urlscan.io logo urlscan.io
SecurityTrails logo

www.farfeshplus.online Open in urlscan Pro
185.18.205.182  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.farfeshplus.com/
Effective URL: https://www.farfeshplus.online/FP45.asp
Submission: On January 18 via api from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 77 IPs in 11 countries across 75 domains to perform 628 HTTP transactions. The main IP is 185.18.205.182, located in Jerusalem, Israel and belongs to INTERHOST, IL. The main domain is www.farfeshplus.online.
TLS certificate: Issued by R3 on December 8th 2021. Valid for: 3 months.
This is the only time www.farfeshplus.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 70 185.18.205.182 61102 (INTERHOST)
68 2a00:1450:400... 15169 (GOOGLE)
19 2606:4700::68... 13335 (CLOUDFLAR...)
1 205.185.216.10 20446 (HIGHWINDS3)
15 142.250.184.194 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
18 2a00:1450:400... 15169 (GOOGLE)
7 185.18.205.174 61102 (INTERHOST)
46 2a00:1450:400... 15169 (GOOGLE)
1 99.86.3.67 16509 (AMAZON-02)
4 2a03:2880:f01... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
4 45.133.44.4 7018 (ATT-INTER...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 143.204.98.17 16509 (AMAZON-02)
1 2600:1f16:bc:... 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
81 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
4 2a0c:5c81:514... 55081 (24SHELLS)
4 2a00:1450:400... 15169 (GOOGLE)
2 6 52.51.91.250 16509 (AMAZON-02)
3 12 2a00:1450:400... 15169 (GOOGLE)
48 2a00:1450:400... 15169 (GOOGLE)
11 142.250.186.162 15169 (GOOGLE)
14 57 142.250.185.226 15169 (GOOGLE)
3 7 104.92.100.195 16625 (AKAMAI-AS)
3 6 185.33.221.13 29990 (ASN-APPNEX)
3 2a00:1450:400... 15169 (GOOGLE)
5 35.244.159.8 15169 (GOOGLE)
4 104.90.104.248 16625 (AKAMAI-AS)
9 37.157.6.252 198622 (ADFORM)
1 1 62.149.0.72 15497 (COLOCALL ...)
1 193.200.65.5 6681 (GIVEME-CLOUD)
1 37.18.16.21 205675 (HYBRID-AS)
7 2600:9000:224... 16509 (AMAZON-02)
1 2 3.122.144.9 16509 (AMAZON-02)
1 54.76.87.218 16509 (AMAZON-02)
3 4 185.94.180.125 35220 (SPOTX-AMS)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
14 2a00:1450:400... 15169 (GOOGLE)
1 213.202.235.8 24961 (MYLOC-AS ...)
6 37.157.6.234 198622 (ADFORM)
3 3 18.185.129.183 16509 (AMAZON-02)
4 5 18.156.0.31 16509 (AMAZON-02)
18 18.207.27.110 14618 (AMAZON-AES)
1 4 2620:116:800d... 16509 (AMAZON-02)
2 2 52.210.94.59 16509 (AMAZON-02)
3 3 3.122.111.84 16509 (AMAZON-02)
2 2 35.244.174.68 15169 (GOOGLE)
5 35.227.252.103 15169 (GOOGLE)
4 4 69.173.144.139 26667 (RUBICONPR...)
1 34.98.67.61 15169 (GOOGLE)
4 4 198.47.127.19 62713 (AS-PUBMATIC)
1 1 217.182.200.29 16276 (OVH)
1 2a05:d01c:1d8... 16509 (AMAZON-02)
1 1 159.122.14.34 36351 (SOFTLAYER)
1 1 35.186.193.173 15169 (GOOGLE)
1 2 34.96.105.8 15169 (GOOGLE)
1 1 44.194.225.67 14618 (AMAZON-AES)
2 2 13.248.245.213 16509 (AMAZON-02)
1 185.86.137.122 201081 (SMARTADSE...)
4 4 193.232.148.142 48061 (UMA-TECH-AS)
2 2 18.198.95.145 16509 (AMAZON-02)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
1 178.162.133.149 60781 (LEASEWEB-...)
1 1 35.157.102.105 16509 (AMAZON-02)
1 2 2001:678:cb4:... 56396 (AMOBEE)
1 1 185.29.132.241 30419 (MEDIAMATH...)
1 1 81.222.128.213 20597 (ELTEL-AS)
2 2 213.19.147.45 3356 (LEVEL3)
1 1 104.90.192.189 16625 (AKAMAI-AS)
1 35.73.165.177 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 178.250.2.131 44788 (ASN-CRITE...)
2 147.75.38.124 54825 (PACKET)
1 96.46.183.20 7979 (SERVERS-COM)
2 51.38.120.206 16276 (OVH)
1 185.184.8.65 204995 (RTB-HOUSE...)
1 2 46.249.52.248 50673 (SERVERIUS-AS)
1 34.149.20.76 15169 (GOOGLE)
1 72.251.249.13 29791 (VOXEL-DOT...)
1 2602:803:c003... 26667 (RUBICONPR...)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 142.250.185.166 15169 (GOOGLE)
2 185.86.138.143 201081 (SMARTADSE...)
1 2a06:8640:454::2 55081 (24SHELLS)
1 66.155.71.149 13768 (COGECO-PEER1)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
2 4 2a02:2638::1c 44788 (ASN-CRITE...)
3 178.250.0.157 44788 (ASN-CRITE...)
1 51.195.5.40 16276 (OVH)
628 77
70    185.18.205.182 (Jerusalem, Israel)

ASN61102 (INTERHOST, IL)
PTR: 182.205.interhost.co.il
www.farfeshplus.com
www.farfeshplus.online
68    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
19    2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)
live.demand.supply
1    205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
jscdn.greeter.me
15    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
10    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
fonts.googleapis.com
3    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
18    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
7    185.18.205.174 (Jerusalem, Israel)

ASN61102 (INTERHOST, IL)
PTR: 174.205.interhost.co.il
images.farfeshplus.online
46    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.com
adservice.google.it
1    99.86.3.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-67.fra6.r.cloudfront.net
certify-js.alexametrics.com
4    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
1    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.it
4    45.133.44.4 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)
player.adtelligent.com
1    2606:4700:3037::ac43:81bf (United States)

ASN13335 (CLOUDFLARENET, US)
adipolo.com
3    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    143.204.98.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-17.fra50.r.cloudfront.net
certify.alexametrics.com
1    2600:1f16:bc:1200:78ca:598c:4091:a825 (Columbus, United States)

ASN16509 (AMAZON-02, US)
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
8    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
81    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
11    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
4    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    52.51.91.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-91-250.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
fw.adsafeprotected.com
12    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
48    2a00:1450:4001:801::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
11    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
googleads4.g.doubleclick.net
57    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
cm.g.doubleclick.net
7    104.92.100.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-100-195.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
6    185.33.221.13 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
3    2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
5    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
adtelligent-d.openx.net
4    104.90.104.248 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-104-248.deploy.static.akamaitechnologies.com
sync.teads.tv
9    37.157.6.252 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
track.adform.net
1    62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com
sync.adtelligent.com
1    193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com
t.trafmag.com
1    37.18.16.21 (Russian Federation)

ASN205675 (HYBRID-AS, RU)
dm.hybrid.ai
7    2600:9000:224a:200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
2    3.122.144.9 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-144-9.eu-central-1.compute.amazonaws.com
t.myvisualiq.net
1    54.76.87.218 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-87-218.eu-west-1.compute.amazonaws.com
beacon.krxd.net
4    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
14    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn1.gstatic.com
encrypted-tbn0.gstatic.com
1    213.202.235.8 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
6    37.157.6.234 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
3    18.185.129.183 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-129-183.eu-central-1.compute.amazonaws.com
pixel.advertising.com
5    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
18    18.207.27.110 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-207-27-110.compute-1.amazonaws.com
dt.adsafeprotected.com
4    2620:116:800d:21:3175:5196:e3fd:8c1d (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    52.210.94.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-94-59.eu-west-1.compute.amazonaws.com
pixel.everesttech.net
3    3.122.111.84 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-111-84.eu-central-1.compute.amazonaws.com
d.agkn.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
5    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
4    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    217.182.200.29 (France)

ASN16276 (OVH, FR)
PTR: gcm7.host.hit.gemius.pl
googlecm.hit.gemius.pl
1    2a05:d01c:1d8:8102:6f46:d53f:d0c7:668b (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
1    159.122.14.34 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com
um.simpli.fi
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
2    34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    44.194.225.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-225-67.compute-1.amazonaws.com
fksnk.com
2    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    185.86.137.122 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
4    193.232.148.142 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp3.sender.ltmse.com
px.adhigh.net
2    18.198.95.145 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-95-145.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    2a05:d018:d29:3602:5ce0:1e2e:863d:4da1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
1    35.157.102.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-102-105.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
1    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    81.222.128.213 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad13.adriver.ru
ssp.adriver.ru
2    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    104.90.192.189 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-192-189.deploy.static.akamaitechnologies.com
cs.media.net
1    35.73.165.177 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-73-165-177.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
2    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
2    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
2    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    96.46.183.20 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
1    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
prebid-eu.creativecdn.com
2    46.249.52.248 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
pbjs.e-planning.net
1    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
1    72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    142.250.185.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net
ad.doubleclick.net
2    185.86.138.143 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    2a06:8640:454::2 (Piscataway, United States)

ASN55081 (24SHELLS, US)
hb.aplhb.adipolo.com
1    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    51.195.5.40 (France)

ASN16276 (OVH, FR)
PTR: p17.id5-sync.com
id5-sync.com
Apex Domain
Subdomains		 Transfer
157 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 124
1 MB
125 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274
cm.g.doubleclick.net — Cisco Umbrella Rank: 197
static.doubleclick.net — Cisco Umbrella Rank: 356
ad.doubleclick.net — Cisco Umbrella Rank: 195
996 KB
75 farfeshplus.online
www.farfeshplus.online
images.farfeshplus.online
2 MB
48 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 255
1 MB
31 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 556
fw.adsafeprotected.com — Cisco Umbrella Rank: 711
static.adsafeprotected.com — Cisco Umbrella Rank: 533
dt.adsafeprotected.com — Cisco Umbrella Rank: 484
294 KB
29 gstatic.com
www.gstatic.com
fonts.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn0.gstatic.com
442 KB
19 demand.supply
live.demand.supply — Cisco Umbrella Rank: 31585
36 KB
18 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 165
657 KB
16 google.com
adservice.google.com — Cisco Umbrella Rank: 80
www.google.com — Cisco Umbrella Rank: 13
2 KB
15 adform.net
track.adform.net — Cisco Umbrella Rank: 3933
s1.adform.net — Cisco Umbrella Rank: 7975
186 KB
10 openx.net
us-u.openx.net — Cisco Umbrella Rank: 359
rtb.openx.net — Cisco Umbrella Rank: 1548
adtelligent-d.openx.net — Cisco Umbrella Rank: 17971
1 KB
10 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 293
fonts.googleapis.com — Cisco Umbrella Rank: 47
116 KB
9 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 722
gum.criteo.com — Cisco Umbrella Rank: 369
mug.criteo.com — Cisco Umbrella Rank: 2864
8 KB
9 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 5710
ghb.adtelligent.com — Cisco Umbrella Rank: 5988
sync.adtelligent.com — Cisco Umbrella Rank: 2849
146 KB
7 yahoo.com
ads.yahoo.com — Cisco Umbrella Rank: 913
ups.analytics.yahoo.com — Cisco Umbrella Rank: 283
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470
3 KB
7 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590
7 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 241
6 KB
5 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 595
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459
2 KB
5 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 312
fastlane.rubiconproject.com — Cisco Umbrella Rank: 467
3 KB
4 adhigh.net
px.adhigh.net — Cisco Umbrella Rank: 10726
2 KB
4 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1255
1 KB
4 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 483
2 KB
4 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 868
688 B
4 google.it
adservice.google.it — Cisco Umbrella Rank: 44821
1 KB
3 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1372
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 578
401 B
3 agkn.com
d.agkn.com — Cisco Umbrella Rank: 529
2 KB
3 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 327
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
20 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
158 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 645
55 KB
2 e-planning.net
pbjs.e-planning.net — Cisco Umbrella Rank: 7058
1 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1056
738 B
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1204
556 B
2 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 639
137 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 92
50 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 770
r.turn.com — Cisco Umbrella Rank: 3243
878 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 287
2 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 389
949 B
2 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 3408
185 B
2 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 738
884 B
2 everesttech.net
pixel.everesttech.net — Cisco Umbrella Rank: 3397
752 B
2 myvisualiq.net
t.myvisualiq.net — Cisco Umbrella Rank: 1321
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
15 KB
2 adipolo.com
adipolo.com — Cisco Umbrella Rank: 88330
hb.aplhb.adipolo.com
8 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
83 KB
2 alexametrics.com
certify-js.alexametrics.com — Cisco Umbrella Rank: 6427
certify.alexametrics.com — Cisco Umbrella Rank: 3682
3 KB
2 farfeshplus.com
www.farfeshplus.com
255 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 596
540 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 626
191 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 690
527 B
1 33across.com
ssc.33across.com — Cisco Umbrella Rank: 1648
329 B
1 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5646
184 B
1 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1818
918 B
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 3350
44 B
1 media.net
cs.media.net — Cisco Umbrella Rank: 1922
1 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905
581 B
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 528
696 B
1 adriver.ru
ssp.adriver.ru — Cisco Umbrella Rank: 13446
338 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 421
861 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 637
356 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1044
474 B
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 4594
615 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 39962
514 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 745
713 B
1 innovid.com
ag.innovid.com — Cisco Umbrella Rank: 1541
296 B
1 gemius.pl
googlecm.hit.gemius.pl — Cisco Umbrella Rank: 8640
337 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 890
324 B
1 exactag.com
m.exactag.com — Cisco Umbrella Rank: 10678
1 KB
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 408
338 B
1 hybrid.ai
dm.hybrid.ai — Cisco Umbrella Rank: 6197
238 B
1 trafmag.com
t.trafmag.com — Cisco Umbrella Rank: 6679
351 B
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
48 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 777
420 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 584
82 KB
1 greeter.me
jscdn.greeter.me — Cisco Umbrella Rank: 94996
10 KB
628 75
Domain Requested by
81 tpc.googlesyndication.com googleads.g.doubleclick.net
58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
www.farfeshplus.online
tpc.googlesyndication.com
s0.2mdn.net
pagead2.googlesyndication.com
68 pagead2.googlesyndication.com www.farfeshplus.online
pagead2.googlesyndication.com
googleads.g.doubleclick.net
58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
s0.2mdn.net
68 www.farfeshplus.online 1 redirects www.farfeshplus.online
57 cm.g.doubleclick.net 14 redirects googleads.g.doubleclick.net
www.farfeshplus.online
58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
48 s0.2mdn.net www.farfeshplus.online
googleads.g.doubleclick.net
s0.2mdn.net
58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
39 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.farfeshplus.online
58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
19 live.demand.supply www.farfeshplus.online
live.demand.supply
client
18 dt.adsafeprotected.com 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
googleads.g.doubleclick.net
18 www.googletagservices.com www.farfeshplus.online
googleads.g.doubleclick.net
58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
14 securepubads.g.doubleclick.net www.farfeshplus.online
securepubads.g.doubleclick.net
12 www.google.com 3 redirects 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
googleads.g.doubleclick.net
www.farfeshplus.online
tpc.googlesyndication.com
11 googleads4.g.doubleclick.net googleads.g.doubleclick.net
www.farfeshplus.online
11 www.gstatic.com googleads.g.doubleclick.net
58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
9 encrypted-tbn0.gstatic.com 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
9 track.adform.net www.farfeshplus.online
s1.adform.net
58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
8 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com securepubads.g.doubleclick.net
7 static.adsafeprotected.com fw.adsafeprotected.com
pixel.adsafeprotected.com
58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
googleads.g.doubleclick.net
7 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
7 fonts.googleapis.com googleads.g.doubleclick.net
58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
7 images.farfeshplus.online www.farfeshplus.online
6 s1.adform.net track.adform.net
s1.adform.net
58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
6 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
player.adtelligent.com
5 rtb.openx.net googleads.g.doubleclick.net
58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
5 ups.analytics.yahoo.com 4 redirects googleads.g.doubleclick.net
5 encrypted-tbn1.gstatic.com 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
4 gum.criteo.com 2 redirects static.criteo.net
4 px.adhigh.net 4 redirects
4 image6.pubmatic.com 4 redirects
4 pixel.rubiconproject.com 4 redirects
4 cms.quantserve.com 1 redirects googleads.g.doubleclick.net
4 sync.search.spotxchange.com 3 redirects googleads.g.doubleclick.net
4 sync.teads.tv googleads.g.doubleclick.net
4 us-u.openx.net googleads.g.doubleclick.net
4 fw.adsafeprotected.com 2 redirects www.farfeshplus.online
4 fonts.gstatic.com fonts.googleapis.com
4 ghb.adtelligent.com player.adtelligent.com
4 player.adtelligent.com jscdn.greeter.me
player.adtelligent.com
4 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
4 adservice.google.it pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3 mug.criteo.com
3 d.agkn.com 3 redirects
3 pixel.advertising.com 3 redirects
3 static.doubleclick.net googleads.g.doubleclick.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 www.googletagmanager.com www.farfeshplus.online
www.googletagmanager.com
3 ajax.googleapis.com www.farfeshplus.online
s0.2mdn.net
2 static.criteo.net player.adtelligent.com
static.criteo.net
2 rtb-csync.smartadserver.com googleads.g.doubleclick.net
2 pbjs.e-planning.net 1 redirects
2 onetag-sys.com player.adtelligent.com
2 prebid.a-mo.net player.adtelligent.com
2 bidder.criteo.com player.adtelligent.com
2 static.xx.fbcdn.net www.facebook.com
2 www.youtube.com s0.2mdn.net
www.youtube.com
2 x.bidswitch.net 2 redirects
2 eb2.3lift.com 2 redirects
2 tr.blismedia.com 1 redirects 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
2 id.rlcdn.com 2 redirects
2 pixel.everesttech.net 2 redirects
2 t.myvisualiq.net 1 redirects googleads.g.doubleclick.net
2 pixel.adsafeprotected.com googleads.g.doubleclick.net
2 www.facebook.com connect.facebook.net
2 connect.facebook.net www.farfeshplus.online
connect.facebook.net
2 www.farfeshplus.com 2 redirects
1 id5-sync.com player.adtelligent.com
1 pixel-sync.sitescout.com 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
1 hb.aplhb.adipolo.com player.adtelligent.com
1 ad.doubleclick.net
1 hbopenbid.pubmatic.com player.adtelligent.com
1 fastlane.rubiconproject.com player.adtelligent.com
1 ap.lijit.com player.adtelligent.com
1 ssc.33across.com player.adtelligent.com
1 adtelligent-d.openx.net player.adtelligent.com
1 prebid-eu.creativecdn.com player.adtelligent.com
1 ads.betweendigital.com player.adtelligent.com
1 cc.adingo.jp 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
1 cs.media.net 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 sync.1rx.io 1 redirects
1 ssp.adriver.ru 1 redirects
1 sync.mathtag.com 1 redirects
1 r.turn.com
1 ad.turn.com 1 redirects
1 match.sharethrough.com 1 redirects
1 sync.go.sonobi.com 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 ssbsync.smartadserver.com 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
1 fksnk.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 um.simpli.fi 1 redirects
1 ag.innovid.com googleads.g.doubleclick.net
1 googlecm.hit.gemius.pl 1 redirects
1 odr.mookie1.com googleads.g.doubleclick.net
1 m.exactag.com googleads.g.doubleclick.net
1 ads.yahoo.com googleads.g.doubleclick.net
1 beacon.krxd.net googleads.g.doubleclick.net
1 dm.hybrid.ai www.farfeshplus.online
1 t.trafmag.com www.farfeshplus.online
1 sync.adtelligent.com 1 redirects
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com www.farfeshplus.online
1 certify.alexametrics.com www.farfeshplus.online
1 adipolo.com www.farfeshplus.online
1 partner.googleadservices.com pagead2.googlesyndication.com
1 certify-js.alexametrics.com www.farfeshplus.online
1 code.jquery.com www.farfeshplus.online
1 jscdn.greeter.me www.farfeshplus.online
628 106

This site contains links to these domains. Also see Links.

Domain
twitter.com
sulvo.com
Subject Issuer Validity Valid
www.farfeshplus.online
R3		 2021-12-08 -
2022-03-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
demand.supply
Cloudflare Inc ECC CA-3		 2021-04-21 -
2022-04-20		 a year crt.sh
greeter.me
R3		 2021-12-22 -
2022-03-22		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
images.farfeshplus.online
R3		 2021-12-08 -
2022-03-08		 3 months crt.sh
certify-js.alexametrics.com
Amazon		 2021-06-14 -
2022-07-13		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-10-27 -
2022-01-25		 3 months crt.sh
*.google.it
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
player.adtelligent.com
R3		 2022-01-18 -
2022-04-18		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-02 -
2022-07-01		 a year crt.sh
certify.alexametrics.com
Amazon		 2021-06-14 -
2022-07-13		 a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon		 2021-10-12 -
2022-11-10		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-12-08 -
2022-03-08		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2021-08-11 -
2022-09-09		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
teads.tv
R3		 2022-01-03 -
2022-04-03		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.hybrid.ai
Sectigo RSA Domain Validation Secure Server CA		 2020-07-07 -
2022-10-05		 2 years crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
ui.aps.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-07 -
2022-02-23		 2 months crt.sh
*.exactag.com
Sectigo ECC Domain Validation Secure Server CA		 2021-08-16 -
2022-09-14		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2021-04-22 -
2022-05-21		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
*.innovid.com
RapidSSL RSA CA 2018		 2020-02-07 -
2022-04-07		 2 years crt.sh
tr.blismedia.com
GTS CA 1D4		 2021-12-23 -
2022-03-23		 3 months crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.adingo.jp
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-26 -
2022-04-14		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
*.a-mo.net
R3		 2021-12-28 -
2022-03-28		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-15 -
2023-01-15		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2021-11-26 -
2022-02-24		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
hb.aplhb.adipolo.com
ZeroSSL ECC Domain Secure Site CA		 2021-11-24 -
2022-02-22		 3 months crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-24		 3 months crt.sh
*.id5-sync.com
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh

This page contains 74 frames:

Primary Page: https://www.farfeshplus.online/FP45.asp
Frame ID: 34ADB385AC147720105EB153BEA3C8D5
Requests: 170 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20190131/zrt_lookup.html
Frame ID: 88AB47525BC4F247A347ABAB3A4E23D3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&adk=1812271804&adf=3025194257&lmt=1642499837&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837082&bpp=10&bdt=543&idt=204&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3444761792216&frm=20&pv=2&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=223
Frame ID: 403AB3EA3F0EA962874E9404190346E1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=250&slotname=2097210043&adk=239546933&adf=355767990&pi=t.ma~as.2097210043&w=300&lmt=1642499837&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837372&bpp=3&bdt=832&idt=3&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3444761792216&frm=20&pv=2&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=3946&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&btvi=1&fsb=1&xpc=xy9UMBP64u&p=https%3A//www.farfeshplus.online&dtd=8
Frame ID: 59DD4818D5A1646A54417E3439C5F6D1
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=600&slotname=7260452004&adk=1988084761&adf=854766408&pi=t.ma~as.7260452004&w=120&lmt=1642499837&psa=0&format=120x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837093&bpp=2&bdt=553&idt=293&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=StHpO5pIwn&p=https%3A//www.farfeshplus.online&dtd=297
Frame ID: DA29F6CB8B7379F30E5AACD8CC4138D8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=250&slotname=6076681977&adk=2278793534&adf=1225210277&pi=t.ma~as.6076681977&w=300&lmt=1642499837&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837424&bpp=1&bdt=884&idt=1&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600&nras=1&correlator=3444761792216&frm=20&pv=2&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4681&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=12&uci=a!c&btvi=2&fsb=1&xpc=D5s87EYeoK&p=https%3A//www.farfeshplus.online&dtd=4
Frame ID: 02630BC48C3BE44EAFB13676845443E1
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=3827245123&adk=203976336&adf=54630664&pi=t.ma~as.3827245123&w=120&lmt=1642499837&psa=0&format=120x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837095&bpp=1&bdt=556&idt=337&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&xpc=wKGiLfP3VT&p=https%3A//www.farfeshplus.online&dtd=341
Frame ID: B852BEA19BE0E4347059E4E4B17B5FDE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=8400035594&adk=833794805&adf=3132389021&pi=t.ma~as.8400035594&w=160&lmt=1642499837&psa=0&format=160x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837096&bpp=1&bdt=556&idt=371&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=5G8e0EK2V6&p=https%3A//www.farfeshplus.online&dtd=384
Frame ID: 45E86FD75404CA9A4B50700037093F95
Requests: 1 HTTP requests in this frame

