d3874a7358
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e148991f8a9bbcb602cf5dccf5cc86b5417d48cd99e7038968d1294f9d1a530d
e1785cd16abf8a5b653b566a70daae72ddda696445bd3b40b810d65137e23985
e1b041f5710b8d2adc88aa7ee849409cfac64f18cab33a2c4b83de35844a016d
e1c179a35bbd5bd7f163ee50d2bd50ef441e5a5d321bff57ab78989540bdb068
e1ef7800360b198e12835c27f1b5c5f7c331f6110c9488266b9d3a138943f37b
e2161790304578add0b3f6b09c8c0f9fde6ac3343d69570696e67c67dad0587c
e22d0b219a8a6028584d46514b27734130c088950c06cd075bb6f75f1209329e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cdd746cc2c3f3cd99335244d3a96d46c469483365b90cae8dae19f42860f62
e3ef6cabd8cc928fc520e3d6a25b9557006fb6e7216d54f2f4dabd1e88305423
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e438f4dcbb7fcc347d198d1a906626132c8174dbc20dbaf639f64d0c8b322ed5
e4ca1dc49d5322b47dc3f27b0013377031a7e39c52cc23c05edea489b39e4588
e4e51ad380478c9873d5ea61348986d0874c2cbe4406fd46b43b0f107f5150b9
e505a99569c6963a08a5354523be51ee2aaa4049fa60b94696decdc741bffd8a
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5f043797ad4660c40f7f38977eee90c13668d234052e89b9e170a7e5d72ae06
e6e080e881e29a77d25b2707d3d130d52bf039080f439ffe7618ed9ebe5c0d8e
e713ee7c367c67d7f5da882d7be771a5aac5f43375ff7666cc1027c5c37b5b43
e78609c13e44bafd8f619e97e02631aea063465da09c9f1022a24a30f2ecd192
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e86d031bc1966161d41bc3984c648a614cbdce8fc421528c762ec5e25fc4eb3b
e88a703cd40665a296900c9537430c82b36789465ea0ebc48122cc8dd9904bd7
e9c45dea6d149ac4de08c8a5af38836a97d0c08144d2f1858247748b29615da3
ebec77c6060c802dd84d3a3b37ae1fb8c586337fb809c917a1e3d4e98d79e80d
ec35d12680c196a78c441c1ecad8aaa2b3d93dd413720cfe294f938f937c75f8
ec8d94b4fc714cc3fe9c80e6f3c504a275d594de8aac68c22b89dad97bd7a919
ecf03e3ee3620756fd88a58febebd41416c102e60ccc5325f5da6f5150cddec4
ed0979994a8298d1881b572e86d0435c7e98c63ee01050a64bf68a9da07b6fc2
ed8b1dd84b3d8427bacca74cf55cee3515615326b1c6b1351864dd2b78da3ff5
edfb87037c9b1119a254db457e60d604dc1f3ddb366127fbd8f3571bab693066
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
eee0942126b19590f3f73f1adab415019273bd7fb86963c3b3bedec3a9a971b2
eee5a0136bda1fdbd08716eceadb0f1d7bca3f56e142bbed1752ae05776507d8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9577bde6f616a309fd2f8525f866bc82ee040eefbea1d009770b5fe1f0a51a
effad215e1d5940720e49f2653f1e7201330f9877b65293ae14fee6a90efe91b
f0f36443435214fd810552979ed4aff389de6ee66c854d16778497fa973aeb71
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5b92ca86bc0cbf1aed51d9dc96f80eaa2eccfec08083c8f316ae643f0c13a95
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8190b560a2d9246b5ed02dea00f25d4e3cfccef39fd06d6c0c881fab7112cf2
f8380389699f8698cd62ded2caf2294354ce25f76d6f468c643eec84a218bcdb
fa40f4a8ee08b163e5c78cd66b81799e23cb9a95ee661c1218a11fc6f3d02431
fa8106520faa0e9ec978fd5012eb4afd22c8a1775d1d09c89cf657fe7b06f93a
fc3c006e896750ae706ea38ff1d09d8aadfaa54586f2651b330aaeab80020748
fcf2dc7e2e6221d073f0de71af49dac328118d24dfa61b3efce7a88b33871261
fd532191facfaedc55c4cb5fdce483a1c214c9401bd6e9adc7b366c33cb5e6b6
feb41a4217ae4da14021cb9e84a811930059867a0802c85b825b7f241da8b028
fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520
ff49f817d102f06a3c8158f49a8ca77f21550e283ef5a7bc2a4d0ee3e819546f