Frame: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 23B43D74C1E88AE7A9D1AF8336845B6F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=2065248459&adk=1530395088&adf=1056458448&pi=t.ma~as.2065248459&w=300&lmt=1642499837&psa=0&format=300x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837097&bpp=1&bdt=558&idt=496&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=spoXDkDko4&p=https%3A//www.farfeshplus.online&dtd=501
Frame ID: D251622AB0D62AA6DF7230F43ACCDEAF
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1738279810&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1642499837&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837136&bpp=5&bdt=596&idt=476&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=utUxa3igyK&p=https%3A//www.farfeshplus.online&dtd=480
Frame ID: 29752E42362F8C9B0918EF31D20E2D79
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3388934107&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837157&bpp=1&bdt=618&idt=478&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=OQC0fQNSPT&p=https%3A//www.farfeshplus.online&dtd=482
Frame ID: 0C3876F3CDDDDBFDB83A938C99B76ADB
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=2889027078&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837175&bpp=1&bdt=636&idt=488&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1482&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=QKk4MsTAEe&p=https%3A//www.farfeshplus.online&dtd=490
Frame ID: FBA24A537BB9A061509BC36D5CDE7B95
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=194721897&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1642499837&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837225&bpp=4&bdt=685&idt=465&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=2416&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=MOK4ELxiBJ&p=https%3A//www.farfeshplus.online&dtd=467
Frame ID: BC18729ACD22073A92DA22B620B08A8B
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=280&slotname=9134183485&adk=3378407940&adf=4248194979&pi=t.ma~as.9134183485&w=336&lmt=1642499837&psa=0&format=336x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837268&bpp=5&bdt=728&idt=432&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90%2C728x90%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=3181&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=5&fsb=1&xpc=UYbEHJCse8&p=https%3A//www.farfeshplus.online&dtd=434
Frame ID: 957334C1BC1CD70CD844EDEAD99CB933
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 49E094A332C935079091B7B0E8CF31FD
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1
Frame ID: D85EB6D24A5B2B3C1CCCF5D35C24BA47
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1
Frame ID: 20327F83A9B3FEE2F498A67202EAC9E5
Requests: 8 HTTP requests in this frame

Frame: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3942685BE6A1DC5119DB270DCE74666C
Requests: 5 HTTP requests in this frame

Frame: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7B738865916CF1AD51EC8E79B63A9B32
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMK8XhDJqr3dAhjop9m-ATAB&v=APEucNVqiMlNqeioD9uY7F4EDjBxkLtRkP2EpcSdZS8cyrxlMXV-SXyBgbfan32L0vcls5ggkChd6Do3A1RSfAytZXmeshT18edVgMHBU32oaerBlYeIw9JCqMg-ECo5BPEi9ft7W63j3lPG-2pFLBYiHcgdpWX1WZZ29cYibOhtasIy5gQkj2U
Frame ID: C6438C90ED24153EB4AE43CAD9E5EA4C
Requests: 5 HTTP requests in this frame

Frame: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 845855B94F754319C2446464FF17D50A
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQo5yvhgMYzseQvQEwAQ&v=APEucNWAWLJUR5riBj2OUwJ9DZ0FO7anhxH1bejFQLyeq_j3dENesBaQotGM4SuNFIP9MO_aTCHq-yJCYvVG8mSJjwutGGWvXDee3y4BuGBZzq2MOw70VRr_39w9uHkseKKryt442VFKN19ld6vCmXpKmTYPH9XJQKbWQvdrVDG3b1NVe1YcpvA
Frame ID: F9C592487334FF8BFD7ECC9C35855DAF
Requests: 5 HTTP requests in this frame

Frame: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4E33BA9055910DB00C1900955D7CE075
Requests: 23 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: AF7CBF2025DC2761BC959A6F894888C8
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
Frame ID: 1E14D442A7AAED0E7A904D8282F4B3BA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
Frame ID: 5C5FFE0CA67285064BA3819EEAA89FC8
Requests: 1 HTTP requests in this frame

Frame: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 33A4612C9EC2B663AF7D989A539EDBF8
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIPUjgIQw9WUAhik_IufATAB&v=APEucNVvvBNaWYkkhAqT7IdKeKPXKH3GMcCwBgtV_fYkpfd97Dgayz17FOqq6a9DsH2XbyHIFuPbfRjcTalw_Yy0sS2DswvlNh61lSIqUHUtwRw5dlhUADhx-5MNbQ13M8iFuXerW_odaSC6fJPi7x_5U9zF2CASo2fY3_Z7ZoHy6bUrbOt43LppnmfruQoYs3kMKoHCmaFytCAN3-1t8W4Tbs2UVUlLnQ
Frame ID: 97D6C35408C003F9B9B0034BDCE93D43
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Am4lVa7EXCjIhjv4v_MzjKQveQyzX_-Rhrz4VSjzQ084fcJKY1D8RYgLXJufDUB7rF0wk0EY3CogisQuDfjVGOJtnVLnAEIJrpv63R037_B_2lNEDrypSettXoJryx7Cq6FXv-JLQD_pN-zfv5lJwjq3K3wQ&cry=1&dbm_d=AKAmf-A96ypXuddUBHumdV9L_EVGzQ_XYUiUQyUtpvdP9PtmTEmewr9Z9kWeE5VhscuOi-nEifk98kntbGFktnxxpvoKJyidZkIFA9qAQsNXJL1Ov-CiVC2PtF4fj7TkVa0jqov1Tu8KA_o1UGV1NuZ74DnpCCr19hHbXWn_Pe75x7y4QlprGsDvxYhEW_baWcOMEmltj5lEy0ytS97w-0x3bqeH4ZzQVq0G01ndK00poP6_tVHz0l8P1O9lfb_oMaqYGkC8G4dJbI7UobkH51fWwmbQiTuzFdC_SIFm9hTu0FCP7BrvoOLYzJOdDzq_uo9ltgz5qEyiEZEnjdY1xFFgZVxRRZObr4ESFiJnJrsX1nvLVJb_znbq8T7HA8lUfcbNdTotFrvtYAhgoCXd9-qW_LeCm-FVSjsbdh3d_TAx2Mt6HUcVGysnZWmNIM8mFO2h8fR59bpkHp9h20-F6t4B4LYT3FA7xyvy2mCZ7RWh-cIns-NT3kh53oNKPOKoUfHEBTQ-yLt0P5YNqunnEJtcFLFfRQ6hFbq8ZnoYtJ-kkCqTWdkamNkVxYNkPGLrtETPHu51dvkutzny51jd2qriCLknI0p8b6OapeKI86VryRtkYo9kzxs-NyuTivVX_A3BhWnHRa8hAVarXLRWjn2UbKCCv6z__1V9lbcs9UXg8jfIRkF179kArIPs7gZA2N-Z0yoS_L5dS4Ql_4mBM3EfDcGp4PaRBvMtrnly_H3sr6BQi3EbGJo1EKpDJolVL-n2ylYTFCoa290oUr-xjgKIusMTnpUAxbzImasHMQhob-y9AdS-zBV7LsVItXYmDMAzcy6vgovEvMKz9mXXdxyIhLILVrPpW_SYOj_t5Xr1FLZOTtDzZHf0nLdf8T_QILJd4ejA1MZG4crAdue8wkOohwMARnmaxQabkSEFkiiwxj3F6NiOdQVPTVbXsJcRmVaPebGyemIOUASMQdVoZU43OB_FHFogR5Mvh0vkfCHZ_cd2MGP4Tz9_Rj9rJmGESOedCt3h2FE8IarBteyTUjb16Uj77dA2y-M71Nj7HvvmvHO3OZyFvy0dGrAS22_JtOUL1qr_ZgDHQMkm9HV6XmDN5CEYy2H7Ovg9dMs7Tstk2p83mDxp_Iw3-NuBu80Rb8LA1MWlR9ZNOh7LqDPUAS6WnODt5C85VtnrLRjef01eSAY2Lax3nb0wYa5ouK2VkdaBLj8UtebXo0Q8cQ3znDShKtzdPqUS1GKuTUQK59sh4pm9jv7vf8a5YGSqhYZjMMC2h2_hemzYEakZ2SLeCr6XCKukEbYyIA47lZAyLN1M2Pfxwv86HUja1AxWc_0hQBy71nYfbfKzXODhoUMDPJfZzVbrlBaqn9f96bMHwgONIbVvQ9iQyZ9lj6s5UXu2Z1GPIurni9DjpLRm_X9wJyz2pwXMx0u8zzF0dkVVthCWTurxvtjEn0MuP1vZpeFz4it8jBoaAaCOia3cQJ28-iiPP8jI6T8Zak3gpVUU94cRxJy_hdRt6bs-LBoJzSunYYH3HdgY-vTb6aFe5YsdTrhw1QyXiZzM4N6YHw5x8RuvIeUvxedXAO0jfo5J-PJHq6r9wxcXbCCU4DFs80tKRwAOLQhip-3c_OyTDc_PVQiZqSJUFJDoMSEs4U3nwXTByfvKMihod_C_FZHDk8_h16777kPVouXTWm6N_HQ8y8m5_4xJgn9Xo0COfbWPv7QAIhWHMYrwrmZsWLG9Fa-jItiMa3eDiM0emzicTt7L1jCdBceeRliB-2aAS74Z15Mtyd3wU2DDgsQRqW2nfLGAJ_x59DCeviEtPRJaxL0eWUCDp_EqJxTK3XJybKiMkquoBp2s93_dD8rjAHl5Y65xewGN2s67Kr8gbmyNdUIUUGCLvQ2VqWuuYpqocz-AbFU0x1SWgVZfrNhpPuPOVez27lAbFR54VFdjztLNcaj1FDX4yD0GhCDx8-QH_WKivJwTJanuA8OhAH4z_cdW3P16zvuCgy_afQpTo79eNUglg8UL9IP7neLUYvPWk5qlaYowLKKCKBKo0QJKM4RaKxUfYU8bIlkwbQDMxYksUYrHI_FqPGf0rcfJm2x5AEyb7i_yrBdF_hIx5UB0v-BkXH_TzZRCXJneBB7XEADZxegqvRE57XnEkMsiFNima-EmI-elLcAAfI-XpuoJlJHV_Y8LcCvSBdP_D1X4ck0RDGo4II_RbCVhGaUjaYmH3uxeMKHW8aSc7zjdylBQU2FcGNLtXVWiQSHfNhBfzX_RcMyRqvIlrmPVJRsmDFGNCms4943cSuZgXdoYfHNePoAvEviM2KR2fjM7z0FY5w4hvYtPQNJJTEvNiXWMKOFmkNN57AJR9X1qFci0NizjFkC6_mXVvKUt21NhLfqC_t56x1Tb4U92AUc1UdMzHm7OpFEkRz6lRNJ9y4C2RoTUbvT8Ryu70sLNGFYWOaK3Xan6nWsLj5Ktpdu3os3JvBqq_Y2vqfKFAIhA7egL4UWr6a029LboC4ij_40FCVDhPS2ub2EeH1mb0eQrDjfsdNx1RAsVfTyheGyHqOOhC4-5K9mC3brHCS6WTOpnDyQluk5y6KZBU0GrCER5RJshrRytEBxvrqmj8hWkwm7G3iH4y9RnM1SSi2cfoPHiGg3Z95zjXrk_ig4Qw5vCUI3hj4qVZNucrpPHuI7A8T23BJ22dOHcTQgAOh1nhxNealjerigoxYL3neXbLwmIwK7ysNSYAcFkYo-gnSMUq8JNgICzDFTr17Bxvmjp4bbuej6Yf452WsFep0YhyApG3X8CRVGjgcDh5_Bjqw7qcCGqfAPemZsj1WZYI2ywdJ6oXAO50fOrdsBCfqvVWmowP4R4BYxGYTIao9tiurjuPmylNrrqJkQLd3Od4yEb15z4IL0FFhkj_QDNuVUPWo4FbP0kV3HrSvKKK40pRCX9v6vmz5Iyy1Y6L5lCLQVcg2Eow_47we-kZbtp0YiyO114u8A6xy1CbijYgj-AJdCzugmFgSd-5baL_bIRF9Xvt9Q9_13C5cqhZj0MbCAGpRg4zPWYZiNVjWaQZAi7hGWIu82rG-42Am_oJ3ygL7_CXw6oh9ubF0h9oLTmUDvtIXgxza1G3WeF5USuaDNj4wiAL_o63ybVwbYBVurFYwuyyT-gXeASMX50EXvIDSgu4l8EeC8-TcxuGiA4J68JrRHbzc7N7ITgmHXbtxAzIJwY-5JCtc7jdq7M9gnfdSW-1-RzlR8Q-TPsuNFsjnsY97X3FmY5AydavssqJ6omlyKe7FW1TNuewOkJ-R08pOq7AMV7j_5Mw4k_uk_MJb0c9U-xhmt5zGu2NdOn3uTphEtTiX6p27UyLA&cid=CAASEuRoK5y8vqmBhiyh8dLAoQo3oQ&rfl=2%2Chttps%253A%252F%252Fwww.farfeshplus.online%252F%240
Frame ID: 5F35F26C26A1163A3D822399CB9B938F
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCE4EIYzrGLCzAB&v=APEucNWVm7VKWfC0tRL70MMgrzPIN7lYZaDsXps48W4C-byV6y8YOfAuR040t_uxQ5bIKyNRSRixLFdNxnV7grDAdBexRi1StgwQKy6-tiuzOoZfzocBVlAy7_iu0xskdosXM2WLOADSWvu67MT-9aybSWvswactMISzFC7thM3uI0n2-ySNr-mwMaQFGMeRmpL5VUh9X3KKPfu5aVNAperkAwnjrgfC1A
Frame ID: A806B393A43E34FFBC962049762D7258
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvochCQpY4CGM3Po74BMAE&v=APEucNU8ty2_bxHIt5Mt3tYisM1JTXZUWSYNWCn7z4cYvWfZc2YniiAhsa7dzdqZ_7_qJC12NRAw4FmbsINZhvENSUOKHgpzTWvs-sKFWdbUnObtSLEn610HfWHs0FwppA1Cp7I6srJm0QU5fjEPt-5weAt3HLLONLfcqLnSxDVceuqUnr26o4URDAmFxjxiGfm7TA8LUETjs_6vZ11eZXvCKNj0Ud_G_g
Frame ID: 1A62DEA8D905E860AC19DFC0EE148A3A
Requests: 4 HTTP requests in this frame

Frame: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B159B3E5A2975A0F77931D858FB0910A
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/load_preloaded_resource_fy2019.js
Frame ID: 33554644FEB3099B7A91C0FFE5B86AF9
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 26E86AA685197ADC811EEBF4759DDC7D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E9D189C9868AF86753254BA017260F81
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A077D4F505E4844637C17CCBF73CA322
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLz84QEQkMPrARjtjMG9ATAB&v=APEucNXCHf1eejfV0EcvwSNzfD2YILePzjcxA6POwAfqDm8hf-S50lyi3HTcnQIrDYid_giHxFz7WMeCOQcsHyMcSjJpQIY2uyuJrktYtJgFYs69CqzGETbOMjMb3zM_uTShjL1WE9WxglU1kCeH56sZjQa-liMasWGhKRLkea8CuWfSxffsFt8
Frame ID: FE5131C94AB0D748CA9E40E707CBF68A
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-De8XvCQ8b5l9wdyelAR59kGt25wg4o7XF3HVCUq2KZBgffsSKW0uaQOH3c8OH0_HsDIDPdvgHI0WFK7xvbIS0aOQMS8pbanXyz6Y5LObem7CqZ5l4ccpwSu-6qk4mPbhA9ypQHEQ76NVDK79Af5KKdsYEqYQ&dbm_d=AKAmf-CtCek3eTisLPE0VsAheFMkWVWnlZW3Ti74j_e_9H1nlsR-ISRJKf6oCmxq7xVIKzHHipywgg25yh4J6bQHaWs693g-wYeTolxsn-Yud9rT4WIbc9zsHzJZEXDV0Zqy_5dDtrmPXuLDgI0M5fTfmndnQFCQBZvSjuD4B8ImN2KEFs_r8dxnjRHT3xNw6fQRJPAiqDRSivghnet7uoJ-hENuQMcIHk0R1rzs6qy4T20fkPYYENYgm2evMZNKmdBrtAScFoag5DuQXeX2bBtnv0_wBYUJ8JX5tbLBTLKeO1WtdMGdBFAfYLD7DTA-sZrTVnlbprqFf35wVYhuxv9awJGJPuFnUP-aO13AI_WQdInUCRG_MhTnl9LBM373QdDFf-D4mJzamQ4Gl3Qu8JuNXyyWxEremzOnIWatMOO9rd7KmgYh7CiHFQpa0Sk4nB-jZLPwQEl5VWt8Jj98vzqoXWywNQLs4vvOmB9e2GdsDeJuAXYMDK4wCxYXsNeQ-x1tqUF2B0UUmPu9ThKwfXqLGYZnZsC9PRJXEt0KQpp185kjk9dRoMglcWxvpj7JSzcmsvE93taaFP-45Wc1V7WW8Gwg9rwmSsMphH3Ra52cS9BGRxI2arvp9kYm7vUJfOiKGxH0VZH55kEzN5nxICi90wS_-Y3gTbtL5jBynz6nH2S1SyQKowJ2rJXBWEvSHd5eyG4TF67c9C3kV9MStZoFhKbNh6tOQImhq77FtiRzh1HG-6zGvnvawT1di5cnHwBIR3W-5_wrg70kSa3WiCQsp8zMrlk9vJPjkvHspo6R6OsjnxTnixj71VHkvAraQ_ZWbCExLFP69vlxLX00XwMviLm0gemUxub3Vz2lVmFl6DZ2fU-vTibsMwjY-hBHINtf4TuEk0LYsUy1XJp0QPxOCp3WehQV40qbvOCLUcOLpogS7d3FuUYSiNYIAneBgghoS5Z120sqbJwg0pVI475Hlzjg_-RwNGEKWutyeZm9uIT_5CRnkolN7hGCU7EcFew_uA_6u4hjWu6GBzZrzekqXB1mbLvfdIDJAG861Ygd1q5-9BpkhkMGBVTDpbSVt9EDfT5IY3upJ7F__PFC0YSQbJYJjUbKyD2v2afUa3tb_rV8Md2KE2JVbr31l9OPwIivbPDxkLKyDGEgttV2LbxCCf3pZdeTdg4G5WQtcoxNcTPpruw88NA7aTOFZWoycmOOmNHCh1gbzaLNRqDb3TNzCziSNibW4-ShBDjbIkkBh-znaM36VcYC_tE25Fgrtd0FWB-MGhCv1zg_Unjtt7hzFsWqR1DbOu9qcuT1CXgZqwcfMgO9Ym9-23wI2TgXw6wnkag7h6UnMNNraTk_I79o6ZLODMfWK9C098JoBh09dZkWwV62jLLg9Fehk1fLIuwDsMwrIY__pWxeZK_vAGZwSqyIh9QF4wqKnRs8QjqBJMFE9s0XLxswNJ7_LAYZoJ5FRVwR3g9NG-v4KmG13b8-d3hbeQMVus1AgXhbD70JLgW4fC4HQjzRB6WT8b3IXYiHYX0ho9f00-r9oA8juQtffJpd6e_LYZJy549sT_8oufqdILLrTuoccDu-YJL4n3cRZnxGMH2PYDEZmg0-DMJDnunfk0PBFu8HYivrIC52lugW9DqtAx8TFh_QUnS7ZKd3m_zumKHtFEPSJoiNqvccJI0VrWP61hYN91It3ohKLbS6ZP1TMI_GPAr_SwMsceZeT-cGojG_MHN_W2cQ8FLJQeh04rzUCEtvCr-0J_lePlkwfR6_bcTx8xQeAhGL8bPVdFvFRMRnsM1ILusRgaj8u0K5OX91OrM0pbKcUaBZy7gnixRlrJhb0_50x1jmdQrd8u9yBWvvlFsOEZVYST8CjqFk19jnvf-oCwzAwrBrPcVL3d_IfSkGbIjfMTz1CJaEV3ieo392FjzlABB-KIcFohLRT4Rb3kieJMY6m9KJT35BUNBRzWP_WBDiF5iu_9sUXEQzU4keFrXkI_mwKMSFBoTK7ushDu5VqxFQdiozCjDdry8d4JniMz7DmMg37_sUmlIFeLJf6yhQbOMdvpPxRZek7VAYJ_YcLIBVdAQRQwV63de2yhVxWYJ1QCtT1upTayePQ5Gl9FgSGLyjEHFr04S6wQcDgNGK8ylFg88cOak6ATK9kmU8RDSmBZ4W2uUJjuokM5xOfJy_Fatjc4tSapUpZRlUbQxcKO_5EzapoUoC5eiCcEIa2L2cxRryp0UyZE9-UPHv-1eyjzyGfpcNwEfgoIv6oi8N0m0XBwONSbgpakBsinQyJoNW8lgKd0bUxyT1zKwAHStxlaNbjUVuv2_7HKthyt8ElL4MN45Wig5sA2LbbFmpFuqN3AQPwrOGDdCLOKPb2aiaPCzWOmeC8hB7dIE8qmZwIueAiXcHdaYtF6Pb6rnew7Lvy_tZp4Druya8e-pp9xpnm1uGbmMqlLtDskVCYUJ3IwTh7DbAyBIZ2t305F2kK7cGqYJSebHig1Zg0XEzVyel524lwt7NQZ8cwNJ0n2aVSWFkx4S60G2Lj5K7bDWMZZT8L0J0VKKoealM9SoNZ5ugdLwVTaPryJ1zXhIj_MTl3eYA_GJ1ybmfhX2LMLq-pFmUeeJDCtxaOxcOr89C2uNi4PQrK10yrMg8BDvyxRQTe5kVqT0oSbWfoh94dujTdke6MCS-mmyCH0D4yICuYILl3NUL8zif1GE9IZkee15iQhdzSP862AOh6xPocNMFcUm1wfkPnN4GQQXpTs-DmVQ4Y3oABqK7UlELdDRPc_-a5gpRV4-PLp0Voz3EmYhjBDnKXMHdBtYBBzd2aPMDrdJ1pSm-joZyMIJzzeyAk81SRePm7fG-wBbfwDjgF078SLQg83jJ0A56B0haXZUpBdHKn7NyW0vpwXAdYMse3ahfCkcU0SZlpJh8uhgNb93w7kwaGPpD3ZcA9wq9aGnJNb9Hbw1i4egCAiVC98j835Qh9k5q26q7R1j_gCfOsyZfJyJCq_1-0z1Zq7nntKuun5OtwNb5R_wp68NwhtwlzxEFqFMZ2QOP5xtO1ExCkoSdNTZKd2m7DL2VJHlm4FpDUDXo5uf8DlGYQgtQne9-GiV2XrOvuRf9_hJpTzifgNWXhbY83t52n4zB6jV2HMLPALz1nhT1TpRs_QhzHnSI8DaniRH2S3yk2MAH9sETEfQ&cid=CAASEuRoZnNEHxPsyAtDHH6oeLhxaQ&rfl=2%2Chttps%253A%252F%252Fwww.farfeshplus.online%252F%240
Frame ID: A688D024C87BBF36343B23DA884CF881
Requests: 13 HTTP requests in this frame

Frame: https://s0.2mdn.net/8247523/1641901381889/index.html
Frame ID: 0D5164A6A86B93B67ECABC1A75BAA144
Requests: 6 HTTP requests in this frame

Frame: https://s0.2mdn.net/9903731/1639473459339/300x600/300x600.html
Frame ID: 53C6FF6F01E50B39F3C7289B076A5066
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15669929445323564715/index.html?e=69&leftOffset=0&topOffset=0&c=gNPp4LbTL4&t=1&renderingType=2
Frame ID: B183E3EFBE69B833F08ED26B9A4601D7
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0C514AE882A2D8CFD932E0A7D0E8F41D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9E51E2758534CAB9BAD2E898104F1789
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4830309080732D4830B0C8E7412B56E1
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
Frame ID: 9701C002A54670DD085538D4EB6B14A9
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 77D5DD997472FB4C98037732E2F03AAD
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/creative.html?e=69&leftOffset=0&topOffset=0&c=8FaVaRFRv5&t=1&renderingType=2
Frame ID: 3298CEB5A45801E802BB590630528354
Requests: 22 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3B5E0B77F712626EDEB0D759FD11C751
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DF2A4AEAE6B68C15017032BDFB39C0C6
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/9080513/1640100692999/DISP_160x600_ACQ_na_AQ_Multicard_2021.html
Frame ID: 95B68B936C0B1C868DB8F4CF911B8CE5
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
Frame ID: DBD9EBDBDF463A632D4E927B3CD985B1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 45563EC2ACD7FE09D8B1349B5716E76B
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 2B59BCE9C90F8866CEB39025441E7FD1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5E7F98A8EDE445BB5D6DE5FFC3FCABF7
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
Frame ID: FD7FBB6E0DF28A73DBF4CAE8E4FBE128
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 77ABF6BAFC5B5FAA3ED8F3682AEE60F3
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4D2DA7D8498E3840F9ABB48B244A0F50
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E74D0A89CDAD0874BCB5C661BB8DC013
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E44410AD86130E792C4A258C9DF4DCCF
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 67765860E58158E79E7193CCCB83BE4E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
Frame ID: E375167375E2A462D9CBA8079F41D0C1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AB581879A7DFD9FDB6E5A1B186647E01
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8A8C398542C2DA51D8549638F5D63FD0
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=382287608570983&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfbeff7d93ff9d%26domain%3Dwww.farfeshplus.online%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.farfeshplus.online%252Ff378b3b32a76e08%26relation%3Dparent.parent&container_width=100&href=https%3A%2F%2Fwww.farfeshplus.online%2F&layout=button&locale=en_US&sdk=joey&share=true&show_faces=false&size=small&width=50
Frame ID: B496D3FC2142F85782292FC35378E054
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
Frame ID: F1B5D97DE20B4C37C3069605B947F460
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
Frame ID: FA2B9A97768720D4DCB1F2D5FAD28DB4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9649C2A7E7B82D78509B1F6240BB3013
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A4BAA179F3EA2B205961F8AD93D6FE05
Requests: 2 HTTP requests in this frame

Frame: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B77CF0C9807C1A59162A3BFF07FD72C8
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIPUjgIQw9WUAhj3kYabATAB&v=APEucNVgYndRprl2QAFUf1Yx8JSbQpzqsux3U7W92uvQ5DRo9Iz-Wz_AOaFyKGIdLr5pYQ8tZ8Ct5XayrvvRKXsRvTYxxaU5B3US9DmKZKBmi5VBcTdqVwtcOTN7-ra8KYax5ZAn_ekzaNV5ytBFihh96F4jleAT3GCSx8YWR6pWKMC9yDj657o
Frame ID: 9DA0AFA169411A12EF5883EE5AAB6798
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B8FD587D368D9D1F06892C210B6CD19E
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 44D8B349EB34EF36DDFB8913E3FCFAFB
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.farfeshplus.online
Frame ID: D7DB002F5864F66B20E01183EC5E830E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Farfesh.com | موقع فرفش

Page URL History Show full URLs

  1. http://www.farfeshplus.com/ HTTP 302
    https://www.farfeshplus.com/ HTTP 301
    https://www.farfeshplus.online/ HTTP 301
    https://www.farfeshplus.online/FP45.asp Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

628
Requests

90 %
HTTPS

34 %
IPv6

75
Domains

106
Subdomains

77
IPs

11
Countries

7570 kB
Transfer

17574 kB
Size

81
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.farfeshplus.com/ HTTP 302
    https://www.farfeshplus.com/ HTTP 301
    https://www.farfeshplus.online/ HTTP 301
    https://www.farfeshplus.online/FP45.asp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 224
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 234
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAxIdgXNDGi4hBZXgYlVjZI&google_cver=1
Request Chain 235
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YeaO-dp9OUtgjeqPLoebGgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAxIdgXNDGi4hBZXgYlVjZI&google_cver=1
Request Chain 236
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDLd-dbc5oht-CQkRrEDZyI&google_cver=1
Request Chain 237
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQxOTgxODIzNjc4NzkzMzcwNg%3D%3D
Request Chain 249
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPxS9VvqUP9pv7CV_HC1JkI&google_cver=1
Request Chain 251
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEA5X2ZqbwNNBfySFjnpriwc&google_cver=1
Request Chain 263
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=d13c6ca0430f3af5
Request Chain 319
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAxIdgXNDGi4hBZXgYlVjZI&google_cver=1
Request Chain 320
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YeaO-dp9OUtgjeqPLoebGgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAxIdgXNDGi4hBZXgYlVjZI&google_cver=1
Request Chain 321
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDLd-dbc5oht-CQkRrEDZyI&google_cver=1
Request Chain 322
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQxOTgxODIzNjc4NzkzMzcwNg%3D%3D
Request Chain 326
  • https://t.myvisualiq.net/impression_pixel?r=[CACHEBUSTER]&et=i&ago=212&ao=693&aca=27011600&si=7079041&ci=164558803&pi=324858083&ad=516984875&advt=8247523&chnl=-7&vndr=115&sz=10125&u=$$23268776_14569750229_399922152$$&viq_did=&pt=i HTTP 302
  • https://t.myvisualiq.net/ul_cb/impression_pixel?r=[CACHEBUSTER]&et=i&ago=212&ao=693&aca=27011600&si=7079041&ci=164558803&pi=324858083&ad=516984875&advt=8247523&chnl=-7&vndr=115&sz=10125&u=$$23268776_14569750229_399922152$$&viq_did=&pt=i
Request Chain 335
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPxS9VvqUP9pv7CV_HC1JkI&google_cver=1
Request Chain 337
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEA5X2ZqbwNNBfySFjnpriwc&google_cver=1
Request Chain 340
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAKzIAT6nFi8QE0ZelyDwkQ&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAKzIAT6nFi8QE0ZelyDwkQ&google_cver=1&__user_check__=1&sync_id=05a564ec-7845-11ec-8529-1a3233820306
Request Chain 341
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=058eb222-7845-11ec-bda5-13ae17dc0106 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDVhNTY0YjUtNzg0NS0xMWVjLTg1MjktMWEzMjMzODIwMzA2
Request Chain 386
  • https://fw.adsafeprotected.com/rfw/st/913323/59535428/4.js?adContainerId=brand_safety__Y7mYYDyHd2ux_AP6M22-AE&cbFunctionName=goog_wrapCb__Y7mYYDyHd2ux_AP6M22-AE&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.farfeshplus.online%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:ed04b975-1387-be09-c711-eea4dfa77ae9,c:1DPjsE,sl:outOfView,em:true,fr:false,thd:1,mn:app03ie,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.41.40,am:sp,cc:0.14.0.0,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:4,fm:sURrWeg+11%7C12%7C131%7C132%7C14%7C151%7C16%7C17%7C18%7C191%7C192%7C1a1%7C1a2%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1c3%7C1d1%7C1e11%7C1f1%7C1g1%7C1h11%7C1i11%7C1j1%7C1k*.913323-59535428%7C1k1%7C1l%7C1m,idMap:1k*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:33,oid:0552782c-7845-11ec-9330-0a6fa201f3de,v:19.8.280,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety__Y7mYYDyHd2ux_AP6M22-AE&cbFunctionName=goog_wrapCb__Y7mYYDyHd2ux_AP6M22-AE&true_pb=
Request Chain 390
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1 HTTP 302
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESEPgzBwayeRWdFNMSygRVCy0&_origin=1&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEPgzBwayeRWdFNMSygRVCy0&_origin=1&google_cver=1&apid=UP05ab1ff6-7845-11ec-9b4c-0648c8367d06
Request Chain 391
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true HTTP 302
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP05ab1ff6-7845-11ec-9b4c-0648c8367d06 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVAwNWFiMWZmNi03ODQ1LTExZWMtOWI0Yy0wNjQ4YzgzNjdkMDY%3D
Request Chain 392
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1CSlg4dUlWRTJ1R0ZGXzVzeTY5dm1QTUx2ZlcyaC5LZn5B
Request Chain 411
  • https://fw.adsafeprotected.com/rfw/st/919015/59742583/skeleton.js?ias_dspID=3&ias_campId=23268776&ias_pubId=pub-6266313190087173&ias_chanId=1&ias_placementId=14569750229&bidurl=https://www.farfeshplus.online/FP45.asp&ias_dealId=&adsafe_url=https%3A%2F%2Fwww.farfeshplus.online%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6266313190087173%26output%3Dhtml%26h%3D90%26slotname%3D5788561387%26adk%3D2966895748%26adf%3D3388934107%26pi%3Dt.ma~as.5788561387%26w%3D728%26lmt%3D1642499837%26psa%3D0%26format%3D728x90%26url%3Dhttps%253A%252F%252Fwww.farfeshplus.online%252FFP45.asp%26flash%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%26dt%3D1642499837157%26bpp%3D1%26bdt%3D618%26idt%3D478%26shv%3Dr20220112%26mjsv%3Dm202201100101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C300x250%252C120x600%252C300x250%252C120x600%252C160x600%252C300x600%252C760x280%26nras%3D1%26correlator%3D3444761792216%26frm%3D20%26pv%3D1%26ga_vid%3D321309147.1642499837%26ga_sid%3D1642499837%26ga_hid%3D2103662247%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D436%26ady%3D863%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44753740%252C31064017%252C31064124%26oid%3D2%26pvsid%3D1708355280932279%26pem%3D806%26tmod%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D7%26uci%3Da!7%26fsb%3D1%26xpc%3DOQC0fQNSPT%26p%3Dhttps%253A%2F%2Fwww.farfeshplus.online%26dtd%3D482&adsafe_type=d&adsafe_jsinfo=,id:eaba1760-563e-c9d1-4df5-9123dc4ce96a,c:1DPjwX,sl:outOfView,em:true,fr:false,thd:1,mn:app17ie,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:644,fm:sURrW8d+11%7C12%7C131%7C132%7C14%7C151%7C16%7C17%7C18%7C191%7C192%7C1a1%7C1a2%7C1a3%7C1b*.919015-59742583%7C1b1%7C1b2%7C1b3%7C1b4%7C1c1%7C1c2%7C1c3%7C1d1%7C1e11%7C1e12%7C1f11%7C1g1%7C1h11%7C1i11%7C1i12%7C1j1%7C1j2%7C1k1%7C1k2%7C1k3%7C1l%7C1m,idMap:1b*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:676,oid:0507da78-7845-11ec-b672-0289e6fd96ae,v:19.8.280,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 416
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 417
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 438
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJPwDpQ5QjfrXh-4n6Zh43X3TXBW__yWD0f6GGFRWZaM5qJSGVLt0rENCgWorhkqBM_yAIJ-yDzQARxzIR44Ml-iOfAtQ&google_gid=CAESEIGcPwLWeP0XaELMN-xWLnk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWVhTy13QUFBRDlqZEEtZw&google_push=AYg5qPJPwDpQ5QjfrXh-4n6Zh43X3TXBW__yWD0f6GGFRWZaM5qJSGVLt0rENCgWorhkqBM_yAIJ-yDzQARxzIR44Ml-iOfAtQ
Request Chain 439
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEMhLE4GC8O0Fn3h93KUd6CA&google_cver=1&google_push=AYg5qPIR0ffK0_EAUZEBlIXWJYUxKnoF7nrC0eaztXpLJxVJoHLMtbiyh_ur-CifF2GSXUjeypg3HaaM5RuiRm0LNgUvZJEiLA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIR0ffK0_EAUZEBlIXWJYUxKnoF7nrC0eaztXpLJxVJoHLMtbiyh_ur-CifF2GSXUjeypg3HaaM5RuiRm0LNgUvZJEiLA&google_hm=Q0FFU0VNaExFNEdDOE8wRm4zaDkzS1VkNkNB
Request Chain 440
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPIhrod4BixJg26AemT_tDM8sMEghvk2EnC-mdr-uA4qSzNsbTQMSQSB4MBAVmJ_2mG_ItZyHID_9bdg7z2772WhcqbImQ&google_gid=CAESEKcdeDv_iDMCe4-C0GlP-Rs&google_cver=1 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCP6dmo8GEgUI6AcQAEIASm5nb29nbGVfcHVzaD1BWWc1cVBJaHJvZDRCaXhKZzI2QWVtVF90RE04c01FZ2h2azJFbkMtbWRyLXVBNHFTek5zYlRRTVNRU0I0TUJBVm1KXzJtR19JdFp5SElEXzliZGc3ejI3NzJXaGNxYkltUQ HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwMEpnSUUybld1M3M4Vm5GWWwwdkxiWFRtRGtPc1kxVDBFaW9kVHpDb0FRcw==&google_push
Request Chain 442
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPXOZfgzzdBQUxsDB253Ado&google_cver=1&google_push=AYg5qPIanvebw5UpX5bE0H9HfbKWgjP2xnAAhAF--sLo0eTfW_4Yr8AmLaZ0ejRkMFrvnDAm8CtjqSQoLzvzGbCWdSShVUOmpQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lKWFpVV0wtMVItTUZTNg==&google_push=AYg5qPIanvebw5UpX5bE0H9HfbKWgjP2xnAAhAF--sLo0eTfW_4Yr8AmLaZ0ejRkMFrvnDAm8CtjqSQoLzvzGbCWdSShVUOmpQ
Request Chain 443
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_cver=1&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2XNHwXtzuP2-t_eIo5PuokixDQSIHNQnRPaLRy0kLvnNDuQBO-vUtibgh4iyX6w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2XNHwXtzuP2-t_eIo5PuokixDQSIHNQnRPaLRy0kLvnNDuQBO-vUtibgh4iyX6w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2XNHwXtzuP2-t_eIo5PuokixDQSIHNQnRPaLRy0kLvnNDuQBO-vUtibgh4iyX6w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2XNHwXtzuP2-t_eIo5PuokixDQSIHNQnRPaLRy0kLvnNDuQBO-vUtibgh4iyX6w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2XNHwXtzuP2-t_eIo5PuokixDQSIHNQnRPaLRy0kLvnNDuQBO-vUtibgh4iyX6w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2XNHwXtzuP2-t_eIo5PuokixDQSIHNQnRPaLRy0kLvnNDuQBO-vUtibgh4iyX6w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2XNHwXtzuP2-t_eIo5PuokixDQSIHNQnRPaLRy0kLvnNDuQBO-vUtibgh4iyX6w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2XNHwXtzuP2-t_eIo5PuokixDQSIHNQnRPaLRy0kLvnNDuQBO-vUtibgh4iyX6w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2XNHwXtzuP2-t_eIo5PuokixDQSIHNQnRPaLRy0kLvnNDuQBO-vUtibgh4iyX6w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2XNHwXtzuP2-t_eIo5PuokixDQSIHNQnRPaLRy0kLvnNDuQBO-vUtibgh4iyX6w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2XNHwXtzuP2-t_eIo5PuokixDQSIHNQnRPaLRy0kLvnNDuQBO-vUtibgh4iyX6w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2XNHwXtzuP2-t_eIo5PuokixDQSIHNQnRPaLRy0kLvnNDuQBO-vUtibgh4iyX6w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2XNHwXtzuP2-t_eIo5PuokixDQSIHNQnRPaLRy0kLvnNDuQBO-vUtibgh4iyX6w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2XNHwXtzuP2-t_eIo5PuokixDQSIHNQnRPaLRy0kLvnNDuQBO-vUtibgh4iyX6w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2XNHwXtzuP2-t_eIo5PuokixDQSIHNQnRPaLRy0kLvnNDuQBO-vUtibgh4iyX6w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2XNHwXtzuP2-t_eIo5PuokixDQSIHNQnRPaLRy0kLvnNDuQBO-vUtibgh4iyX6w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2XNHwXtzuP2-t_eIo5PuokixDQSIHNQnRPaLRy0kLvnNDuQBO-vUtibgh4iyX6w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2XNHwXtzuP2-t_eIo5PuokixDQSIHNQnRPaLRy0kLvnNDuQBO-vUtibgh4iyX6w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2XNHwXtzuP2-t_eIo5PuokixDQSIHNQnRPaLRy0kLvnNDuQBO-vUtibgh4iyX6w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2XNHwXtzuP2-t_eIo5PuokixDQSIHNQnRPaLRy0kLvnNDuQBO-vUtibgh4iyX6w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2XNHwXtzuP2-t_eIo5PuokixDQSIHNQnRPaLRy0kLvnNDuQBO-vUtibgh4iyX6w
Request Chain 447
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEGMGWDDYIWtpsmz2CYgJzz0&google_cver=1&google_push=AYg5qPIAKRxf8fcrRaAi7hQwHcsjxTfvw8nB2OxiOLglC2FAMKs6-1BbYTL1pTHY3-mizvaqMdFhaZy37GIHgrooLk89T115Q3Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIAKRxf8fcrRaAi7hQwHcsjxTfvw8nB2OxiOLglC2FAMKs6-1BbYTL1pTHY3-mizvaqMdFhaZy37GIHgrooLk89T115Q3Y&google_hm=Q0FFU0VHTUdXRERZSVd0cHNtejJDWWdKenow
Request Chain 450
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBbAZGgKv-P9g8269AeuZ4Q&google_cver=1&google_push=AYg5qPLIzYyi3_TAzDox7NEiYtv25jk2v2_vYM7loFOyY5JhNUzs5s-Iif43KfzxrPxOQZ9E1H83IzvHhfIr31pzjOxhj8kJxphR HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBbAZGgKv-P9g8269AeuZ4Q&google_cver=1&google_push=AYg5qPLIzYyi3_TAzDox7NEiYtv25jk2v2_vYM7loFOyY5JhNUzs5s-Iif43KfzxrPxOQZ9E1H83IzvHhfIr31pzjOxhj8kJxphR&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TKQ6QbcZRXq3VR1HiADyDA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLIzYyi3_TAzDox7NEiYtv25jk2v2_vYM7loFOyY5JhNUzs5s-Iif43KfzxrPxOQZ9E1H83IzvHhfIr31pzjOxhj8kJxphR
Request Chain 451
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOEA0V3cFiqyV1gy2hORsjY&google_cver=1&google_push=AYg5qPJXinGZt1unjXkx7wJ9uQDv5wtUY8f8UkpYPz-Gv2WRoZiC96ZG3Bjh-h4sL1WxKWlugTXnsGzRTo2iyXQ0iTVGHGT88x-0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lKWFpVV0stTy1FTkpV&google_push=AYg5qPJXinGZt1unjXkx7wJ9uQDv5wtUY8f8UkpYPz-Gv2WRoZiC96ZG3Bjh-h4sL1WxKWlugTXnsGzRTo2iyXQ0iTVGHGT88x-0
Request Chain 452
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMb4L-SDRg6RMhw1cyFIVVU&google_cver=1&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4j9tgFAyXt9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4j9tgFAyXt9&google_gid=CAESEMb4L-SDRg6RMhw1cyFIVVU&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4j9tgFAyXt9&google_gid=CAESEMb4L-SDRg6RMhw1cyFIVVU&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4j9tgFAyXt9&google_gid=CAESEMb4L-SDRg6RMhw1cyFIVVU&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4j9tgFAyXt9&google_gid=CAESEMb4L-SDRg6RMhw1cyFIVVU&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4j9tgFAyXt9&google_gid=CAESEMb4L-SDRg6RMhw1cyFIVVU&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4j9tgFAyXt9&google_gid=CAESEMb4L-SDRg6RMhw1cyFIVVU&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4j9tgFAyXt9&google_gid=CAESEMb4L-SDRg6RMhw1cyFIVVU&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4j9tgFAyXt9&google_gid=CAESEMb4L-SDRg6RMhw1cyFIVVU&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4j9tgFAyXt9&google_gid=CAESEMb4L-SDRg6RMhw1cyFIVVU&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4j9tgFAyXt9&google_gid=CAESEMb4L-SDRg6RMhw1cyFIVVU&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4j9tgFAyXt9&google_gid=CAESEMb4L-SDRg6RMhw1cyFIVVU&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4j9tgFAyXt9&google_gid=CAESEMb4L-SDRg6RMhw1cyFIVVU&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4j9tgFAyXt9&google_gid=CAESEMb4L-SDRg6RMhw1cyFIVVU&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4j9tgFAyXt9&google_gid=CAESEMb4L-SDRg6RMhw1cyFIVVU&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4j9tgFAyXt9&google_gid=CAESEMb4L-SDRg6RMhw1cyFIVVU&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4j9tgFAyXt9&google_gid=CAESEMb4L-SDRg6RMhw1cyFIVVU&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4j9tgFAyXt9&google_gid=CAESEMb4L-SDRg6RMhw1cyFIVVU&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4j9tgFAyXt9&google_gid=CAESEMb4L-SDRg6RMhw1cyFIVVU&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4j9tgFAyXt9&google_gid=CAESEMb4L-SDRg6RMhw1cyFIVVU&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4j9tgFAyXt9&google_gid=CAESEMb4L-SDRg6RMhw1cyFIVVU&google_cver=1
Request Chain 466
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEF04IK3CDrKmUI72RrHj6i0&google_cver=1&google_push=AYg5qPIycBGmrHK6XjlHmmN8dkjhrVaoXkdQMjBajjn63Lk9QPk76nOWO7AEnZz81t4YFWeZcIBpi-UQqIN9_fKxzPLvPrhA8Zez HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIycBGmrHK6XjlHmmN8dkjhrVaoXkdQMjBajjn63Lk9QPk76nOWO7AEnZz81t4YFWeZcIBpi-UQqIN9_fKxzPLvPrhA8Zez&google_hm=Q0FFU0VGMDRJSzNDRHJLbVVJNzJSckhqNmkw
Request Chain 468
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEGREic10rQWTbiwgARI_X8&google_cver=1&google_push=AYg5qPJue-T27qt9z43oQcx04WgI8ZWlUcTsS4aNHsdhgwAFEW7JxLWIuvyNomDcLv0xW3dWoV-tGDv7CY3T0EZ7SDVzLjGuczQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TKQ6QbcZRXq3VR1HiADyDA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJue-T27qt9z43oQcx04WgI8ZWlUcTsS4aNHsdhgwAFEW7JxLWIuvyNomDcLv0xW3dWoV-tGDv7CY3T0EZ7SDVzLjGuczQ
Request Chain 469
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBS2DJUlXnDrrbAAtsRlCn8&google_cver=1&google_push=AYg5qPI4fiGN1KTm13N4JvCsbUYkl-uz2dSiIepsmjGmaUtguKGV_3_a5gh1EPNwmE2UxMonI6acDUgPD-S9HQPJmxg4UzZ22vw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lKWFpWMjYtVi03SDVM&google_push=AYg5qPI4fiGN1KTm13N4JvCsbUYkl-uz2dSiIepsmjGmaUtguKGV_3_a5gh1EPNwmE2UxMonI6acDUgPD-S9HQPJmxg4UzZ22vw
Request Chain 470
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDKDrsbuClS9rb1mUetD314&google_cver=1&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ26z8yU1Rf4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ26z8yU1Rf4&google_gid=CAESEDKDrsbuClS9rb1mUetD314&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ26z8yU1Rf4&google_gid=CAESEDKDrsbuClS9rb1mUetD314&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ26z8yU1Rf4&google_gid=CAESEDKDrsbuClS9rb1mUetD314&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ26z8yU1Rf4&google_gid=CAESEDKDrsbuClS9rb1mUetD314&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ26z8yU1Rf4&google_gid=CAESEDKDrsbuClS9rb1mUetD314&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ26z8yU1Rf4&google_gid=CAESEDKDrsbuClS9rb1mUetD314&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ26z8yU1Rf4&google_gid=CAESEDKDrsbuClS9rb1mUetD314&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ26z8yU1Rf4&google_gid=CAESEDKDrsbuClS9rb1mUetD314&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ26z8yU1Rf4&google_gid=CAESEDKDrsbuClS9rb1mUetD314&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ26z8yU1Rf4&google_gid=CAESEDKDrsbuClS9rb1mUetD314&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ26z8yU1Rf4&google_gid=CAESEDKDrsbuClS9rb1mUetD314&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ26z8yU1Rf4&google_gid=CAESEDKDrsbuClS9rb1mUetD314&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ26z8yU1Rf4&google_gid=CAESEDKDrsbuClS9rb1mUetD314&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ26z8yU1Rf4&google_gid=CAESEDKDrsbuClS9rb1mUetD314&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ26z8yU1Rf4&google_gid=CAESEDKDrsbuClS9rb1mUetD314&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ26z8yU1Rf4&google_gid=CAESEDKDrsbuClS9rb1mUetD314&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ26z8yU1Rf4&google_gid=CAESEDKDrsbuClS9rb1mUetD314&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ26z8yU1Rf4&google_gid=CAESEDKDrsbuClS9rb1mUetD314&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ26z8yU1Rf4&google_gid=CAESEDKDrsbuClS9rb1mUetD314&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ26z8yU1Rf4&google_gid=CAESEDKDrsbuClS9rb1mUetD314&google_cver=1
Request Chain 471
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEAIJRYzqh6H9ko34NgbrPvM&google_cver=1&google_push=AYg5qPIfisGlhmFw66ii80EYtFDJduZAbGyZd2AxL3hxqwZLKfgsxhrV_W2CY_OkUbsogsQookflzRFtN-au_uD60QbTc49MJw2NhQ HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPIfisGlhmFw66ii80EYtFDJduZAbGyZd2AxL3hxqwZLKfgsxhrV_W2CY_OkUbsogsQookflzRFtN-au_uD60QbTc49MJw2NhQ&google_hm=
Request Chain 485
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHY7Q-eGeheyTJMz2geYsCA&google_cver=1&google_push=AYg5qPLZ4LE12N7YTLK-rlDfWiNc0os6hIIslw6lnklrWRDRmGWBgywBq_9_moOf68G2PQmwaonlLFhc8HqoBwQuoF2PSFWWNo60vw HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLZ4LE12N7YTLK-rlDfWiNc0os6hIIslw6lnklrWRDRmGWBgywBq_9_moOf68G2PQmwaonlLFhc8HqoBwQuoF2PSFWWNo60vw&google_hm=vz0NOQkH9cOOtIwTvAWwRA
Request Chain 486
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIfB2zMb0NLLegX1o2nAKgL9fexNtByU-oN_uCaKea4qNJrhDeDBpZhH8kjIk4SDKjVvm-ZM6ZIDmuHigizywoUuBIUMIetmw&google_gid=CAESEPPOI5nKlJ-NNJp7R5mVsxg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWVhTy13QUFCUlozb1Q3VQ&google_push=AYg5qPIfB2zMb0NLLegX1o2nAKgL9fexNtByU-oN_uCaKea4qNJrhDeDBpZhH8kjIk4SDKjVvm-ZM6ZIDmuHigizywoUuBIUMIetmw
Request Chain 488
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDmv7VPIxgC960rg_mG9zh8&google_cver=1&google_push=AYg5qPJOjulOFyT_aRXdVzsPjpePjtdx6i4vQzTb7jkTES98M30rgwkljAguXjzs9SZwv8N6FreEkf-NRoRj6EpUFdQB-oDwi7OyjA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TKQ6QbcZRXq3VR1HiADyDA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJOjulOFyT_aRXdVzsPjpePjtdx6i4vQzTb7jkTES98M30rgwkljAguXjzs9SZwv8N6FreEkf-NRoRj6EpUFdQB-oDwi7OyjA
Request Chain 489
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA7hHeEAlxdgZ-umOkYiQrA&google_cver=1&google_push=AYg5qPIX3c0f_6-Cm1wKdJBG9Kd5rapTPDYLRMPhnaFzPpqAJwMGpYtcAq7uuGPPtf5pAv5Nqj2_n3duyL39X-jFGLK-4dZqLZpL4A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lKWFpWOUwtMTctNzA5Ng==&google_push=AYg5qPIX3c0f_6-Cm1wKdJBG9Kd5rapTPDYLRMPhnaFzPpqAJwMGpYtcAq7uuGPPtf5pAv5Nqj2_n3duyL39X-jFGLK-4dZqLZpL4A
Request Chain 490
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq8OiIUzIYKw7NQZY7v0k9vPrkb_XsWMisUTNxBkhs4UEFcoELNH2t1DZwjzW_-i5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq8OiIUzIYKw7NQZY7v0k9vPrkb_XsWMisUTNxBkhs4UEFcoELNH2t1DZwjzW_-i5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq8OiIUzIYKw7NQZY7v0k9vPrkb_XsWMisUTNxBkhs4UEFcoELNH2t1DZwjzW_-i5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq8OiIUzIYKw7NQZY7v0k9vPrkb_XsWMisUTNxBkhs4UEFcoELNH2t1DZwjzW_-i5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq8OiIUzIYKw7NQZY7v0k9vPrkb_XsWMisUTNxBkhs4UEFcoELNH2t1DZwjzW_-i5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq8OiIUzIYKw7NQZY7v0k9vPrkb_XsWMisUTNxBkhs4UEFcoELNH2t1DZwjzW_-i5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq8OiIUzIYKw7NQZY7v0k9vPrkb_XsWMisUTNxBkhs4UEFcoELNH2t1DZwjzW_-i5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq8OiIUzIYKw7NQZY7v0k9vPrkb_XsWMisUTNxBkhs4UEFcoELNH2t1DZwjzW_-i5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq8OiIUzIYKw7NQZY7v0k9vPrkb_XsWMisUTNxBkhs4UEFcoELNH2t1DZwjzW_-i5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq8OiIUzIYKw7NQZY7v0k9vPrkb_XsWMisUTNxBkhs4UEFcoELNH2t1DZwjzW_-i5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq8OiIUzIYKw7NQZY7v0k9vPrkb_XsWMisUTNxBkhs4UEFcoELNH2t1DZwjzW_-i5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq8OiIUzIYKw7NQZY7v0k9vPrkb_XsWMisUTNxBkhs4UEFcoELNH2t1DZwjzW_-i5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq8OiIUzIYKw7NQZY7v0k9vPrkb_XsWMisUTNxBkhs4UEFcoELNH2t1DZwjzW_-i5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq8OiIUzIYKw7NQZY7v0k9vPrkb_XsWMisUTNxBkhs4UEFcoELNH2t1DZwjzW_-i5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq8OiIUzIYKw7NQZY7v0k9vPrkb_XsWMisUTNxBkhs4UEFcoELNH2t1DZwjzW_-i5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq8OiIUzIYKw7NQZY7v0k9vPrkb_XsWMisUTNxBkhs4UEFcoELNH2t1DZwjzW_-i5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq8OiIUzIYKw7NQZY7v0k9vPrkb_XsWMisUTNxBkhs4UEFcoELNH2t1DZwjzW_-i5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq8OiIUzIYKw7NQZY7v0k9vPrkb_XsWMisUTNxBkhs4UEFcoELNH2t1DZwjzW_-i5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq8OiIUzIYKw7NQZY7v0k9vPrkb_XsWMisUTNxBkhs4UEFcoELNH2t1DZwjzW_-i5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq8OiIUzIYKw7NQZY7v0k9vPrkb_XsWMisUTNxBkhs4UEFcoELNH2t1DZwjzW_-i5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq8OiIUzIYKw7NQZY7v0k9vPrkb_XsWMisUTNxBkhs4UEFcoELNH2t1DZwjzW_-i5
Request Chain 494
  • https://um.simpli.fi/gp_match?google_gid=CAESEKCyVs2VfyLnNvzQnngbAEc&google_cver=1&google_push=AYg5qPLFi6aNTtqBytXSto-mrWg3X3yTRrBOiplgaxhqgsXUKmCTVAIuzdGFsn3PMnMQQ01xseuc2WnOSXIxfQzyqumfHjUSQsx1tA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FD9A76CC83284410BC4C128ABD676C35&google_push=AYg5qPLFi6aNTtqBytXSto-mrWg3X3yTRrBOiplgaxhqgsXUKmCTVAIuzdGFsn3PMnMQQ01xseuc2WnOSXIxfQzyqumfHjUSQsx1tA
Request Chain 495
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEPac-oTqOA9OWjDpXlcKlbU&google_cver=1&google_push=AYg5qPKdrUB_COMsV4btMWMjykM3bs9kZTpANbkD7ZIOJ_i7fAPnq4hwyE9ymta6373VwXsCbX-dV0HzLjwaFfabSJCf4kGPFVpNvQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPKdrUB_COMsV4btMWMjykM3bs9kZTpANbkD7ZIOJ_i7fAPnq4hwyE9ymta6373VwXsCbX-dV0HzLjwaFfabSJCf4kGPFVpNvQ&google_hm=F3z88ayDRO6CNP3tVMos9tk
Request Chain 497
  • https://fksnk.com/cs/google?google_gid=CAESEN2nSgxuR1l_NOuj4JGpSAs&google_cver=1&google_push=AYg5qPLn5mI3VSWk6Iel_JAawQaSYUjV4smeXTa7C4YnPAOaEKX5HRZwZo5DDy0zSX6BNYzFNWzSCK2zeIaFln7DUdGId29Kuvx- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OTgwREVGNzVDRkM5N0UzMw==
Request Chain 499
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELdTBbwprFf9WRGIFkCRo58&google_cver=1&google_push=AYg5qPK7D72UNreNMAQV4S6V8rRPuuy8myfHrMk08FYBYwU343VsW7Wvp8_pE2AZkXeiUS5YUpquvJTIajFJI8IL0LRe_-EQyyQTcQ HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPK7D72UNreNMAQV4S6V8rRPuuy8myfHrMk08FYBYwU343VsW7Wvp8_pE2AZkXeiUS5YUpquvJTIajFJI8IL0LRe_-EQyyQTcQ&google_gid=CAESELdTBbwprFf9WRGIFkCRo58 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM3ODg1Njg0ODMzMDcxMjcwNjA%3D&google_push=AYg5qPK7D72UNreNMAQV4S6V8rRPuuy8myfHrMk08FYBYwU343VsW7Wvp8_pE2AZkXeiUS5YUpquvJTIajFJI8IL0LRe_-EQyyQTcQ
Request Chain 502
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESEEi1DZAa0JZSaVbsGOSYk48&google_cver=1&google_push=AYg5qPIo2Yo9UP6iqR55R78JMSZ7TW4T76CKLAQzJXvWNP5YO8Yh5l7enBV8KaUkc_MrNY54qXWsT36Xya0kDJge6262hADtK6gT HTTP 302
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESEEi1DZAa0JZSaVbsGOSYk48&google_cver=1&google_push=AYg5qPIo2Yo9UP6iqR55R78JMSZ7TW4T76CKLAQzJXvWNP5YO8Yh5l7enBV8KaUkc_MrNY54qXWsT36Xya0kDJge6262hADtK6gT&bounced=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPIo2Yo9UP6iqR55R78JMSZ7TW4T76CKLAQzJXvWNP5YO8Yh5l7enBV8KaUkc_MrNY54qXWsT36Xya0kDJge6262hADtK6gT&google_hm=ipZ1FWbN950AAikABlF-bJ6XiA%3D%3D
Request Chain 503
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDnVHg04u2Eih7tfARpDVeY&google_cver=1&google_push=AYg5qPK3wowc710JFd6UxaBcjnDCW_9-VPP9-csZeknDKWA1AGjgLqzJsoENOmfmkyFo5ZF0hALp9nHmlthDHs0wd0IejSzBeBN8 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDnVHg04u2Eih7tfARpDVeY&google_cver=1&google_push=AYg5qPK3wowc710JFd6UxaBcjnDCW_9-VPP9-csZeknDKWA1AGjgLqzJsoENOmfmkyFo5ZF0hALp9nHmlthDHs0wd0IejSzBeBN8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPK3wowc710JFd6UxaBcjnDCW_9-VPP9-csZeknDKWA1AGjgLqzJsoENOmfmkyFo5ZF0hALp9nHmlthDHs0wd0IejSzBeBN8&google_hm=266Q4sywQayXHbL154Cn0w==
Request Chain 504
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMzzI7Nb2ttxJ4BvV7IUbNo&google_cver=1&google_push=AYg5qPJDevgYudWUlt2-zFVlpqzAeuxQTWFTsMesYu6WQkU51NpCfBCFMqeqoms7J54efy6cGQuYEk-lWktXO47WlYUpkxHIsaPN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJDevgYudWUlt2-zFVlpqzAeuxQTWFTsMesYu6WQkU51NpCfBCFMqeqoms7J54efy6cGQuYEk-lWktXO47WlYUpkxHIsaPN&google_hm=OTE5NjU2NDI1NzE3MzExNTA1Ng%3D%3D
Request Chain 506
  • https://match.360yield.com/match/ebda?google_gid=CAESEJWg8-oOUsM9SIZOStfj-d8&google_cver=1&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0X0sI9GVSnsvxv HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEJWg8-oOUsM9SIZOStfj-d8&google_cver=1&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0X0sI9GVSnsvxv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=N41tSatMStam4SBWwOMwKw&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0X0sI9GVSnsvxv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=N41tSatMStam4SBWwOMwKw&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0X0sI9GVSnsvxv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=N41tSatMStam4SBWwOMwKw&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0X0sI9GVSnsvxv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=N41tSatMStam4SBWwOMwKw&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0X0sI9GVSnsvxv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=N41tSatMStam4SBWwOMwKw&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0X0sI9GVSnsvxv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=N41tSatMStam4SBWwOMwKw&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0X0sI9GVSnsvxv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=N41tSatMStam4SBWwOMwKw&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0X0sI9GVSnsvxv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=N41tSatMStam4SBWwOMwKw&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0X0sI9GVSnsvxv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=N41tSatMStam4SBWwOMwKw&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0X0sI9GVSnsvxv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=N41tSatMStam4SBWwOMwKw&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0X0sI9GVSnsvxv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=N41tSatMStam4SBWwOMwKw&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0X0sI9GVSnsvxv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=N41tSatMStam4SBWwOMwKw&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0X0sI9GVSnsvxv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=N41tSatMStam4SBWwOMwKw&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0X0sI9GVSnsvxv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=N41tSatMStam4SBWwOMwKw&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0X0sI9GVSnsvxv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=N41tSatMStam4SBWwOMwKw&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0X0sI9GVSnsvxv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=N41tSatMStam4SBWwOMwKw&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0X0sI9GVSnsvxv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=N41tSatMStam4SBWwOMwKw&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0X0sI9GVSnsvxv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=N41tSatMStam4SBWwOMwKw&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0X0sI9GVSnsvxv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=N41tSatMStam4SBWwOMwKw&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0X0sI9GVSnsvxv
Request Chain 507
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESED1Czl0HWlq8nqbw8TeY-Jw&google_cver=1&google_push=AYg5qPICHY0-Il4WhiWbYyD0-Kgw1gd7ZV7r2n6_ng-_GX9Bpv7X69uYwex1YvF1UeG1FFWkrPYbJDgPvcuifplL95sb_5XQmW5YRg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS00UDVOY0ZSRTJ1R2FBZ3JuVjk3WU0uREFQb0t0NlNqa35B&google_push=AYg5qPICHY0-Il4WhiWbYyD0-Kgw1gd7ZV7r2n6_ng-_GX9Bpv7X69uYwex1YvF1UeG1FFWkrPYbJDgPvcuifplL95sb_5XQmW5YRg
Request Chain 508
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESENdXQCeySo5dj-cwetr6ONc&google_cver=1&google_push=AYg5qPItjg_h9NbHmqU_UjQt5RX_gWUVd5VnJ73CVThCzFjfIfbYrX98USfdHEyWACfkttM5_6_Bru367beycW_kNE0250pzqNYY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=YWJlZjdhNmQtZjEyOS00MjJmLTk5NjgtYjYyNjNkNWJiNWU4&google_push=AYg5qPItjg_h9NbHmqU_UjQt5RX_gWUVd5VnJ73CVThCzFjfIfbYrX98USfdHEyWACfkttM5_6_Bru367beycW_kNE0250pzqNYY
Request Chain 520
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESECO-s5wdmKhUQbM-ol-j7XE&google_cver=1&google_push=AYg5qPK5RslyA9_s6CDsemwtlw5U1OFGdX-Q46oK3surqEYSN5GyPs368VAQhlqgfuwcfYd7its5bipzdSPhGsz_5i4TiuTh1w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjY2NTg1OTQ3ODE2NTkxNzQwNg==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECJlBhvfb75r00HEf74XFi0&google_cver=1
Request Chain 521
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMX2V2olY8OhgCDjsssqN6M&google_cver=1&google_push=AYg5qPKIh_gr-2sKxqGPMOlfeORLw5zlxvwCcZ8UFd1k9JCU0fuccegpwKPY8vZdY0UYBSGdVs2T72AgXuCEzau5xVVvxc2dwdk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKIh_gr-2sKxqGPMOlfeORLw5zlxvwCcZ8UFd1k9JCU0fuccegpwKPY8vZdY0UYBSGdVs2T72AgXuCEzau5xVVvxc2dwdk
Request Chain 522
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESEEi1DZAa0JZSaVbsGOSYk48&google_cver=1&google_push=AYg5qPJTiVt0imEx0Kdr6O7PPkcVY7PpMInEtrEqTQGawgjNEHwRYm_RtQVtA1ilt1GGuzCSNUHGKzp6HUilZX2GtYJ6itdK0A HTTP 302
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESEEi1DZAa0JZSaVbsGOSYk48&google_cver=1&google_push=AYg5qPJTiVt0imEx0Kdr6O7PPkcVY7PpMInEtrEqTQGawgjNEHwRYm_RtQVtA1ilt1GGuzCSNUHGKzp6HUilZX2GtYJ6itdK0A&bounced=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPJTiVt0imEx0Kdr6O7PPkcVY7PpMInEtrEqTQGawgjNEHwRYm_RtQVtA1ilt1GGuzCSNUHGKzp6HUilZX2GtYJ6itdK0A&google_hm=ipZ1FWbN950AAikABlF-bJ6XiA%3D%3D
Request Chain 523
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEBS4s_lKgtwcmhYp10ayZZY&google_cver=1&google_push=AYg5qPI5WRhtZ04WQ0Nc0hWQR8_EMlX1yJgGApUP50xGB-6utGp4_E0cCFMmxQifQCPnS9nk3i5lC1TGTBQnthDoVsWw6LMcGQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPI5WRhtZ04WQ0Nc0hWQR8_EMlX1yJgGApUP50xGB-6utGp4_E0cCFMmxQifQCPnS9nk3i5lC1TGTBQnthDoVsWw6LMcGQ&google_hm=QV9CTlZ5UmUwV0JvaWZQYjJHY2c3dmc=
Request Chain 524
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESELzrn0FmmdBm-h-kkULI2Co&google_cver=1&google_push=AYg5qPIJDEoaX5aj6TbCtp_ODS69wJED0aAqTxpUn-yJSXNjQtnkkM1j5_-_wzyrWHVN7HzopyPjF6SPcdc5qvO857JN-L0XZc8 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-f3ff4f30-b29a-42b2-b2eb-415d4d5ec4c7-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPIJDEoaX5aj6TbCtp_ODS69wJED0aAqTxpUn-yJSXNjQtnkkM1j5_-_wzyrWHVN7HzopyPjF6SPcdc5qvO857JN-L0XZc8%26google_hm%3DA_P_TzCymkKysutBXU1exMc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIJDEoaX5aj6TbCtp_ODS69wJED0aAqTxpUn-yJSXNjQtnkkM1j5_-_wzyrWHVN7HzopyPjF6SPcdc5qvO857JN-L0XZc8&google_hm=A_P_TzCymkKysutBXU1exMc
Request Chain 525
  • https://cs.media.net/cksync?type=g&google_gid=CAESEGkTsNV0JDC1-KpBjpFwzac&google_cver=1&google_push=AYg5qPJxCn5Hcnt5xTsMBXH-HgY7qmNYgvIWnZrb2fWDRtBPQLJMWCbS5eGpUxHMqKgdNW-b16Wr7aPnShvLWtkgCC_RkhktLA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg1NTAxNDM5NjA5MjE1MzAwMFYxMA%3d%3d&mn_hm=Mjg1NTAxNDM5NjA5MjE1MzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPJxCn5Hcnt5xTsMBXH-HgY7qmNYgvIWnZrb2fWDRtBPQLJMWCbS5eGpUxHMqKgdNW-b16Wr7aPnShvLWtkgCC_RkhktLA&gdpr=&gdpr_consent=
Request Chain 574
  • https://pbjs.e-planning.net/pbjs/1/2e43c/1/www.farfeshplus.online/ROS?rnd=0.532819559271738&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&pbv=6.7.0-pre&ncb=1&vs=F&crs=windows-1256&fr=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&e_pubcid=21af23e7-1873-4ee7-99d9-83f365bb03dd HTTP 302
  • https://pbjs.e-planning.net/hb/1/2e43c/1/www.farfeshplus.online/ROS?ct=1&r=pbjs&rnd=0.532819559271738&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&pbv=6.7.0-pre&ncb=1&vs=F&crs=windows-1256&fr=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&e_pubcid=21af23e7-1873-4ee7-99d9-83f365bb03dd
Request Chain 612
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESENZuzbXMw6bgYEbh0bB4QWo&google_cver=1
Request Chain 625
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEJdbv-3tVAPXzjw7ASyadrc&google_cver=1&google_push=AYg5qPLYhfkPyvncV9yKf5oyrzxDDrYBW3vpQCDhGS1DCJPiyIVpe0m4KFSaEBoTosHWQHrPhDNvLKM-0YDDFwKmonz1Cxgt74U HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPLYhfkPyvncV9yKf5oyrzxDDrYBW3vpQCDhGS1DCJPiyIVpe0m4KFSaEBoTosHWQHrPhDNvLKM-0YDDFwKmonz1Cxgt74U&google_hm=hmHmjv_KZ9QonQa0xQ&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D61E68EFFCA67D4289D06B4C5BLIS
Request Chain 634
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=farfeshplus.online&sn=ChromeSyncframe&so=0&topUrl=www.farfeshplus.online&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=4iiK0HxhVkdBelV5N2hJWWt1eDN4M1lVbFdBNWxuc2tsVG5tK0drMFVMVUJSTHU4K1lFcytmRzgzY05vOWdQZTFiNmMzVWRBcG53WTZEcVg1L0RXSll6M0NCTm9XdE81T2FZSC8rN1Y2dHJNNTAxRXZ4YUFrNUNjeHZjSEgwYjNubml4ZXBWNUpOaHFiQ0t4ZDNXd0lmZ2xEc2FJVHR1K0lwOHoranhKSlJxYjVyMTQ5Lytta1J1K3FEby9LUmgxdVo2bDc5MWtualdyaVpnSDhoVjRhVjAvR2V6Q095YzVXVXJKV0xZRjZVdXZ4eVpkSWFEeTBqZmtja2FsT3VZd0N4eEVsTVZUZTlTNmw4N2FrYmNDQ2M3SnBPZz09fA&cppv=2
Request Chain 637
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.farfeshplus.online%2F&domain=www.farfeshplus.online&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=mPBuVXxDZ1IzbWpDR09jRG5KZ1VxdDExdnJ4VFRXbTVLMXhMTXVjcVh2QmpkUk1JcEtJVGZTVjVtRVBFRHNUREp2WE5sTWZjQjhNVjVjMXk0N1N2RWtJc2hPcXZQdlRDT0N0SG9pWmRMeGJKMmMvZSs2OEpxS2pJdWR0NW1LQlFWQVZIRkdIQ3Q4OVFtcCttWXlhQUJjS1VsRVdyOTg1VXI4c1NjY3JRRDZQc2RnZzZ6N1grNVZiRk96TXlnZ3VnbzBqRHB5SHVLY2I5ZWt2bVV3RzNWV0lSMFRWbXpVUy8yM0pOUFhnaWk5KzVudEpTN0svcWF2TlRTRWZRTnBWbDNrc0h4LzZ0VkdkeG9CZDFkbmZzMmxFZjl4eWlRZGFRUDMzMnBWZFlwVmxjNXppQT18&cppv=2

628 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request FP45.asp
www.farfeshplus.online/
Redirect Chain
  • http://www.farfeshplus.com/
  • https://www.farfeshplus.com/
  • https://www.farfeshplus.online/
  • https://www.farfeshplus.online/FP45.asp
181 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
eb38fd5cfed2db747df531bac74ce8df6180c8bb165b4eda87c493d81983d3ba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9

Response headers

Content-Type
text/html
Content-Encoding
gzip
Vary
Accept-Encoding
cache-control
max-age=300
X-Cacheable
YES
Content-Length
35991
Accept-Ranges
bytes
Date
Tue, 18 Jan 2022 09:57:15 GMT
Connection
keep-alive
X-Cache
HIT
age
0

Redirect headers

Content-Type
text/html
Location
https://www.farfeshplus.online/FP45.asp
cache-control
max-age=300
X-Cacheable
YES
Content-Length
186066
Accept-Ranges
bytes
Date
Tue, 18 Jan 2022 09:57:15 GMT
Connection
keep-alive
X-Cache
HIT
age
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3d63915de619799c1e90327bc337166fa793b0b81edd8643b5c9dd48e6522b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51973
x-xss-protection
0
server
cafe
etag
13500993387742032851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 18 Jan 2022 09:57:15 GMT
up.js
live.demand.supply/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/up.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb90ab4573159ed4cc7aa7264546a68f93a2b9e2809b2090f38a8e84b13996a9

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FSNW5QYKNECAS27M5CJBXJEJ
date
Tue, 18 Jan 2022 09:57:15 GMT
content-encoding
br
cf-cache-status
HIT
age
963
cf-polished
origSize=3935
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
cf-bgj
minify
server
cloudflare
etag
W/"59de6717fa079a1bdca61971e7fc88e1-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray
6cf6f543a8a53749-MXP
link
<https://live.demand.supply/impl.v14.0.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v14-0-0/d3d3LmZhcmZlc2hwbHVzLm9ubGluZS8=>; rel=preload; as=script
farfeshdyn.js
jscdn.greeter.me/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jscdn.greeter.me/farfeshdyn.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
0df7b613c8bcdccbedf96d807423147482aefb96123d33b143d94612e409c5f4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Connection
Keep-Alive
Last-Modified
Sat, 06 Nov 2021 19:56:52 GMT
x-amz-request-id
tx0000000000000f9a142cf-0061e68ea4-25a411a1-fra1b
etag
"ddc7b08bec86058a6c4418cf1df0f873"
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1642499835.dop210.ml1.t,1642499836.cds022.ml1.shn,1642499836.dop210.ml1.t,1642499836.cds012.ml1.c
Content-Type
text/javascript
Cache-Control
max-age=3512
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
9940
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
c58d6b461529fe14761217179c05d3ac5d287c0aa59560c4e618bbba33e97864
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26979
x-xss-protection
0
server
sffe
etag
"1105 / 902 of 1000 / last-modified: 1642498739"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 18 Jan 2022 09:57:15 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.3.2/ 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 11:26:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
513022
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19926
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Jan 2023 11:26:53 GMT
jquery.timers.js
www.farfeshplus.online/s.farfesh/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.farfeshplus.online/s.farfesh/js/jquery.timers.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
d93f4f764048996df486e96b2c68f15f4f3b1c110eaff398b681c15b43aa9772

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:15 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Oct 2017 12:21:24 GMT
age
0
ETag
"4eecc5f6783bd31:0"
X-Cacheable
YES
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/x-javascript
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1311
jquery.autoScroller.js
www.farfeshplus.online/s.farfesh/js/ 		1 KB
1009 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.farfeshplus.online/s.farfesh/js/jquery.autoScroller.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
3a4fc14180ae118f278fef24fed0c73cb65bb14049d68f0f43b7041090965aa8

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:15 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Oct 2017 12:21:20 GMT
age
0
ETag
"aa3575f4783bd31:0"
X-Cacheable
YES
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/x-javascript
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
655
NavigMenu.js
www.farfeshplus.online/general.files/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.farfeshplus.online/general.files/js/NavigMenu.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
cce45bed757c6288dd85428e91a2bb91927ce0f1a6cec010ac9f5db184670a7e

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:15 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Oct 2017 19:18:36 GMT
age
0
ETag
"628f991fc41d31:0"
X-Cacheable
YES
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/x-javascript
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2668
slick.js
www.farfeshplus.online/s.farfesh/js/ 		80 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.farfeshplus.online/s.farfesh/js/slick.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
aac9552f07e57bcbfa55fd1ecf3a698bfaf85fcba44fd1abeaf75e2ec9bc0caf

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:15 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Oct 2017 07:05:02 GMT
age
0
ETag
"55b6a2c44c3bd31:0"
X-Cacheable
YES
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/x-javascript
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20028
jquery.min.js
www.farfeshplus.online/s.farfesh/js/ 		94 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.farfeshplus.online/s.farfesh/js/jquery.min.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:15 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Oct 2017 07:05:02 GMT
age
0
ETag
"4a7f43c44c3bd31:0"
X-Cacheable
YES
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/x-javascript
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42874
bootstrap.min.js
www.farfeshplus.online/s.farfesh/js/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.farfeshplus.online/s.farfesh/js/bootstrap.min.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:15 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Oct 2017 07:05:01 GMT
age
0
ETag
"a0a9e6c34c3bd31:0"
X-Cacheable
YES
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/x-javascript
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12955
CssClear1.css
www.farfeshplus.online/s.farfesh/Css/ 		74 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.farfeshplus.online/s.farfesh/Css/CssClear1.css
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
a0bec107dc5e1169feb956927f5aa851ce5aa0231f38c0c99ac23cfe7c37a770

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:15 GMT
Content-Encoding
gzip
Last-Modified
Sat, 08 Aug 2020 19:16:35 GMT
age
0
ETag
"4498996eb86dd61:0"
X-Cacheable
YES
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/css
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15905
fonts.css
www.farfeshplus.online/fontsNew/ 		1 KB
776 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.farfeshplus.online/fontsNew/fonts.css
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
90acdec7799a0f5d492c728dace212a1a401dbcc19aa8ac89fb9af5e3fdb094c

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:15 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Oct 2017 07:12:17 GMT
age
0
ETag
"2672a6c74d3bd31:0"
X-Cacheable
YES
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/css
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
438
font-awesome.css
www.farfeshplus.online/fontsNew/ 		32 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.farfeshplus.online/fontsNew/font-awesome.css
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
813e08a0b6c28a3370c1b31ff8ca993a9655288f107b63425a898fe59fe4b806

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:15 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Oct 2017 07:25:01 GMT
age
0
ETag
"b9f94b8f4f3bd31:0"
X-Cacheable
YES
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/css
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7581
js
www.googletagmanager.com/gtag/ 		91 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-192956646-1
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a77f5e8ead93d41e798ecc9111aad04e015b784a8cb7844284ab6e70d9ca67cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:16 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36529
x-xss-protection
0
last-modified
Tue, 18 Jan 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 18 Jan 2022 09:57:16 GMT
js
www.googletagmanager.com/gtag/ 		165 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DNX5KLEBSB
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ceb701e729008b5a1681b8ec7fea428995f9899582071c22fec2557d35814896
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:16 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62562
x-xss-protection
0
expires
Tue, 18 Jan 2022 09:57:16 GMT
jquery-latest.js
code.jquery.com/ 		276 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-latest.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:15 GMT
content-encoding
gzip
last-modified
Fri, 24 Oct 2014 00:16:08 GMT
server
nginx
etag
"54499a48-4508e"
vary
Accept-Encoding
x-hw
1642499835.dop204.ml1.t,1642499835.cds224.ml1.hn,1642499835.cds215.ml1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
83875
gpt.js
www.googletagservices.com/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c58d6b461529fe14761217179c05d3ac5d287c0aa59560c4e618bbba33e97864
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26979
x-xss-protection
0
server
sffe
etag
"1105 / 843 of 1000 / last-modified: 1642498739"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 18 Jan 2022 09:57:16 GMT
recangelorange.png
www.farfeshplus.online/images/ 		1002 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/images/recangelorange.png
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
66bdbc6f334ad5094c875459d3a9b88c52f2f065759d45f0d5c8d0262d327ddf

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:15 GMT
Last-Modified
Wed, 04 Oct 2017 17:12:10 GMT
age
0
ETag
"65ef4eea333dd31:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/png
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1002
spacer.gif
www.farfeshplus.online/images/ 		47 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/images/spacer.gif
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
414065eb8bccfeced9386a863dba180b1ab3153b18395b3bd4e855e0ee860f4e

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:15 GMT
Last-Modified
Wed, 31 Mar 2021 10:07:53 GMT
age
0
ETag
"affecbb61526d71:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/gif
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
47
b242267.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/b242267.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
4deb70016de6e591c7f8c17402ab50c1cb8ee5b3f2e02da1bb0fd90ba3189494

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:15 GMT
Last-Modified
Tue, 18 Jan 2022 07:53:41 GMT
age
0
ETag
"942b7e8240cd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25425
backgroundF373x212.png
www.farfeshplus.online/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/images/backgroundF373x212.png
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
13b3d907e5f12196acef4a97be670c4c1f23b8167d03e85d25a8493f0311ee5b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:15 GMT
Last-Modified
Sat, 25 Nov 2017 14:24:14 GMT
age
0
ETag
"2e262312f965d31:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/png
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8232
b242265.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/b242265.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
5d5c22d6cca0019a77dd48a97d30eed602726fdeaa50402286eb918133da5269

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:15 GMT
Last-Modified
Tue, 18 Jan 2022 07:10:50 GMT
age
0
ETag
"aec23863acd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
50160
ramadan2020.gif
www.farfeshplus.online/images/ 		183 KB
183 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/images/ramadan2020.gif
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
2c4f0bcb699b110d5cb89f843d624dda1bc7a5af9e41d26d1b67259f152f7a17

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Fri, 30 Apr 2021 22:32:50 GMT
age
0
ETag
"1d8676c0103ed71:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/gif
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
187539
twittericon.png
www.farfeshplus.online/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/images/twittericon.png
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
9edd827965a6e1332c3aac5d7d0cc16269f4536a33817f25cb92703f5953c836

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Mon, 02 Oct 2017 06:57:13 GMT
age
0
ETag
"675912ad4b3bd31:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/png
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1362
242266.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/242266.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
eee8c321f319b7b32e9fd853304905527c5edff02acd1528a4d7b5e9aa2c304d

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Tue, 18 Jan 2022 07:38:29 GMT
age
0
ETag
"ffddcc623ecd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15296
242264.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/242264.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
a9efb9e3326654fe345c3bd11401a314ee5c9882d83ab0af9389a8e5323a2e67

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Tue, 18 Jan 2022 07:40:53 GMT
age
0
ETag
"cb90fcb83ecd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20181
242259.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/242259.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
881318b50b31857584f265f26b56b224e9113357d438ef7ad68e62ec1d39374f

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Mon, 17 Jan 2022 17:37:32 GMT
age
0
ETag
"4a5e32e8c8bd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23801
242263.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/242263.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
4816475814c327a6834f5100a712a2d605233c202443850a1387270c8dd9df43

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Mon, 17 Jan 2022 22:22:35 GMT
age
0
ETag
"19e662baf0bd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
32869
b242262.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/b242262.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
021b10ec12fc199e0936ee3b640688b7cf444f343a3e33cfd1094934fbd02042

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Mon, 17 Jan 2022 18:59:21 GMT
age
0
ETag
"805e6e56d4bd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36834
b242261.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/b242261.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
0be9bbf0ac87ba87d67fed318b09ec4408501d7690ae34ec1256f738625025ab

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Mon, 17 Jan 2022 18:41:54 GMT
age
0
ETag
"654132e6d1bd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42405
b242260.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/b242260.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
0caeb305f0c5065571d643ac4b6982d1d9f09c00f45b9e333270a73ca63c6d9d

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Mon, 17 Jan 2022 18:33:51 GMT
age
0
ETag
"1fa737c6d0bd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33424
b242258.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/b242258.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
7cfab19e4ab0accce469e72412d8c36114eaedb97831e8067869bf4bf2720fb8

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Mon, 17 Jan 2022 16:13:42 GMT
age
0
ETag
"111c2932bdbd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31280
rightarrow15.png
www.farfeshplus.online/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/images/rightarrow15.png
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
dc9b9b710d984c7d3a1e6dfa70e03d31ce299040beb02b0ad6608d2eac9eda01

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Mon, 02 Oct 2017 06:56:46 GMT
age
0
ETag
"85e3b49c4b3bd31:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/png
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1244
1813.jpg
www.farfeshplus.online/ramadanimages/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/ramadanimages/1813.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
c4eb35e3dedcefb00cdeec4d928382ec2c202a86da1f3274e2bec7073f4de919

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Sun, 09 Jan 2022 20:19:49 GMT
age
0
ETag
"f0dd940965d81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20150
1804.jpg
www.farfeshplus.online/ramadanimages/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/ramadanimages/1804.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
66e297666478a42641876d8bb516ab60b321373124fc1c0439222da446b245e7

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Wed, 18 Aug 2021 20:09:18 GMT
age
0
ETag
"67d3ceec6c94d71:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22573
leftarrow15.png
www.farfeshplus.online/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/images/leftarrow15.png
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
984bf139d47c34ecb84a5ab9e3c9dacca8e4aa0217a73a2a5e4dece072eeebf8

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Mon, 02 Oct 2017 06:56:24 GMT
age
0
ETag
"4bbbe48f4b3bd31:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/png
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1265
aaras.jpg
images.farfeshplus.online/singers_images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.farfeshplus.online/singers_images/aaras.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.174 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
174.205.interhost.co.il
Software
nginx/0.7.65 /
Resource Hash
b24f23895469c10cb956b5b39e91a00ced96cf644b2071c8e075f1f3982edadf

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Wed, 04 Sep 2013 00:47:05 GMT
Server
nginx/0.7.65
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5466
Expires
Tue, 25 Jan 2022 09:57:16 GMT
Haflat-Takharroj.jpg
images.farfeshplus.online/singers_images/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.farfeshplus.online/singers_images/Haflat-Takharroj.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.174 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
174.205.interhost.co.il
Software
nginx/0.7.65 /
Resource Hash
27925065d33095653c2bc9040eb529f106f0eb6236263a15915ee3c75c33fb11

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Fri, 20 Feb 2015 17:56:32 GMT
Server
nginx/0.7.65
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31311
Expires
Tue, 25 Jan 2022 09:57:16 GMT
Aayad-Milad.jpg
images.farfeshplus.online/singers_images/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.farfeshplus.online/singers_images/Aayad-Milad.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.174 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
174.205.interhost.co.il
Software
nginx/0.7.65 /
Resource Hash
b2aacc8fcb4e2a4803c92e5697bff78f91193ff22c2072850b5ffc786cc4b6fa

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Sat, 21 Sep 2013 22:26:48 GMT
Server
nginx/0.7.65
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34867
Expires
Tue, 25 Jan 2022 09:57:16 GMT
easter_s.jpg
images.farfeshplus.online/singers_images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.farfeshplus.online/singers_images/easter_s.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.174 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
174.205.interhost.co.il
Software
nginx/0.7.65 /
Resource Hash
bb820666b483dac59f85def4ea49edac67954b4359b1183a5e6bd6ee031fa048

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Sat, 15 Mar 2008 23:31:10 GMT
Server
nginx/0.7.65
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6514
Expires
Tue, 25 Jan 2022 09:57:16 GMT
mother-day_s.jpg
images.farfeshplus.online/singers_images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.farfeshplus.online/singers_images/mother-day_s.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.174 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
174.205.interhost.co.il
Software
nginx/0.7.65 /
Resource Hash
6c4a0e0f904f05949387a622da12999ca9451e4fe248bc3cc33d611466f94981

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Sat, 15 Mar 2008 23:30:15 GMT
Server
nginx/0.7.65
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5485
Expires
Tue, 25 Jan 2022 09:57:16 GMT
couple-valentines-day_s.jpg
images.farfeshplus.online/singers_images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.farfeshplus.online/singers_images/couple-valentines-day_s.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.174 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
174.205.interhost.co.il
Software
nginx/0.7.65 /
Resource Hash
effad215e1d5940720e49f2653f1e7201330f9877b65293ae14fee6a90efe91b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Thu, 11 Feb 2010 17:11:55 GMT
Server
nginx/0.7.65
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5822
Expires
Tue, 25 Jan 2022 09:57:16 GMT
b242257.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/b242257.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
f7363c13fce13f695220dd53da24faa5091ed845e683bffe775d4acc639d6df9

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Mon, 17 Jan 2022 16:03:27 GMT
age
0
ETag
"9bde73c3bbbd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
48300
b242256.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/b242256.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
8faaa0bd8a359200fb81f78b1e56852ddb70f27640479206a95dbee00d1c4cc8

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Mon, 17 Jan 2022 15:56:29 GMT
age
0
ETag
"af9d59cababd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28961
b242255.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/b242255.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
252436489d0d36c8f27388f7d3fd82be85f644a93f32c5eaa04fa372a09252bb

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Mon, 17 Jan 2022 15:39:19 GMT
age
0
ETag
"c7858764b8bd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31009
b242253.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/b242253.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
699ed434469e8797c3723af206749f89a7f46e714fdde74efd329b7d27f7f969

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Mon, 17 Jan 2022 14:01:02 GMT
age
0
ETag
"ce3399a9aabd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34451
b242254.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/b242254.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
8154f84a10e1a5f21583b78b262763c36ed1f1ab1041461fc25f74d8fe6c99f1

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Mon, 17 Jan 2022 14:52:32 GMT
age
0
ETag
"b6ec9bdbb1bd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34974
b242252.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		107 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/b242252.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
46449fb91b592a9cda8ec7896ed14031883d0f40a6cfa413684ae28304a9053b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Mon, 17 Jan 2022 13:41:28 GMT
age
0
ETag
"db2b9ceda7bd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
109974
b242251.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/b242251.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
d1ef159a3c7919706a816c72674ad02c22a367af94e73901eb6f591bc8cfd2ae

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Mon, 17 Jan 2022 09:37:56 GMT
age
0
ETag
"fc1767e885bd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
45372
b242250.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/b242250.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
e2234da9376314bd908edebca14c05c0487e2db54235abdaacc5b7f9515a7162

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Mon, 17 Jan 2022 09:29:44 GMT
age
0
ETag
"3473f2c284bd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30647
borjakfarfesh.jpg
www.farfeshplus.online/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/images/borjakfarfesh.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
6a5154bc76054450e38b7c60d0137cb161b53b726bb696b0fbd356a63b26db8b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Fri, 13 Sep 2019 08:41:03 GMT
age
0
ETag
"f8b256fae6ad51:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3798
hapendtoday.jpg
www.farfeshplus.online/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/images/hapendtoday.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
7a9bd5e35a62f5749877795ff4430de2f4543e3a9bf60fc4368b1e34569226e4

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Mon, 02 Sep 2019 18:28:32 GMT
age
0
ETag
"72527439bc61d51:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5294
E-188034-20160711141624-1.jpg
images.farfeshplus.online/stories_images/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.farfeshplus.online/stories_images/E-188034-20160711141624-1.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.174 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
174.205.interhost.co.il
Software
nginx/0.7.65 /
Resource Hash
f83b839f6524bc7127a8cb06221e035e6c068a3e5dc53c76b19becab24f37232

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Mon, 11 Jul 2016 11:16:23 GMT
Server
nginx/0.7.65
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23148
Expires
Tue, 25 Jan 2022 09:57:16 GMT
news.png
www.farfeshplus.online/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/images/news.png
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
5c0454751b67d2cb1181486a5987ba0d3aecda39cca53bf51d23705fdb20c6bb

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Sat, 25 Nov 2017 18:19:16 GMT
age
0
ETag
"51c261e71966d31:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/png
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3319
242248.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/242248.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
ed86f30660934bec16c81c41e25474ec7ddbb6a2255b27cb121c2b87370b8a5a

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Mon, 17 Jan 2022 09:14:36 GMT
age
0
ETag
"b17f6a682bd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11898
242243.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/242243.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
b481f4a23d62b818cf3746a4d93cbe88bcea3cbf4cba34fc284a23b657c3e0ae

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Sun, 16 Jan 2022 20:10:12 GMT
age
0
ETag
"fea9921115bd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16801
242240.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/242240.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
385bf183c49c72e59b6b62de581a6584fe814abf7f5daf63576e25bd55fb6c09

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Sun, 16 Jan 2022 12:10:45 GMT
age
0
ETag
"91cf4317d2ad81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30870
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/ 		279 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online&bust=31064017
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
14f4c963a73cf7a10e5fe33f0caa692070cebfe5ea58ea8e1448b2b6913b3cef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102650
x-xss-protection
0
server
cafe
etag
16359643451900794150
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 18 Jan 2022 09:57:15 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220112/r20190131/ Frame 88AB 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220112/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4885
x-xss-protection
0
date
Tue, 18 Jan 2022 01:57:44 GMT
expires
Tue, 01 Feb 2022 01:57:44 GMT
cache-control
public, max-age=1209600
age
28771
etag
13671712056976469594
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
entertainment.png
www.farfeshplus.online/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/images/entertainment.png
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
e4e51ad380478c9873d5ea61348986d0874c2cbe4406fd46b43b0f107f5150b9

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Sat, 25 Nov 2017 18:19:16 GMT
age
0
ETag
"6fdb55e71966d31:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/png
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3387
242247.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/242247.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
ae81bba4a601383cc83ebb5b97fd3a5aa2e6916f2470cd106d46e51edf6376a3

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Mon, 17 Jan 2022 06:58:53 GMT
age
0
ETag
"84418db06fbd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24542
242245.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/242245.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
c6e35365aaada99d091e66776c0273918b9aaa44ec7a0204de1ea0ab64034c0b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Sun, 16 Jan 2022 20:49:23 GMT
age
0
ETag
"ec66ef8a1abd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25674
242242.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/242242.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
871afd8d5c5f4581c90eb7ef7eb79ff7b6210cd3a78996782be0e589da682ec0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Sun, 16 Jan 2022 19:53:27 GMT
age
0
ETag
"e93982ba12bd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29785
world.png
www.farfeshplus.online/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/images/world.png
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
6cb13cab2b0f024fef0f4604fc58761383645dce17a443b16a37b151f8eb9b95

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Sat, 25 Nov 2017 18:19:16 GMT
age
0
ETag
"309e5ae71966d31:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/png
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3791
242249.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/242249.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
99c026411e53cdfc3db357c45c4fec902c3c03d4af9feb36965090b42d3cc403

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Mon, 17 Jan 2022 09:25:51 GMT
age
0
ETag
"41565d3884bd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34360
242246.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/242246.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
2e0443a7e7ea5ebd4d76f314449485fa0514629fe7f82af6978178ded9946fdc

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Sun, 16 Jan 2022 21:02:24 GMT
age
0
ETag
"615e6b5c1cbd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29711
242229.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/242229.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
565222ab9fc79b51b743f6ca00c2aeb34816cf9d61795797baf40297a060f269

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Sat, 15 Jan 2022 20:22:28 GMT
age
0
ETag
"18f6aa9d4dad81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33394
health.png
www.farfeshplus.online/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/images/health.png
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
f5b92ca86bc0cbf1aed51d9dc96f80eaa2eccfec08083c8f316ae643f0c13a95

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Sat, 25 Nov 2017 18:19:16 GMT
age
0
ETag
"f0605fe71966d31:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/png
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3495
242235.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/242235.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
ef845b10315a6f2250ef0056cd0bea9b4f044673b6807456731ae25ae84cea4d

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Sun, 16 Jan 2022 08:09:10 GMT
age
0
ETag
"8db66e57b0ad81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24237
242225.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/242225.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
dfaf3a28db4a56b9cdb47dd0207869e71f5f16ef55f6bf7c4b950bd964efe1ad

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Sat, 15 Jan 2022 19:11:37 GMT
age
0
ETag
"5c5653b843ad81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
44361
242226.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/242226.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
4aee86878e086a5b8dccb4244af0536f33042fb6548718b82495645a6ac73185

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Sat, 15 Jan 2022 19:21:18 GMT
age
0
ETag
"d3b701245ad81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36380
women.png
www.farfeshplus.online/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/images/women.png
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
d9f5159bdce22970954434465e61b0bbcaaef31dd427d8d6baf1233b5575b5ee

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Sat, 25 Nov 2017 18:19:16 GMT
age
0
ETag
"118566e71966d31:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/png
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4213
242244.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/242244.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
342cc4e23d1403b6e3ab5bcadaca7d87380633edee71f9d90f7ecc453e091c58

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Sun, 16 Jan 2022 20:21:21 GMT
age
0
ETag
"bded1ba016bd81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23414
242234.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/242234.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
6f98af97ab538ebaab17fccbde794232b5042e8573004280172759c00ad17a8e

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Sun, 16 Jan 2022 07:11:13 GMT
age
0
ETag
"7b10d53ea8ad81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22395
242208.jpg
www.farfeshplus.online/pic_server/articles_images/Out-image/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/pic_server/articles_images/Out-image/242208.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
afcefd979b86557dad008a31968440b63811f0a984e174fac363075e753e9735

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Fri, 14 Jan 2022 13:03:56 GMT
age
0
ETag
"e1127530479d81:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25331
impl.v14.0.0.js
live.demand.supply/ 		78 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/impl.v14.0.0.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47a00c205ac23427984e572961850c21efd9d16502680c3876904f4a9840e61d

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FKEFKNZGD9ZVC0KK5CB35266
date
Tue, 18 Jan 2022 09:57:15 GMT
content-encoding
br
cf-cache-status
HIT
age
1520899
cf-polished
origSize=79681
cf-ray
6cf6f5451c353749-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"ce85a984a9876904f1c4ef475c2ab350-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
d3d3LmZhcmZlc2hwbHVzLm9ubGluZS8=
live.demand.supply/p4/v14-0-0/ 		954 B
592 B 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/p4/v14-0-0/d3d3LmZhcmZlc2hwbHVzLm9ubGluZS8=
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9afc605ef0248073b332a3583d096ca17866d9dff1eaef4b532c49062f905926

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:15 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
6cf6f5452c4d3749-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
e.js
live.demand.supply/e/ 		0
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?e=ll&d=285&cs=c&dsReferer=aHR0cHM6Ly93d3cuZmFyZmVzaHBsdXMub25saW5lL0ZQNDUuYXNw
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FN1M30SHF2WQPN8YVPXMXTD0
date
Tue, 18 Jan 2022 09:57:15 GMT
cf-cache-status
HIT
age
13881
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6cf6f54548563757-MXP
d3d3LmZhcmZlc2hwbHVzLm9ubGluZS9GUDQ1LmFzcA==
live.demand.supply/p4/v14-0-0/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/p4/v14-0-0/d3d3LmZhcmZlc2hwbHVzLm9ubGluZS9GUDQ1LmFzcA==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4362e8863812121758b54f3759e338a0bde5ff8a6ce818a267101d9c43c5ed9

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:16 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
6cf6f546adbf5a07-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ds.2.html
live.demand.supply/ 		413 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/ds.2.html
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FMYKP4Q432RRAV49NAVF43XX
date
Tue, 18 Jan 2022 09:57:15 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
timing-allow-origin
*
age
10957
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
cf-ray
6cf6f54538553757-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bootstrap.min.css
www.farfeshplus.online/s.farfesh/Css/ 		118 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.farfeshplus.online/s.farfesh/Css/bootstrap.min.css
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/s.farfesh/Css/CssClear1.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/s.farfesh/Css/CssClear1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:15 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Oct 2017 12:06:51 GMT
age
0
ETag
"af7da4ee763bd31:0"
X-Cacheable
YES
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/css
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27695
atrk.js
certify-js.alexametrics.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://certify-js.alexametrics.com/atrk.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-67.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
Age
22952990
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA6-C1
X-Amz-Cf-Id
5TIp13WomLV_ZJBOQE-jg9BU_bwMWHPiGxrjIPJfy58OaCDQMduWmg==
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7273a28495a4bc6feaba27e5a03b6e5489a72620b3180a764fd3d3f6a9dc6781
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
RiS6xKRwTCVzq0zN43Ph9g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Tue, 18 Jan 2022 10:03:25 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
LLt4AxmaxGvl5H0912kdlbm9CyfqU1QXwtsJJCfzf+OiPFGrR2+KN1T6yi0p2gLXFi34Z/JFmA8AEwio9xxYuA==
x-fb-trip-id
2050670934
x-fb-content-md5
f26ad39fcec0caada2f64e5fbe7bb5e3
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 18 Jan 2022 09:57:16 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"85686b2a4c41d69a25fe61b017b79f21"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
farfeshplusmasterBR.jpg
www.farfeshplus.online/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/images/farfeshplusmasterBR.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/s.farfesh/Css/CssClear1.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
ac7b85c89057a31981b2af0d754be1b67ab4af30d0d0b99e3088ea38562e2f38

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/s.farfesh/Css/CssClear1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:15 GMT
Last-Modified
Thu, 05 Oct 2017 06:29:33 GMT
age
0
ETag
"ca42b54ea33dd31:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3887
farfeshplasmasterlogo215x54.new.jpg
www.farfeshplus.online/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/images/farfeshplasmasterlogo215x54.new.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/s.farfesh/Css/CssClear1.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
8a4ff76232f9c5b9a8829282a44f96a88ad7c45f64ac597228805b1e8e6074ef

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/s.farfesh/Css/CssClear1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Sat, 25 Nov 2017 14:02:31 GMT
age
0
ETag
"a910839f665d31:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8143
search1.jpg
www.farfeshplus.online/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/images/search1.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/s.farfesh/Css/CssClear1.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
fa40f4a8ee08b163e5c78cd66b81799e23cb9a95ee661c1218a11fc6f3d02431

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/s.farfesh/Css/CssClear1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Sat, 14 Oct 2017 15:06:45 GMT
age
0
ETag
"c9f9f7cfe44d31:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1641
orang_back2.jpg
www.farfeshplus.online/images/ 		403 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.farfeshplus.online/images/orang_back2.jpg
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
e1ef7800360b198e12835c27f1b5c5f7c331f6110c9488266b9d3a138943f37b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/FP45.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Mon, 02 Oct 2017 06:56:39 GMT
age
0
ETag
"89f580984b3bd31:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
image/jpeg
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
403
thesansarabic-plain-webfont.woff2
www.farfeshplus.online/fontsNew/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://www.farfeshplus.online/fontsNew/thesansarabic-plain-webfont.woff2
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/fontsNew/fonts.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash

Request headers

Referer
https://www.farfeshplus.online/fontsNew/fonts.css
Origin
https://www.farfeshplus.online
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
X-Cacheable
YES
age
0
X-Cache
HIT
Content-Type
text/html; charset=utf-8
cache-control
max-age=300
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7355
pubads_impl_2022011002.js
securepubads.g.doubleclick.net/gpt/ 		352 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:16:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2473
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121009
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 21:10:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 18 Jan 2023 09:16:03 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		233 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.farfeshplus.online
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
c360230e514279bc6deabf591a7ad22707d3821ca9a813f45731c2954c0f64da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 Jan 2022 09:57:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130
x-xss-protection
0
expires
Tue, 18 Jan 2022 09:57:16 GMT
cookie.js
partner.googleadservices.com/gampad/ 		222 B
420 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.farfeshplus.online&callback=_gfp_s_&client=ca-pub-1231661633440980
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online&bust=31064017
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
618ebcd125b549da2e07106c29e898b42017bff3c9664e7169647ad950e14b34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
integrator.js
adservice.google.it/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.it/adsid/integrator.js?domain=www.farfeshplus.online
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online&bust=31064017
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 Jan 2022 09:57:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.farfeshplus.online
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online&bust=31064017
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 Jan 2022 09:57:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&tn=DIV&cls=plus_sulvo_160x600&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 403A 		291 KB
65 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&adk=1812271804&adf=3025194257&lmt=1642499837&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837082&bpp=10&bdt=543&idt=204&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3444761792216&frm=20&pv=2&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=223
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online&bust=31064017
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ee5b9c1a8c9ac9363f1471448a43ace67091f63d91d7c3e2cb0a0706bbb7062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 18 Jan 2022 09:57:16 GMT
server
cafe
content-length
66620
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 18 Jan 2022 09:57:16 GMT
cache-control
private
wrapper_hb_323303_12961.es6.js
player.adtelligent.com/prebidlink/456249/ 		69 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/456249/wrapper_hb_323303_12961.es6.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/farfeshdyn.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
e76eb54933180fb19b04705667782dd16c475c3f6a992dbaf9cfa3136ff0915d

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:16 GMT
content-encoding
gzip
last-modified
Fri, 19 Nov 2021 11:37:12 GMT
server
nginx
etag
W/"61978c68-113d4"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 18 Jan 2022 10:57:16 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
adipolo_logo.png
adipolo.com/wp-content/uploads/2020/06/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adipolo.com/wp-content/uploads/2020/06/adipolo_logo.png
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:81bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3353
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7068
last-modified
Tue, 02 Jun 2020 09:04:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CaToefW1hcCyLUTblX5bybE5nSD%2BdesqgOqz5bXuS%2B81cKBlIHQsuBZKhA6R8oyKmr%2Bi6IBZnQ71Hkzs2PZp6F8tKagCTV1Phe8SJ%2BsjJmziiH%2F8crjf%2B2oUv7CoB4hNxd7WBAQ%2Brd1FSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6cf6f54bdbd53756-MXP
thesansarabic-plain-webfont.woff
www.farfeshplus.online/fontsNew/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://www.farfeshplus.online/fontsNew/thesansarabic-plain-webfont.woff
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/fontsNew/fonts.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash

Request headers

Referer
https://www.farfeshplus.online/fontsNew/fonts.css
Origin
https://www.farfeshplus.online
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
X-Cacheable
YES
age
0
X-Cache
HIT
Content-Type
text/html; charset=utf-8
cache-control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7353
ads
googleads.g.doubleclick.net/pagead/ Frame 59DD 		69 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=250&slotname=2097210043&adk=239546933&adf=355767990&pi=t.ma~as.2097210043&w=300&lmt=1642499837&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837372&bpp=3&bdt=832&idt=3&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3444761792216&frm=20&pv=2&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=3946&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&btvi=1&fsb=1&xpc=xy9UMBP64u&p=https%3A//www.farfeshplus.online&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online&bust=31064017
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36d5b8b4e2559cb87d5df3c451a4e4d29e4591e4f5af48ffc49e12934a6f1ffc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 18 Jan 2022 09:57:16 GMT
server
cafe
content-length
27737
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 18 Jan 2022 09:57:16 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame DA29 		436 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=600&slotname=7260452004&adk=1988084761&adf=854766408&pi=t.ma~as.7260452004&w=120&lmt=1642499837&psa=0&format=120x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837093&bpp=2&bdt=553&idt=293&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=StHpO5pIwn&p=https%3A//www.farfeshplus.online&dtd=297
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online&bust=31064017
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4270b933a1c32d89e9b162b6d2127564fa98ab9d46bdcd67c0c7424d7f46a34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 18 Jan 2022 09:57:16 GMT
server
cafe
content-length
212
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 18 Jan 2022 09:57:16 GMT
cache-control
private
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-192956646-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3370
date
Tue, 18 Jan 2022 09:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 18 Jan 2022 11:01:06 GMT
js
www.googletagmanager.com/gtag/ 		165 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DNX5KLEBSB&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-192956646-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
13eb588eaec75b2f262d8a9a759fdc3eecc6278aa22da71e9261475eba8e20a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:16 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62563
x-xss-protection
0
expires
Tue, 18 Jan 2022 09:57:16 GMT
collect
www.google-analytics.com/g/ 		0
176 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-DNX5KLEBSB&gtm=2oe1c0&_p=2103662247&sr=1600x1200&ul=en-us&cid=321309147.1642499837&_s=1&dl=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&dt=Farfesh.com%20%7C%20%D9%85%D9%88%D9%82%D8%B9%20%D9%81%D8%B1%D9%81%D8%B4&sid=1642499837&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DNX5KLEBSB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.farfeshplus.online/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.farfeshplus.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 0263 		82 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=250&slotname=6076681977&adk=2278793534&adf=1225210277&pi=t.ma~as.6076681977&w=300&lmt=1642499837&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837424&bpp=1&bdt=884&idt=1&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600&nras=1&correlator=3444761792216&frm=20&pv=2&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4681&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=12&uci=a!c&btvi=2&fsb=1&xpc=D5s87EYeoK&p=https%3A//www.farfeshplus.online&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online&bust=31064017
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
540241053a5a54a861f421856a3f8ff0ba02f62caf95b8d2863b98ba1fccbf5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 18 Jan 2022 09:57:16 GMT
server
cafe
content-length
29305
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 18 Jan 2022 09:57:16 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame B852 		436 B
234 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=3827245123&adk=203976336&adf=54630664&pi=t.ma~as.3827245123&w=120&lmt=1642499837&psa=0&format=120x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837095&bpp=1&bdt=556&idt=337&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&xpc=wKGiLfP3VT&p=https%3A//www.farfeshplus.online&dtd=341
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online&bust=31064017
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47daa94889ea5783bc3af536a7caf0b98bd9321c26bd0b21cde2ea1cef1846be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 18 Jan 2022 09:57:16 GMT
server
cafe
content-length
211
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 18 Jan 2022 09:57:16 GMT
cache-control
private
sdb.css
live.demand.supply/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/css/sdb.css
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FQDSYWMJYYWZFTQ3JDYGKAQA
date
Tue, 18 Jan 2022 09:57:16 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
10560
etag
W/"9bafda7cf8dec16f272df141e953a55a-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
max-age=2592000,immutable,stale-if-error=604800
cf-ray
6cf6f548fc6b5a07-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
farfeshplus.online_728x90_sticky_display_bottom_new-sticky-right
live.demand.supply/cp/ 		26 B
255 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/farfeshplus.online_728x90_sticky_display_bottom_new-sticky-right?mlos=wi&mlbr=ch&mlla=en&mlbs=52&dsReferer=aHR0cHM6Ly93d3cuZmFyZmVzaHBsdXMub25saW5lL0ZQNDUuYXNw
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae5096784eed9338131cbece007f7d2b03efbd2eb411e59eaf783b2a28a0b2f8

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
6cf6f548f9213757-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26
farfeshplus.online_728x90_sticky_display_bottom_stiky-bottom
live.demand.supply/cp/ 		26 B
255 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/farfeshplus.online_728x90_sticky_display_bottom_stiky-bottom?mlos=wi&mlbr=ch&mlla=en&mlbs=52&dsReferer=aHR0cHM6Ly93d3cuZmFyZmVzaHBsdXMub25saW5lL0ZQNDUuYXNw
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae5096784eed9338131cbece007f7d2b03efbd2eb411e59eaf783b2a28a0b2f8

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
6cf6f548f9243757-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26
farfeshplus.online_fluid_lb_farfesh728x90
live.demand.supply/cp/ 		26 B
255 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/farfeshplus.online_fluid_lb_farfesh728x90?mlos=wi&mlbr=ch&mlla=en&mlbs=52&dsReferer=aHR0cHM6Ly93d3cuZmFyZmVzaHBsdXMub25saW5lL0ZQNDUuYXNw
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae5096784eed9338131cbece007f7d2b03efbd2eb411e59eaf783b2a28a0b2f8

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
6cf6f548f9253757-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26
all.js
connect.facebook.net/en_US/ 		285 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=0acc037d259e860421290c8fdd480610
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d8ab03093bda2ecb8dab8d03a8f1709d03f8a658f45f76071c3356b551df6aa3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.farfeshplus.online/
Origin
https://www.farfeshplus.online
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
wznaj1mSxvO/kNc1/SLgzg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
82088
x-fb-rlafr
0
x-fb-debug
MG95EEziBKxtkWS7XEC+a24BJ+MzWb1Crz7UgcFmZybAVm85pgPTcKlWRiqVl+dz2uOLJZEgwfScejqNmkvU/Q==
x-fb-content-md5
b5dc9cbb0df3881ffd8fbc7d98e897f6
x-frame-options
DENY
date
Tue, 18 Jan 2022 09:57:16 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"3736cda6658021a7d825732549ef3e18"
timing-allow-origin
*
priority
u=3,i
expires
Wed, 18 Jan 2023 08:36:43 GMT
atrk.gif
certify.alexametrics.com/ 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Farfesh.com%20%7C%20%D9%85%D9%88%D9%82%D8%B9%20%D9%81%D8%B1%D9%81%D8%B4&time=1642499837465&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&random_number=13850450305&sess_cookie=cffe014117e6c9e8e1777eec7cf&sess_cookie_flag=1&user_cookie=cffe014117e6c9e8e1777eec7cf&user_cookie_flag=1&dynamic=true&domain=farfeshplus.online&account=FnJwi1aUS/00MS&jsv=20130128&user_lang=en-US
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-17.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 06:00:53 GMT
Via
1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
14183
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
FRA50-C1
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
0GHObowK4WKx3VbgaZqbuOqj3iNmZ-u5Nm3H5Apa5-Ah_pt3fnPIFA==
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f16:bc:1200:78ca:598c:4091:a825 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:17 GMT
server
Server
ads
googleads.g.doubleclick.net/pagead/ Frame 45E8 		436 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=8400035594&adk=833794805&adf=3132389021&pi=t.ma~as.8400035594&w=160&lmt=1642499837&psa=0&format=160x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837096&bpp=1&bdt=556&idt=371&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=5G8e0EK2V6&p=https%3A//www.farfeshplus.online&dtd=384
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online&bust=31064017
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9557f56f3619f28850559dec8f9a05189b3d6f00f209f45be3de4d5f77dfeddc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 18 Jan 2022 09:57:16 GMT
server
cafe
content-length
212
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 18 Jan 2022 09:57:16 GMT
cache-control
private
ads
securepubads.g.doubleclick.net/gampad/ 		194 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1708355280932279&correlator=732788536155484&output=ldjh&impl=fifs&eid=31061814%2C31063820%2C31063871&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220118&iu_parts=60345044%2CNew_Pirsom_Top%2CFarfeshplus_Disply_Adsense%2CFarfeshplus_Adsense_120x600%2CFarfeshplus_Adsense_160x600%2CFarfeshplus_Adsense_300x250%2CFarfeshplus_Adsense_300x600%2CFarfeshplus_Adsense_320x100%2CFarfeshplus_Adsense_320x50%2CFarfeshplus_Adsense_728x90%2CFarfeshplus_Adsense_970x250%2CFarfeshplus_Adsense_970x90%2CFarfeshplus_Adsense_Mobile_300x250%2CFarfeshplus_Adsense_Mobile_320x100%2CFarfeshplus_Adsense_Mobile_320x50%2CFarfeshplus_Adsense_1x1%2CFarfeshplus_Adsense_2x2&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5%2C%2F0%2F1%2F2%2F6%2C%2F0%2F1%2F2%2F7%2C%2F0%2F1%2F2%2F8%2C%2F0%2F1%2F2%2F9%2C%2F0%2F1%2F2%2F10%2C%2F0%2F1%2F2%2F11%2C%2F0%2F1%2F2%2F12%2C%2F0%2F1%2F2%2F13%2C%2F0%2F1%2F2%2F14%2C%2F0%2F1%2F2%2F15%2C%2F0%2F1%2F2%2F16&prev_iu_szs=120x600%2C160x600%2C300x250%2C300x600%2C320x100%2C320x50%2C728x90%2C970x250%2C970x90%2C300x250%2C320x100%2C320x50%2C1x1%2C2x2&cookie_enabled=1&bc=31&abxe=1&lmt=1642499837&dt=1642499837555&dlt=1642499836540&idt=970&frm=20&biw=1600&bih=1200&oid=2&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adks=1526976730%2C1651502043%2C3656393900%2C4154195829%2C2147660256%2C3973651019%2C3130311824%2C2170074160%2C2951505691%2C1626958939%2C1572793433%2C287711858%2C897820444%2C3574112895&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce&ifi=14&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&vis=1&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=true&fws=2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
b6b3afd4f4b9c35753012b5563ef16922a6ae7d25590cc164d3519ee4bb54bd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:16 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31040
x-xss-protection
0
google-lineitem-id
-2,-1,-2,-1,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-1,-2,-1,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.farfeshplus.online
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		456 KB
60 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1708355280932279&correlator=732788536155484&output=ldjh&impl=fifs&eid=31061814%2C31063820%2C31063871&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220118&iu_parts=14363285%2Cfarfesh1%2Cfarfeshplus2%2Cfarfeshplus160x600%2Cfarfeshplus970%2Cplus1%2Cplusmobile1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F6&prev_iu_szs=728x90%2C336x280%2C160x600%2C970x90%2C300x600%2C300x250%2C300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1642499837&dt=1642499837560&dlt=1642499836540&idt=970&frm=20&biw=1600&bih=1200&oid=2&adxs=-9%2C-9%2C1020%2C315%2C-9%2C-9%2C-9&adys=-9%2C-9%2C3424%2C6146%2C-9%2C-9%2C-9&adks=776271603%2C3322378304%2C2979733013%2C824285408%2C2632367365%2C110824952%2C3481022382&ucis=f%7Cg%7Ch%7Ci%7Cj%7Ck%7Cl&ifi=28&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&vis=1&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C160x600%7C970x90%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C160x-1%7C970x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=true&fws=2%2C2%2C4%2C4%2C2%2C2%2C2&ohw=0%2C0%2C1600%2C1600%2C0%2C0%2C0&btvi=-1%7C-1%7C1%7C2%7C-1%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
684a1b03dd8acea7f3800bf1238d5e0183c8060a60c4db2bb086317bf935e7df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61754
x-xss-protection
0
google-lineitem-id
-2,-1,-1,-1,-1,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-1,-1,-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.farfeshplus.online
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		187 KB
41 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1708355280932279&correlator=732788536155484&output=ldjh&impl=fifs&eid=31061814%2C31063820%2C31063871&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220118&iu_parts=21806386006%2CPA_FP_TOP%2CFP.com&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=300x250%2C468x60%2C320x50%2C728x90%2C160x600%7C120x600%7C300x600%2C1x1%2C1x1&ists=1&cookie_enabled=1&bc=31&abxe=1&lmt=1642499837&dt=1642499837564&dlt=1642499836540&idt=970&frm=20&biw=1600&bih=1200&oid=2&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adks=2224618779%2C4108430986%2C2669165439%2C3470492618%2C14602686%2C1112794037%2C1112794038&ucis=m%7Cn%7Co%7Cp%7Cq%7Cr%7Cs&ifi=35&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&vis=1&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=true&fws=2%2C2%2C2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
bdfa8fc670ea901a70e89fefe2353a557a8c0e75c281a347558015526e5563e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:16 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42264
x-xss-protection
0
google-lineitem-id
-2,-2,-1,-1,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-1,-1,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.farfeshplus.online
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		116 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1708355280932279&correlator=732788536155484&output=ldjh&impl=fifs&eid=31061814%2C31063820%2C31063871&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220118&iu_parts=21939239661%3A22477364305%2Capl%2Cinter&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ists=1&fas=8&cookie_enabled=1&bc=31&abxe=1&lmt=1642499837&dt=1642499837566&dlt=1642499836540&idt=970&frm=20&biw=1600&bih=1200&oid=2&adxs=-9&adys=-9&adks=2609283221&ucis=t&ifi=42&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=true&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
6445368957b4fd4503fa1b75e85ab626dc589032d5456139c98fcf19913d6197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31579
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.farfeshplus.online
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 23B4 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 18 Jan 2022 09:57:16 GMT
expires
Wed, 18 Jan 2023 09:57:16 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pubads_impl_page_level_ads_2022011002.js
securepubads.g.doubleclick.net/gpt/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022011002.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
5132d372cb173a8a03581054f07b694cf11fbdce25ca75e0b9676abeecd101f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 18:50:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
400029
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12969
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 21:10:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 13 Jan 2023 18:50:07 GMT
thesansarabic-plain-webfont.ttf
www.farfeshplus.online/fontsNew/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.farfeshplus.online/fontsNew/thesansarabic-plain-webfont.ttf
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/fontsNew/fonts.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.18.205.182 Jerusalem, Israel, ASN61102 (INTERHOST, IL),
Reverse DNS
182.205.interhost.co.il
Software
/
Resource Hash
29284b45a7fc45684d9643d2da72c9010f383f7cb63a82c783913719b266e0d2

Request headers

Referer
https://www.farfeshplus.online/fontsNew/fonts.css
Origin
https://www.farfeshplus.online
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Last-Modified
Mon, 02 Oct 2017 07:12:27 GMT
age
0
ETag
"d5e299cd4d3bd31:0"
X-Cacheable
YES
X-Cache
HIT
Content-Type
application/octet-stream
cache-control
max-age=300
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
51232
ads
googleads.g.doubleclick.net/pagead/ Frame D251 		55 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=2065248459&adk=1530395088&adf=1056458448&pi=t.ma~as.2065248459&w=300&lmt=1642499837&psa=0&format=300x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837097&bpp=1&bdt=558&idt=496&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=spoXDkDko4&p=https%3A//www.farfeshplus.online&dtd=501
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online&bust=31064017
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fe1f4cbef8809eee7f73028e9a4fadbad6099740842dee943c2fae27eee09852
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 18 Jan 2022 09:57:17 GMT
server
cafe
content-length
26461
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 18 Jan 2022 09:57:17 GMT
cache-control
private
integrator.js
adservice.google.it/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.it/adsid/integrator.js?domain=www.farfeshplus.online
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online&bust=31064017
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 Jan 2022 09:57:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.farfeshplus.online
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online&bust=31064017
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 Jan 2022 09:57:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2975 		96 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1738279810&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1642499837&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837136&bpp=5&bdt=596&idt=476&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=utUxa3igyK&p=https%3A//www.farfeshplus.online&dtd=480
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online&bust=31064017
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6a1cf3b26935400970c16bb9eb2cc746c3cc73a702e53e4f1632e5508d5de53
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJTPsNqEu_UCFQbCdwodWGwEzQ&gqi=_I7mYfqWHcWClQey4aXwBg&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJTPsNqEu_UCFQbCdwodWGwEzQ&gqi=_I7mYfqWHcWClQey4aXwBg&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 18 Jan 2022 09:57:16 GMT
server
cafe
content-length
32853
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 18 Jan 2022 09:57:16 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 0C38 		17 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3388934107&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837157&bpp=1&bdt=618&idt=478&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=OQC0fQNSPT&p=https%3A//www.farfeshplus.online&dtd=482
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online&bust=31064017
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
93b59e3083f08014a87cc98506a35aaa18ea78568dd127294c3c25ab4a971aaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 18 Jan 2022 09:57:16 GMT
server
cafe
content-length
9412
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 18 Jan 2022 09:57:16 GMT
cache-control
private
e.js
live.demand.supply/x/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=fs&dsReferer=aHR0cHM6Ly93d3cuZmFyZmVzaHBsdXMub25saW5lL0ZQNDUuYXNw
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FMTVHVB9SGGBJQ6R0F1KD962
date
Tue, 18 Jan 2022 09:57:16 GMT
cf-cache-status
HIT
age
222737
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6cf6f54a1c1b3757-MXP
ads
googleads.g.doubleclick.net/pagead/ Frame FBA2 		18 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=2889027078&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837175&bpp=1&bdt=636&idt=488&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1482&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=QKk4MsTAEe&p=https%3A//www.farfeshplus.online&dtd=490
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online&bust=31064017
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b0eeb29a3c4344f0230f42cb86d58715f59f3ed6d9c93290ab567889a75e8188
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 18 Jan 2022 09:57:16 GMT
server
cafe
content-length
9892
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 18 Jan 2022 09:57:16 GMT
cache-control
private
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=382287608570983&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=0acc037d259e860421290c8fdd480610
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
+c24jHMesvvu5u1sadvTQCCgb4juOGqtaHKwFWhGaxvwZHGEifo9yr14UWXXUsKKw80bM4pexk1yvfAsN3qjSw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
date
Tue, 18 Jan 2022 09:57:16 GMT
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.farfeshplus.online
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame BC18 		96 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=194721897&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1642499837&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837225&bpp=4&bdt=685&idt=465&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=2416&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=MOK4ELxiBJ&p=https%3A//www.farfeshplus.online&dtd=467
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online&bust=31064017
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c2944a9cc87b80c4ad8aaaa657319cdbc404bc52a99ed8b96bab556bbb6cadd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 18 Jan 2022 09:57:17 GMT
server
cafe
content-length
33869
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 18 Jan 2022 09:57:17 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 9573 		21 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=280&slotname=9134183485&adk=3378407940&adf=4248194979&pi=t.ma~as.9134183485&w=336&lmt=1642499837&psa=0&format=336x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837268&bpp=5&bdt=728&idt=432&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90%2C728x90%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=3181&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=5&fsb=1&xpc=UYbEHJCse8&p=https%3A//www.farfeshplus.online&dtd=434
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online&bust=31064017
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e8255667795edb2bb27ff597ffec1ef9ff8dee1b2a27a5d4f616d2d5c9d6a8f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 18 Jan 2022 09:57:17 GMT
server
cafe
content-length
10296
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 18 Jan 2022 09:57:17 GMT
cache-control
private
16738594392092802519
tpc.googlesyndication.com/simgad/ Frame 59DD 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16738594392092802519?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmFp6fu1vqIgsJVul5KvUoYJHoCyg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=250&slotname=2097210043&adk=239546933&adf=355767990&pi=t.ma~as.2097210043&w=300&lmt=1642499837&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837372&bpp=3&bdt=832&idt=3&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3444761792216&frm=20&pv=2&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=3946&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&btvi=1&fsb=1&xpc=xy9UMBP64u&p=https%3A//www.farfeshplus.online&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edd8c18fdeda20fa4a770ace77af7d67b08ca26ca1788558f30d3afc9a80ff5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 20:05:01 GMT
x-content-type-options
nosniff
age
481935
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30570
x-xss-protection
0
last-modified
Sun, 31 Oct 2021 11:50:33 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 12 Jan 2023 20:05:01 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame 59DD 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=250&slotname=2097210043&adk=239546933&adf=355767990&pi=t.ma~as.2097210043&w=300&lmt=1642499837&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837372&bpp=3&bdt=832&idt=3&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3444761792216&frm=20&pv=2&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=3946&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&btvi=1&fsb=1&xpc=xy9UMBP64u&p=https%3A//www.farfeshplus.online&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:52:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
316
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:52:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 59DD 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=250&slotname=2097210043&adk=239546933&adf=355767990&pi=t.ma~as.2097210043&w=300&lmt=1642499837&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837372&bpp=3&bdt=832&idt=3&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3444761792216&frm=20&pv=2&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=3946&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&btvi=1&fsb=1&xpc=xy9UMBP64u&p=https%3A//www.farfeshplus.online&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:54:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
195
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:54:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 59DD 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=250&slotname=2097210043&adk=239546933&adf=355767990&pi=t.ma~as.2097210043&w=300&lmt=1642499837&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837372&bpp=3&bdt=832&idt=3&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3444761792216&frm=20&pv=2&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=3946&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&btvi=1&fsb=1&xpc=xy9UMBP64u&p=https%3A//www.farfeshplus.online&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 18 Jan 2022 09:57:16 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 59DD 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=250&slotname=2097210043&adk=239546933&adf=355767990&pi=t.ma~as.2097210043&w=300&lmt=1642499837&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837372&bpp=3&bdt=832&idt=3&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3444761792216&frm=20&pv=2&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=3946&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&btvi=1&fsb=1&xpc=xy9UMBP64u&p=https%3A//www.farfeshplus.online&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:32:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1513
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:32:03 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 59DD 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=250&slotname=2097210043&adk=239546933&adf=355767990&pi=t.ma~as.2097210043&w=300&lmt=1642499837&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837372&bpp=3&bdt=832&idt=3&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3444761792216&frm=20&pv=2&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=3946&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&btvi=1&fsb=1&xpc=xy9UMBP64u&p=https%3A//www.farfeshplus.online&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea6883243d3b8bc4d5890f404e6aacd73e92f75ff9e5d1031ba35d355877dfa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1286
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11395
x-xss-protection
0
server
cafe
etag
13428216562775282503
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:35:50 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 59DD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CAEEG_I7mYfK9EJ2JiM0P5P6imAOypv3VZqmT66XfDpKimoGJJxABIK2JgyZg_YKRhOgRoAHp3sySAsgBAqkCZYc6tIwesz6oAwHIA8kEqgT-AU_QCTdj5fIxnJbF1xyxjGGgN24aJ-XytHSd0zW5gTFXMDeWaaOpipr8DJVuwkROA0Vk96zK4_9FE-8jKv6QV9YAHZCvvDwjwxtjP8u3FeizGVupXNlWUgkr4sZp7L2wD0KW4zJ9IokesKs3FLt6iuona4XENnNasTOdhCdFVxPAlFe9TzNVr6sIeGp0INymrs5LKaFfaeBYkJ7rdsRdHvRIZfl0Yh3GFxZcuJSkGlYVemofD5wkVxtz42lzGs8CiTeTwtKNI80786XCosMxyRyamiVL-uVoLf25ZaQr3Cq7UHaraXDftDiRNHV5YLYEzfPP74TY5uW8I4uROprcwASspOPZ4QOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAH_6Cz7QGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDitgLSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNjI2NjMxMzE5MDA4NzE3MxgA&sigh=20yd66ldasQ&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=250&slotname=2097210043&adk=239546933&adf=355767990&pi=t.ma~as.2097210043&w=300&lmt=1642499837&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837372&bpp=3&bdt=832&idt=3&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3444761792216&frm=20&pv=2&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=3946&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&btvi=1&fsb=1&xpc=xy9UMBP64u&p=https%3A//www.farfeshplus.online&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=250&slotname=2097210043&adk=239546933&adf=355767990&pi=t.ma~as.2097210043&w=300&lmt=1642499837&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837372&bpp=3&bdt=832&idt=3&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3444761792216&frm=20&pv=2&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=3946&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&btvi=1&fsb=1&xpc=xy9UMBP64u&p=https%3A//www.farfeshplus.online&dtd=8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 18 Jan 2022 09:57:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 18 Jan 2022 09:57:16 GMT
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/ 		149 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/reactive_library_fy2019.js?bust=31064017
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online&bust=31064017
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e385929e2dacf4f185f2a6d6655c51aab46d7762b9919743fdb0c59460982b2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54129
x-xss-protection
0
server
cafe
etag
8369074459502766787
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 18 Jan 2022 09:57:16 GMT
css
fonts.googleapis.com/ Frame 0263 		4 KB
871 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=250&slotname=6076681977&adk=2278793534&adf=1225210277&pi=t.ma~as.6076681977&w=300&lmt=1642499837&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837424&bpp=1&bdt=884&idt=1&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600&nras=1&correlator=3444761792216&frm=20&pv=2&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4681&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=12&uci=a!c&btvi=2&fsb=1&xpc=D5s87EYeoK&p=https%3A//www.farfeshplus.online&dtd=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 18 Jan 2022 09:39:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 18 Jan 2022 09:57:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 18 Jan 2022 09:57:16 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 0263 		1 KB
955 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=250&slotname=6076681977&adk=2278793534&adf=1225210277&pi=t.ma~as.6076681977&w=300&lmt=1642499837&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837424&bpp=1&bdt=884&idt=1&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600&nras=1&correlator=3444761792216&frm=20&pv=2&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4681&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=12&uci=a!c&btvi=2&fsb=1&xpc=D5s87EYeoK&p=https%3A//www.farfeshplus.online&dtd=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:54:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
148
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
848
x-xss-protection
0
server
cafe
etag
2277666839114365613
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:54:48 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame 0263 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=250&slotname=6076681977&adk=2278793534&adf=1225210277&pi=t.ma~as.6076681977&w=300&lmt=1642499837&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837424&bpp=1&bdt=884&idt=1&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600&nras=1&correlator=3444761792216&frm=20&pv=2&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4681&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=12&uci=a!c&btvi=2&fsb=1&xpc=D5s87EYeoK&p=https%3A//www.farfeshplus.online&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:52:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
316
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:52:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 0263 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=250&slotname=6076681977&adk=2278793534&adf=1225210277&pi=t.ma~as.6076681977&w=300&lmt=1642499837&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837424&bpp=1&bdt=884&idt=1&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600&nras=1&correlator=3444761792216&frm=20&pv=2&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4681&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=12&uci=a!c&btvi=2&fsb=1&xpc=D5s87EYeoK&p=https%3A//www.farfeshplus.online&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:54:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
195
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:54:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0263 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=250&slotname=6076681977&adk=2278793534&adf=1225210277&pi=t.ma~as.6076681977&w=300&lmt=1642499837&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837424&bpp=1&bdt=884&idt=1&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600&nras=1&correlator=3444761792216&frm=20&pv=2&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4681&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=12&uci=a!c&btvi=2&fsb=1&xpc=D5s87EYeoK&p=https%3A//www.farfeshplus.online&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 18 Jan 2022 09:57:16 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 0263 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=250&slotname=6076681977&adk=2278793534&adf=1225210277&pi=t.ma~as.6076681977&w=300&lmt=1642499837&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837424&bpp=1&bdt=884&idt=1&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600&nras=1&correlator=3444761792216&frm=20&pv=2&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4681&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=12&uci=a!c&btvi=2&fsb=1&xpc=D5s87EYeoK&p=https%3A//www.farfeshplus.online&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1071
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:39:25 GMT
b08052bb948632636d2eb594b39baf17.js
www.gstatic.com/mysidia/ Frame 0263 		27 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b08052bb948632636d2eb594b39baf17.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=250&slotname=6076681977&adk=2278793534&adf=1225210277&pi=t.ma~as.6076681977&w=300&lmt=1642499837&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837424&bpp=1&bdt=884&idt=1&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600&nras=1&correlator=3444761792216&frm=20&pv=2&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4681&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=12&uci=a!c&btvi=2&fsb=1&xpc=D5s87EYeoK&p=https%3A//www.farfeshplus.online&dtd=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7cb23a8c81d8e04f278b4ebbcc8c169c2f602398e4fb0f336dbf71e4752470c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 15:07:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
413375
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11476
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 08:34:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 13 Apr 2022 15:07:41 GMT
e.js
live.demand.supply/e/ 		0
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=farfeshplus.online_728x90_sticky_display_bottom_new-sticky-right&pdc=-1.189457893371582&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly93d3cuZmFyZmVzaHBsdXMub25saW5lL0ZQNDUuYXNw
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FN1M30SHF2WQPN8YVPXMXTD0
date
Tue, 18 Jan 2022 09:57:16 GMT
cf-cache-status
HIT
age
13882
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6cf6f54bb80b3757-MXP
e.js
live.demand.supply/x/ 		0
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=bb&r=farfeshplus.online_728x90_sticky_display_bottom_new-sticky-right&dsReferer=aHR0cHM6Ly93d3cuZmFyZmVzaHBsdXMub25saW5lL0ZQNDUuYXNw
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FMTVHVB9SGGBJQ6R0F1KD962
date
Tue, 18 Jan 2022 09:57:16 GMT
cf-cache-status
HIT
age
222737
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6cf6f54bb80f3757-MXP
downsize_200k_v1
tpc.googlesyndication.com/simgad/9058864365542269041/ Frame 0263 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9058864365542269041/downsize_200k_v1?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=250&slotname=6076681977&adk=2278793534&adf=1225210277&pi=t.ma~as.6076681977&w=300&lmt=1642499837&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837424&bpp=1&bdt=884&idt=1&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600&nras=1&correlator=3444761792216&frm=20&pv=2&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4681&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=12&uci=a!c&btvi=2&fsb=1&xpc=D5s87EYeoK&p=https%3A//www.farfeshplus.online&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f33e058bad7eec4711a93716614b88bd8126b8316320108966e1561d1a1ad941
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 12:45:45 GMT
x-content-type-options
nosniff
age
508291
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6970
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 07:27:49 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 12 Jan 2023 12:45:45 GMT
truncated
/ Frame 0263 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48aeb882805125c1e0ba6175b3406d70e4eee52f19a9b0f87235a621bd998fc8

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
integrator.js
adservice.google.it/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.it/adsid/integrator.js?domain=www.farfeshplus.online
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 Jan 2022 09:57:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.farfeshplus.online
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 Jan 2022 09:57:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1708355280932279&correlator=472427122491817&output=ldjh&impl=fifs&eid=31061814%2C31063820%2C31063871&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220118&iu_parts=44890869%3A14363285%2Cca-pub-3831894559014614-tag%2C65a3b8b5-a365-46ad-8624-299a2fe4d372&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&prev_scp=ti%3Da7e4857e-529a-44b4-a670-64e0af725a26%26bid-p%3Dgoogle%26bsc%3D52&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1642499837&dt=1642499837925&dlt=1642499836540&idt=970&frm=20&biw=1600&bih=1200&oid=2&adxs=1440&adys=300&adks=3124540693&ucis=u&ifi=43&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&vis=1&scr_x=0&scr_y=0&psz=160x-1&msz=160x-1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=true&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
9bc336c091f378cd8d5a2433af885015c5f03b8283b2314ba6703de713bcd91a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10277
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.farfeshplus.online
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
e.js
live.demand.supply/e/ 		0
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=farfeshplus.online_fluid_lb_farfesh728x90&pdc=-1.189457893371582&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly93d3cuZmFyZmVzaHBsdXMub25saW5lL0ZQNDUuYXNw
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FN1M30SHF2WQPN8YVPXMXTD0
date
Tue, 18 Jan 2022 09:57:16 GMT
cf-cache-status
HIT
age
13882
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6cf6f54bd87d3757-MXP
adview
googleads.g.doubleclick.net/pagead/ Frame 0263 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CsyGD_I7mYY-dE6eL-cAP_8eV-AjezviHZ9OhoMecD8jL7LaFAhABIODi2VZg_YKRhOgRoAHZ6u2YA8gBCagDAcgDywSqBIMCT9BTYx6nnX9gTFEnuaOY362qmUV9e2Lr9baPFfiPxFhtW3G685ZWXuHuglsMDlbVLKtyn3H30RKE9U0zKmuqgGfGJj3_BXzX0dZ1yTn1Et1iHoG2v3Qizmb4reCfHzwYCq8FeGYPSnf8aWwMuPaZe2S4MVZ4TUB5rEDGbnzBWKB6FNXnqr9C95K-wPPeqG-8CaQ6K4xGNQM-aZVxUUH3rEkkOk7zAIiv5jN26qpHKKlb9ClIwsFH7zym-EHZeXlhzkJI98G_tKyAMXMhrI4R8ABVtG9wPyfm3SEJ8Ohan4zmesX8PDsTg6BwGkDjJ5qpz-6SoIHuG-V8gqVE9h-g2BWax8AE4Jegpb0DkgUECAQYAZIFBAgFGASgBi6AB4-VkmeoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCXuQPSCAkIgOGAEBABGB-ACgHICwG4E4gn2BMNiBQB0BUBmBYBgBcBshccChoIABIUcHViLTgzNjc3NDk5NTY5MTcwMDYYAA&sigh=aEIWibwCXYo&uach_m=[UACH]&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=250&slotname=6076681977&adk=2278793534&adf=1225210277&pi=t.ma~as.6076681977&w=300&lmt=1642499837&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837424&bpp=1&bdt=884&idt=1&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600&nras=1&correlator=3444761792216&frm=20&pv=2&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4681&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=12&uci=a!c&btvi=2&fsb=1&xpc=D5s87EYeoK&p=https%3A//www.farfeshplus.online&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=250&slotname=6076681977&adk=2278793534&adf=1225210277&pi=t.ma~as.6076681977&w=300&lmt=1642499837&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837424&bpp=1&bdt=884&idt=1&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600&nras=1&correlator=3444761792216&frm=20&pv=2&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4681&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=12&uci=a!c&btvi=2&fsb=1&xpc=D5s87EYeoK&p=https%3A//www.farfeshplus.online&dtd=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 18 Jan 2022 09:57:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		24 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1708355280932279&correlator=544454491857157&output=ldjh&impl=fifs&eid=31061814%2C31063820%2C31063871&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220118&iu_parts=44890869%3A14363285%2Cca-pub-3831894559014614-tag%2C4b2e8cb9-ac1e-4e6e-963c-477114f525dd&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=760x100&prev_scp=ti%3Da7e4857e-529a-44b4-a670-64e0af725a26%26bid-p%3Dgoogle%26bsc%3D52&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1642499837&dt=1642499837951&dlt=1642499836540&idt=970&frm=20&biw=1600&bih=1200&oid=2&adxs=420&adys=1897&adks=3968395854&ucis=v&ifi=44&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&vis=1&scr_x=0&scr_y=0&psz=760x-1&msz=760x-1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=true&fws=4&ohw=1600&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
f9676c052d48afbfc8e6e7e8c5031392a8e8a403e84e3574d8bdfab5b699ebb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11177
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.farfeshplus.online
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=farfeshplus.online_728x90_sticky_display_bottom_stiky-bottom&pdc=-1.189457893371582&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly93d3cuZmFyZmVzaHBsdXMub25saW5lL0ZQNDUuYXNw
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FN1M30SHF2WQPN8YVPXMXTD0
date
Tue, 18 Jan 2022 09:57:16 GMT
cf-cache-status
HIT
age
13882
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6cf6f54c08d03757-MXP
e.js
live.demand.supply/x/ 		0
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=bb&r=farfeshplus.online_728x90_sticky_display_bottom_stiky-bottom&dsReferer=aHR0cHM6Ly93d3cuZmFyZmVzaHBsdXMub25saW5lL0ZQNDUuYXNw
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FMTVHVB9SGGBJQ6R0F1KD962
date
Tue, 18 Jan 2022 09:57:16 GMT
cf-cache-status
HIT
age
222737
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6cf6f54c08d33757-MXP
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1708355280932279&correlator=277240767383384&output=ldjh&impl=fifs&eid=31061814%2C31063820%2C31063871&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220118&iu_parts=44890869%3A14363285%2Cca-pub-3831894559014614-tag%2Ce9294a39-1084-45dd-ae29-dae3d9b8f655&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=ti%3Da7e4857e-529a-44b4-a670-64e0af725a26%26bid-p%3Dgoogle%26bsc%3D52&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1642499837&dt=1642499837962&dlt=1642499836540&idt=970&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1110&adks=1254606430&ucis=w&ifi=45&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&vis=1&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=true&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
b9297514caaa39a77283db64c751a9c85268fc06e51a082c10058f9b0cf3d2ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9713
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.farfeshplus.online
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 49E0 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=250&slotname=2097210043&adk=239546933&adf=355767990&pi=t.ma~as.2097210043&w=300&lmt=1642499837&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837372&bpp=3&bdt=832&idt=3&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3444761792216&frm=20&pv=2&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=3946&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&btvi=1&fsb=1&xpc=xy9UMBP64u&p=https%3A//www.farfeshplus.online&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=250&slotname=2097210043&adk=239546933&adf=355767990&pi=t.ma~as.2097210043&w=300&lmt=1642499837&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837372&bpp=3&bdt=832&idt=3&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3444761792216&frm=20&pv=2&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=3946&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&btvi=1&fsb=1&xpc=xy9UMBP64u&p=https%3A//www.farfeshplus.online&dtd=8

Response headers

x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
145
x-xss-protection
0
date
Tue, 18 Jan 2022 09:04:56 GMT
cache-control
public, max-age=3600
content-type
text/html; charset=UTF-8
age
3140
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 59DD 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a8b1c8f5f8eeb524adc3fe80ae5e0a87169907a2940cfcad7febd891faec673d

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/ Frame D85E 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online&bust=31064017
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4885
x-xss-protection
0
date
Tue, 18 Jan 2022 03:33:39 GMT
expires
Tue, 01 Feb 2022 03:33:39 GMT
cache-control
public, max-age=1209600
age
23017
etag
13671712056976469594
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/ Frame 2032 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online&bust=31064017
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4885
x-xss-protection
0
date
Tue, 18 Jan 2022 03:33:39 GMT
expires
Tue, 01 Feb 2022 03:33:39 GMT
cache-control
public, max-age=1209600
age
23017
etag
13671712056976469594
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
hb_323303_12961.js
player.adtelligent.com/prebidlink/ex19010/ 		371 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/ex19010/hb_323303_12961.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/456249/wrapper_hb_323303_12961.es6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
0875985f354cf3729f6fbbc5c3d16b5066655d5b96677c065232c05517b14293

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:16 GMT
content-encoding
gzip
last-modified
Mon, 17 Jan 2022 18:45:07 GMT
server
nginx
etag
W/"61e5b933-5ca45"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 18 Jan 2022 10:57:16 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
container.html
58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3942 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 18 Jan 2022 09:57:16 GMT
expires
Wed, 18 Jan 2023 09:57:16 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 0263 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5c90f78086301527a04b5596ea3c56b816d1173b97d3f646510df3d2bf9846e

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
/
ghb.adtelligent.com/geo/ 		139 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/456249/wrapper_hb_323303_12961.es6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
ae306870188973eeb4b9ecaef7e901a5f49c6aa35e4ff2aa3c7a42187633b313

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.farfeshplus.online
Date
Tue, 18 Jan 2022 09:57:16 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
139
Content-Type
application/json
tracking
ghb.adtelligent.com/adunit/ 		43 B
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=323303&site_id=12961&full_page_url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&adid=jxzu6o.14&vpbv=N014&lifecycle_tte=2733
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/456249/wrapper_hb_323303_12961.es6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.farfeshplus.online
Date
Tue, 18 Jan 2022 09:57:16 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2103662247&t=pageview&_s=1&dl=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&ul=en-us&de=windows-1256&dt=Farfesh.com%20%7C%20%D9%85%D9%88%D9%82%D8%B9%20%D9%81%D8%B1%D9%81%D8%B4&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=2098076153&gjid=998813225&cid=321309147.1642499837&tid=UA-192956646-1&_gid=1584411792.1642499838&_r=1&gtm=2ou1c0&z=1019054510
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.farfeshplus.online/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.farfeshplus.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 0263 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 14:02:00 GMT
x-content-type-options
nosniff
age
590117
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 11 Jan 2023 14:02:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 0263 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 13:39:48 GMT
x-content-type-options
nosniff
age
332249
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 14 Jan 2023 13:39:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C38 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CnFljlzlA0jjBPlbAoYGU2sVEyRz5LueixF8KkPd0ESOG5R8Np-VA4xneAKGhQKEL9yCirbSXLPARjdx28HdzQ1wIsuJk31U3F36-wy6BH7EO47rE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3388934107&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837157&bpp=1&bdt=618&idt=478&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=OQC0fQNSPT&p=https%3A//www.farfeshplus.online&dtd=482
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 0C38 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3388934107&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837157&bpp=1&bdt=618&idt=478&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=OQC0fQNSPT&p=https%3A//www.farfeshplus.online&dtd=482
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:54:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
196
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:54:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0C38 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3388934107&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837157&bpp=1&bdt=618&idt=478&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=OQC0fQNSPT&p=https%3A//www.farfeshplus.online&dtd=482
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 18 Jan 2022 09:57:17 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 0C38 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3388934107&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837157&bpp=1&bdt=618&idt=478&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=OQC0fQNSPT&p=https%3A//www.farfeshplus.online&dtd=482
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1072
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:39:25 GMT
container.html
58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7B73 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 18 Jan 2022 09:57:16 GMT
expires
Wed, 18 Jan 2023 09:57:16 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
e.js
live.demand.supply/e/ 		0
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0&b=3&r=farfeshplus.online_fluid_lb_farfesh728x90&sy=d8e2c6c6-cfc1-48c3-ac9e-1c400643dda1&ts=52&cd=2&pud=285&pus=c&pue=1411&pid=36&pis=c&pie=1447&ppd=66&pps=a&ppe=1478&pad=140&pas=c&pae=1266&pcl=2215&ttc=2028&tti=2836&ttif=0&lca=1478&lcak=ppe&lct=1478&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.farfeshplus.online&mlre=undefined&mlin=0&mlsi=760x100&mlbw=4g&mlcs=NaN&mltp=a7e4857e-529a-44b4-a670-64e0af725a26&e=lm&dsReferer=aHR0cHM6Ly93d3cuZmFyZmVzaHBsdXMub25saW5lL0ZQNDUuYXNw
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FN1M30SHF2WQPN8YVPXMXTD0
date
Tue, 18 Jan 2022 09:57:17 GMT
cf-cache-status
HIT
age
13883
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6cf6f54e0d9f3757-MXP
pixel
googleads.g.doubleclick.net/xbbe/ Frame C643 		624 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMK8XhDJqr3dAhjop9m-ATAB&v=APEucNVqiMlNqeioD9uY7F4EDjBxkLtRkP2EpcSdZS8cyrxlMXV-SXyBgbfan32L0vcls5ggkChd6Do3A1RSfAytZXmeshT18edVgMHBU32oaerBlYeIw9JCqMg-ECo5BPEi9ft7W63j3lPG-2pFLBYiHcgdpWX1WZZ29cYibOhtasIy5gQkj2U
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3388934107&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837157&bpp=1&bdt=618&idt=478&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=OQC0fQNSPT&p=https%3A//www.farfeshplus.online&dtd=482
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3388934107&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837157&bpp=1&bdt=618&idt=478&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=OQC0fQNSPT&p=https%3A//www.farfeshplus.online&dtd=482

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 18 Jan 2022 09:57:17 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 18 Jan 2022 09:57:17 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 0C38 		84 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DCWcanhOcVnyrWGGy7kkcb2e25JaBovEg3MsyD1MZCjB7cehDfSWKqrC2BEQnvVHyK8XsS5W7GinN9c7ASeMNvwCEoV5r4M163ySvcZRic3FUyffJiqIXt2RH2QRVi-LdjPfYQ7YZJX_L2T6InAkWLf_GTDw&dbm_d=AKAmf-BXB9UkoMpQs-v9z4UX6rTQlOc45RYhyE-l0g0rN3xDWjtaLK4ta5A2WLsZ9hBxaQKmr1a41MVtTMACi0oJNKzEYiy73eW1ncVsXpmyyYcaOuKyzFRpbUzDg62mWTNf_3DV2bNsvc4j64h5719pE1EJm4-hJBAWPH25r_SmQ4O5Oo1aKwGEgXjnffR2rD9LftSXai79lGJ12cOkNNb-z-0o_FyBHTqRca5h77H2riONAerujBU5LGkhFvu27ZhkP1f0R9-1BVWkAtZordf7viFZiS70w9RPuwiJXGo4NaXN33aFpkIf2eXrM6zol8qFWgMd-xhCHAg5fRhunixjRaQyuz2TdFQ4zV41wYrUydUuyntspcmUebCtHG_fhVsoIxdeitfRmJ6L5SwrqHdpZP0KBBA2BazcBw73GkHw9tk6o19HNt3ImvtAzR7IqObm8g0ZxLeyAB2lDmn0Dm32gB1-PFWFRb0bri_fsnfeK5aFaAr1-I50n5A4ANGiHTPM1Z7QXjqw-lrKQ5lKFp-BTh3o9LnlQhfyMvinCa1oln3zW0zENqXwO924vHcw32w4HgLoS5omdROnfYLfa7bNPBHE5D0kx6iwOgb7oOuFH7M-_tUsjSULko-PGi9TTuq56IZ1ERnei9JEfeqNmHLv0hyVTDRtWaxGUgbKS9Z_fSuAWb4C4KhWAE3gQhyLVmOkk4LliJCdwez7dW2MPJUa4rB0_eGXU1oNHc0TpLXB9qSQksJpwQtPWnAzOwMuV9IjXhN7Hs-CiDUjVGzNAaE03gvQl5T4BdTZse0jzhP2VlsDySzywTxyCoeLo14Z-93d4rADY2rPKlefq4GRSGVQCT0vWTSZg4aCTlgtXV5Ffl2TIgi6CEdyPfoYX3lzRFi7mSldyVnR-oAPcdMt84ZOuySKh5yWk7odd0dXSue5jcTK-pTrGKpd-cE3OJ60g0Ilu0oKEgbbKgpR9Hv9wO1FZmzEvjhdahcJKyvqQPa9KagE_iml2lNOPgdiw7YQwgUbohb2sqZIdWVTnbkA0Xyxsnb3GCX_WTrmNhHIlJTsI0dbzs4TZwbo8FELOhPotyrPRLT07butLWnSQdi9cTFQa7NxZbJzzmdwCSpKMkhP4Eq1hNLyOfseD4WCJzqDdHNtSuY8VG0YcDWdFo7R62Jw099EEKcGRZz1Rfyo6MR6H-H7TH_UB9jx0X8QiOtT6Du9FawTUpQr8UeOS9f6LyVJ2CCWwTcalIzu_Zi6BoFB8vkYpQRbRPGRDmuGtV9pWJVJWJIEj-2wzEIXaIqu7uBnXNOp_IHQ747QfIOZe80EI7YhNMzcyTI0669SXzpunn6D_aSLbjG8DT3DycexgPjOzqgLrXh7_bN1Hs7DTg5OaRv2Wy81kfmu63pAU44TP03bnba33txhe8JmaQ6btn8GqQzBdX3spnXt10k9ZC7JjzYWqkq_FiX4SzhTJ8YJwVz_dZR7TUZc-ziAJ6FKIONrqwDFISlH42Z8Trm8F9vbAM7zxFXH99FprYKgRexX9ShPjznn4kJhgbvN8_tD7k8rPqtjbsmI1RW64HQ9GHO4vHAfxiokLFpMDy7ZYdpDdsg9yhGrVz3axTN2tVoR91TkanJP-O_Yn0H13RJPj4vYiDy5Aoma2vTA3FLXtWsDbyA0FAO4sTmXG_K12_DWqQw1jWkPTuKGeF4E1KIK8dLTrxnyjx1-4XziUBdN3kvG-I3zHT1Dq485iD4EOhbqy22VPWuk-DYbIXM2-w4L4Zq-vleNg5y4FyUhza3Npxc6Sm3ioOfpcwG4Y_JlCxI4aa2eZRRA4NaCg2nAggFP6W-FFH3-aLVXzeMgtbPfRms2RmVMWv8GEiQtBDn27W_hOxY4fZs7PtxWdT3A3-ZRVMEEGTC_gML-e5NTfHuohOcPaShXTinSruQiR9umWAU8HglfTDqicNvnL6B2co5K7IiDyUN9PakNDZtj-LlR5pRLRpo2cUDlhjm3trX989UR_F2FBKaGZFdaEVY3irdrm76GdwOUU7hiklTofK74BRzEV0_GRtMrhoWlu21BY186IjqavslLuOfpUa46PBGl85Ny5dyeu2pO0XYFoW1gCH0Gr5SD6HuSEBz7cqH-u7Mot-rCTr_qzKBPuAS2Lhz6lo40uEKnQviWG6CozLzuch8zgBRhkdDSCJphCxpzPoCaY1kXuP9wHzybZsw12_irMyOFyf2IJI7YwfcZms7vQDZLz9zjQj-CjcmLyBEyrAPDCFWBjDxnskbNJjpGANPYXuJ6W7om6EKKSdZbrv9zKSzthuR9CvweWf8skoWTiksf4kK_PGK4UMLyINsgWVe0Ru3R-WQOWOHhI_xQ5JzoatDsTU-5S4UJ2o1q3wXJRys8hdQ7RWEObQJxfqdoNz-km0ls9B-NWcp5czFNcSpQo8x4vTV-1G44ac8WhKgdTo8JkiSZrrdbs7_wQMobjd3FR4Qms4zcDwN8-VUHOC4N7VUC0dHX2TIpFSAysDXNHjnDib4cE6yOIQ0YeX__o404MMvaTz_6T86FEAMzWxpYS86yx-auf4yyUhyEeeTxlA7P7XcvK3twlgJx9h1TOi2_rbuEGOOLeYqijaZ2wqmf0ESLvaekPejpMVzMLS6RJXxyVn_kW-TOt3-V6EFO78s3VtnsbaLNncqCgLvYJOiKTlfmjVDT7-Ci3KpbynKg0SiMgN9GQluYyaroC4rqUBOsKt1TZTkXqd6SDP6B7C3EOuDEwbGm062iPUC-LPAo7VEaa8-Qwk2zgOHK07njYo0Jf3HkbwL7uX-oVlBmiCFhmxAV7p9Ro3OfigAX_Yv3K_3ehdgaLryXhcDhoLwc3BF0PlCqHGXkHgCGDPgJQaBi6B0OcqNh4BL1X6-Wki9VlI6-TlQZBBBUqX6BMdA3hWe5ptnoetFF1Yz-Q02AwDsH4APHjapZaSbb0D5DV12bMfXYeu_oR26VFkFlfV27qQGuwGd17ek6R4YpLMDfpy_I0C02ID6i3HxNdOYBOIknxiGE0swpxafL7pvQKo9U9EeEThnsAkBnIJF6uN0uIeFADDG3xGGOlLbv1rODIuHnL-mN7PXOQF8gzEt2OzSdsZqKBogKSpXaWDQm7ivwe3cJXdy6GTNLB0SQHUZ4NPpvLKY2uWa_gGAPOtYgcDxwayoZM7bb1jRtNanSByWIT3LvfI0f6poX674yfiHb&cid=CAASEuRoMtrCfz06edh5zWfBI085Kw&rfl=1%2Chttps%253A%252F%252Fwww.farfeshplus.online%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3388934107&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837157&bpp=1&bdt=618&idt=478&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=OQC0fQNSPT&p=https%3A//www.farfeshplus.online&dtd=482
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
63b3f5793de3e4f3d18a91472d737e2f1344c9e34a33972fd65ab77d1d06e9b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3388934107&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837157&bpp=1&bdt=618&idt=478&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=OQC0fQNSPT&p=https%3A//www.farfeshplus.online&dtd=482
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FBA2 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A8h09XidDWhhaflaof5tbj44emdr-Y48CWon5eJiVAfK30ctJngC363sZyFM7YQdEPlYqi6KtWCmaQ7jSagMZ8YFqjdRWcSvY3RtKailWgxyyPqFo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=2889027078&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837175&bpp=1&bdt=636&idt=488&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1482&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=QKk4MsTAEe&p=https%3A//www.farfeshplus.online&dtd=490
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jload
pixel.adsafeprotected.com/ Frame FBA2 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=925113&advId=818662947&campId=15562801328&pubId=1&placementId=396633038&adsafe_par&bundleId=&dealId=&bidurl=https://www.farfeshplus.online/FP45.asp
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=2889027078&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837175&bpp=1&bdt=636&idt=488&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1482&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=QKk4MsTAEe&p=https%3A//www.farfeshplus.online&dtd=490
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.91.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-91-250.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2604c7d05696a4cd255d4826f1cc4bc582679189352836001c9cd041457029d2

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:17 GMT
content-encoding
gzip
x-server-name
app20.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame FBA2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=2889027078&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837175&bpp=1&bdt=636&idt=488&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1482&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=QKk4MsTAEe&p=https%3A//www.farfeshplus.online&dtd=490
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:54:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
196
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:54:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FBA2 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=2889027078&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837175&bpp=1&bdt=636&idt=488&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1482&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=QKk4MsTAEe&p=https%3A//www.farfeshplus.online&dtd=490
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 18 Jan 2022 09:57:17 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame FBA2 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=2889027078&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837175&bpp=1&bdt=636&idt=488&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1482&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=QKk4MsTAEe&p=https%3A//www.farfeshplus.online&dtd=490
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1072
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:39:25 GMT
container.html
58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8458 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 18 Jan 2022 09:57:16 GMT
expires
Wed, 18 Jan 2023 09:57:16 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ 		182 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		834 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0&b=3&r=farfeshplus.online_728x90_sticky_display_bottom_stiky-bottom&sy=d8e2c6c6-cfc1-48c3-ac9e-1c400643dda1&ts=52&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.farfeshplus.online&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=a7e4857e-529a-44b4-a670-64e0af725a26&e=lm&dsReferer=aHR0cHM6Ly93d3cuZmFyZmVzaHBsdXMub25saW5lL0ZQNDUuYXNw
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FN1M30SHF2WQPN8YVPXMXTD0
date
Tue, 18 Jan 2022 09:57:17 GMT
cf-cache-status
HIT
age
13883
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6cf6f54e3e093757-MXP
config.json
player.adtelligent.com/exchange_rates/313490/ 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/313490/config.json?cb=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19010/hb_323303_12961.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
457258926822413faa01d180f312a139fbfad483bac7091d633a6357c5a60c41

Request headers

Referer
https://www.farfeshplus.online/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 18 Jan 2022 09:57:17 GMT
content-encoding
gzip
last-modified
Tue, 18 Jan 2022 00:02:10 GMT
server
nginx
etag
W/"61e60382-2227"
content-type
application/json
access-control-allow-origin
https://www.farfeshplus.online
expires
Tue, 18 Jan 2022 10:57:17 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
pixel
googleads.g.doubleclick.net/xbbe/ Frame F9C5 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQo5yvhgMYzseQvQEwAQ&v=APEucNWAWLJUR5riBj2OUwJ9DZ0FO7anhxH1bejFQLyeq_j3dENesBaQotGM4SuNFIP9MO_aTCHq-yJCYvVG8mSJjwutGGWvXDee3y4BuGBZzq2MOw70VRr_39w9uHkseKKryt442VFKN19ld6vCmXpKmTYPH9XJQKbWQvdrVDG3b1NVe1YcpvA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=2889027078&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837175&bpp=1&bdt=636&idt=488&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1482&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=QKk4MsTAEe&p=https%3A//www.farfeshplus.online&dtd=490
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=2889027078&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837175&bpp=1&bdt=636&idt=488&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1482&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=QKk4MsTAEe&p=https%3A//www.farfeshplus.online&dtd=490

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 18 Jan 2022 09:57:17 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame FBA2 		79 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CdzP6eIGSC9MaDtrdp7CjCkzKD0E9Xwl7XfxskSZAYjcklGJqtr9dq2sA4REUj-qJadH5zKEF-c2pOz0uJ8DdQf_KH6RdU_KBvb6zW4XE-f6kcDP0wD0Hylv_7yizvgwm3mNcJaHHjFOYEZNT7NP8srr5qpg&dbm_d=AKAmf-Cp16xIR3hQeTTu4Jtkxk9jKEUehcq1iiQ7KwjbAXno_zV3iqwbVk82uHYZPRAeS6p5jL97DJa9pUYDEUFYU5TZWHtr1YsYAXLrt9EeVQksgqcQKJhQsGNbf7f20cXKpj4JFs7ekD_RZ1-K_i55DWVB7jVGYzSKLuDlwkZ2tUUQ4FF6nzU5mbrvoyh9gibBWj_VwSxlJwYblctDCysFLEFHhl6EPqxdtIkCo8r87W95nfwxVmAQ6RhpsBmQY897PdxRYWp5G-IZ7aGLpNSHD9i-zE4Rz2RGaTbXQOsz_6cI2BjI4OzzUOCHK2pWfW7Ck-AhCE4Ai8LbWdcLceMBiXaTGyOEErHRGrVC2fzib25L_krGTS0pd7gNJ6pQ38_Wfue71O_gC0w1HKGjqsb05HFVAGnaZuylj2MPH7_YdD86wgMRWCGQ_YIa2pU9zfb1AwmVrzNs-h0hMnnw-VypkUJ_7G47ns6qgTy8DFrUhZlkSM50-snumuecIVRuVRkbpQfEe1NLl953CUC-Cm7BT7gLg5dQ1PGGyXco4kbgreVxJGf0V-N95jCdGlFgUjRbOV3fRxnG2su3NzMBnW0eD5wovSd3byemwzmNqdP7Tr6rIoG_PuJVkKEic-E5i9KzM-Gn88BnA9uPCu0vRI32hpgruL2ot4f3u2U5zbwbRTvYG-qEieW_biRgcy9ykxtrLYES6K_l3V0oeS8O9YjTO4VXyEGQzyhDRObzXuaUXC92gmbq-7oLRoa2OJe2AC679JEC0JdN2uHlZyOYb22eGFuAbVA9LvmECkswK0GY_uZQ3DoGlyhsvRevzGJ46vMZ0zqvOvX7dE3A8fK491hEE7JsDPEatd574_vAkGYZjuIBLJuBOsP3KgIoPtMmKdipgf-qEs46Dgz6IfoaHZsL8hAWuNujc0AbNuc77uNwuVPlXhhfo5Yc7ngD50HE1Y-izCJaRavFS9mzldsqMEJrS9-UFq7nLemux9kb6bveaW4VCJaBXZnAS_YkKz-m8jzekfZTTfnIKwAKFg1I3VI7urZ1kqRSqs2PQd5imQNQbMaZW9goyCqg7apUTzg2GjY1xlxuInEUS-GxG67qlfOAtb5vEgGKJRLn6WYRwQIdvidNabrs46H60Dc7sFN2OEM4z4GLWYndba6T8OLHK5Fl7B3T4fi77lIKYaTu-1mGGtQapiq7uR7nTbJmMkC9SPaEkjonS_Jwzkyv5UrkaYm2woJ1o93WgABatmwRH2C4u_gOQW0w8KBNxrf93WGx1Wdt5OpkumvbxTtD7Ypty70vKGCbdWp3zsyz4luSiNLJSnZfNfcPTS9YqYrEiDAbEYsaIFCjk-bAkvFGr2Xlebt_zLWHUI1ojFvmzYSiQ8NegonPNADnvQI4Ze8m3JGkRup6L7HBEmxasnECDTpeuY48MSIcd7dsUBqAa4xepa8M2LCAywtuaIs6af1flJSDCq4Jv23TJx51NWJ5rcNhw2BkdPq_Vcek1fdGZyetZV00YUUwVdqvAqrxobcpo_mj7fz4C0JnjobN60B6SukaNXZ9hvko_JItZGIqf5Nr43fRnHS233Fj1tfpt2VkWyioA5TTY-OcpCYuWiEl4-6UvobOHGeh97GH1oe28Jfxt__2yS2yTT36VJ8nPpjJFm7Z0-sc7WpGCJ4jPw1LoV04XuvRs-xx5b1tR75SdQAX-b-2FvjqxvlnnR8upRjH4hDfWp_vpj3_FNA9C2b2qYxyiH9DZUBg5IqK4zxFZUby09rJF36c6KwxPrxeJ-iKhd1IxYp2VWWvxYfj8XL5RRm97k3yvlZl0j6CMpZYVvm1guk3gtA06j1xIsnz30g1yJ4bN8kvSX1mSy-RvrdEXo1uvpwIDw8z9vKJ8WIDQkVYf2zJQpvEun2y9sDfOPjWRLatDxyoenjRVbgL-s6h30jtghxhFl_OPMYMczm-FIhzAom7ugwJFhSojoSmpLEWqUkwD6VgQrJsKhhnMRzc1EmyB7n_v6F2g6QAJw86wWUN0wvz8sYs4J9MzZjrSRtUTYBnZGBhuqIZ7JkazsbDnnqNh6vY_OHbplGjryqLXE-1jo7SlNCnUi-VNpKm5l2aBZtfU7dpTqaI0NP3NKJvqG9X-xO89db0ia7258EnhRQmSWMdP_mCUwXRE3qYUuWeFQhfQYSsfj-1iZ75bIpiOcOznkzKZdffQTimmFnFNPQsgSjSEtV0bSKSc5GuygDR2KFfvUPwPl1iqJRTW_dnfR7vQxG3k22Z2l7CL1rBafPBE9JvEW7CN-wUeD_dlRIhZ9QuaFNLAJC-z1xLoOME5Jzcjs3HUYru0X9jIX1ednVqHCse0JuISqe1T7kD41OarV8GtDDGCddFTaERukI5_GNvwVT3PHG9_3MzcDNiQLZwNcq7JFeCP-5lVkdUw-sXSyPo47iii7Jxm7IJ8B-pOohYAQ75adCMQvDVsODa2fOafOr4xsp6v8DMc12rwkxFeU7drmQhbW9TtpCCwmtzwMBe1i8wascKZ0f8_dE3zHcRvRtRCz2-P-vhBvZvF2Q9QxIcHxVrNKoDLEdRMmRJYbUIM1nMvP0iZLFfQgcpdMHibK4EaNUW2lL4_POjlP2GsIPFPCzccDejfPoilLNiRw_wTqI2IVcE1vkSd6Ivf8fS5GuirqEGK2tBrvy1xFGbPoALSX6yF_fJgjaCdtPMQyRMC3DwBx0EhZmeMZS6Wpp4-m_EQTpF9V7AWWszrqPad9Yk-Y5v3PElyk_yWWwK5fzgYTMKZmHcJ8u44FKOyWeD5_da1CjdUSNnR7PDM-s0j04y1TpLwz-t7BEORdmhdXsgMCHgJBNkEh7JzxDr0lP0hD89yJ8ysG_MD1hh1lgRj9Ju-hXJh8jyRHeJAWswzfUy9gxV0MvwqYHGylN2mZO5B_RYsEbllvy4c2MuowRhTh5swjMhbUW_Uaflpqzam6grAemm774tgxxtmm5W9Rnp2iC1iyTaX7CEiRkrSPDk2HvFaRpW2oX4mTf4KCkBTiT3ZBuYZ2_MzSWNbw7gzOwuvmXM4ZjR-ht07YKKb-nVMLochYpTvug0HRIARnUAShJ6XTqA_b1iOLnJCPOc8xfWEMIvHXUdD_V5xNLaLBKsfgxv6T4sZ7k-ak4tMVsD8QtcjC4WAIs6ZecYNZMjlPmOUir6UmIL4xbvodod1KY9YUh0pGt8f77k5aXZo5_Lj5nz0SO3AiDfR5WU7putcwqLiAfjrL3IhM7L8Qk&cid=CAASEuRoGLi-Qd4vQOG9fiNdMoTe0g&rfl=1%2Chttps%253A%252F%252Fwww.farfeshplus.online%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=2889027078&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837175&bpp=1&bdt=636&idt=488&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1482&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=QKk4MsTAEe&p=https%3A//www.farfeshplus.online&dtd=490
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2eb35d97f748830a2e6bc35a93799148e6162958a2c5c62671b8e3b2fba6b9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=2889027078&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837175&bpp=1&bdt=636&idt=488&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1482&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=QKk4MsTAEe&p=https%3A//www.farfeshplus.online&dtd=490
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31990
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4E33 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 18 Jan 2022 09:57:16 GMT
expires
Wed, 18 Jan 2023 09:57:16 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0&b=3&r=farfeshplus.online_728x90_sticky_display_bottom_new-sticky-right&sy=d8e2c6c6-cfc1-48c3-ac9e-1c400643dda1&ts=52&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.farfeshplus.online&mlre=undefined&mlin=0&mlsi=160x600&mlbw=4g&mlcs=NaN&mltp=a7e4857e-529a-44b4-a670-64e0af725a26&e=lm&dsReferer=aHR0cHM6Ly93d3cuZmFyZmVzaHBsdXMub25saW5lL0ZQNDUuYXNw
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id
01FN1M30SHF2WQPN8YVPXMXTD0
date
Tue, 18 Jan 2022 09:57:17 GMT
cf-cache-status
HIT
age
13883
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6cf6f54e7ea73757-MXP
css2
fonts.googleapis.com/ Frame D85E 		4 KB
634 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 18 Jan 2022 08:44:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 18 Jan 2022 09:57:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 18 Jan 2022 09:57:17 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D85E 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 22:34:48 GMT
x-content-type-options
nosniff
age
40949
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 17 Jan 2023 22:34:48 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D85E 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 23:33:35 GMT
x-content-type-options
nosniff
age
37422
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 17 Jan 2023 23:33:35 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/elements/html/ Frame D85E 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d49e447ea7189c83a39404fab2b4c9323ecf38b36c0b78996376f2c5d9125b0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:47:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
605
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8089
x-xss-protection
0
server
cafe
etag
17106604058346595485
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:47:12 GMT
css
fonts.googleapis.com/ Frame 2032 		3 KB
579 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 18 Jan 2022 08:46:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 18 Jan 2022 09:57:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 18 Jan 2022 09:57:17 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 2032 		1 KB
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:54:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
848
x-xss-protection
0
server
cafe
etag
2277666839114365613
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:54:48 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame 2032 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:52:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
317
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:52:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 2032 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:54:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
196
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:54:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2032 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 18 Jan 2022 09:57:17 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 2032 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1072
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:39:25 GMT
fccbdb50d0e11463e1edb3d8fcf7c364.js
www.gstatic.com/mysidia/ Frame 2032 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/fccbdb50d0e11463e1edb3d8fcf7c364.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 19:23:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
398023
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11411
x-xss-protection
0
last-modified
Thu, 13 Jan 2022 18:31:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 13 Apr 2022 19:23:34 GMT
ssrh.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 2975 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/ssrh.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1738279810&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1642499837&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837136&bpp=5&bdt=596&idt=476&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=utUxa3igyK&p=https%3A//www.farfeshplus.online&dtd=480
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 18:01:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57366
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30063
x-xss-protection
0
server
cafe
etag
16132151104434394549
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 18 Jan 2022 18:01:11 GMT
css2
fonts.googleapis.com/ Frame 3942 		4 KB
634 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 18 Jan 2022 08:54:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 18 Jan 2022 09:57:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 18 Jan 2022 09:57:17 GMT
css
fonts.googleapis.com/ Frame AF7C 		3 KB
579 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 18 Jan 2022 09:33:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 18 Jan 2022 09:57:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 18 Jan 2022 09:57:17 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame AF7C 		1 KB
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:54:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
848
x-xss-protection
0
server
cafe
etag
2277666839114365613
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:54:48 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame AF7C 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite_fy2019.js
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:52:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
317
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:52:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame AF7C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:54:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
196
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:54:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AF7C 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 18 Jan 2022 09:57:17 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame AF7C 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1072
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:39:25 GMT
l
www.google.com/ads/measurement/ Frame AF7C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSKa3PBZ-8ZNkDvbE9NBYBoDocomBPS30Hq53hgPJw9WlWF4GVGa9BHhCOPMke8Jq09_JGhxSZmuDMDiNNADnrXWxS1wA
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
b08052bb948632636d2eb594b39baf17.js
www.gstatic.com/mysidia/ Frame AF7C 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b08052bb948632636d2eb594b39baf17.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7cb23a8c81d8e04f278b4ebbcc8c169c2f602398e4fb0f336dbf71e4752470c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 15:07:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
413376
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11476
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 08:34:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 13 Apr 2022 15:07:41 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3942 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 22:34:48 GMT
x-content-type-options
nosniff
age
40949
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 17 Jan 2023 22:34:48 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3942 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 23:33:35 GMT
x-content-type-options
nosniff
age
37422
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 17 Jan 2023 23:33:35 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/elements/html/ Frame 3942 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d49e447ea7189c83a39404fab2b4c9323ecf38b36c0b78996376f2c5d9125b0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:47:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
605
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8089
x-xss-protection
0
server
cafe
etag
17106604058346595485
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:47:12 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame D251 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=2065248459&adk=1530395088&adf=1056458448&pi=t.ma~as.2065248459&w=300&lmt=1642499837&psa=0&format=300x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837097&bpp=1&bdt=558&idt=496&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=spoXDkDko4&p=https%3A//www.farfeshplus.online&dtd=501
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b770f7ca4e0add0192ef0e6b3af06258a99453263ec73bb08d8f57bdcd2a138
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:23:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2015
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13123
x-xss-protection
0
server
cafe
etag
1047769457888903897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:23:42 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame D251 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=2065248459&adk=1530395088&adf=1056458448&pi=t.ma~as.2065248459&w=300&lmt=1642499837&psa=0&format=300x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837097&bpp=1&bdt=558&idt=496&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=spoXDkDko4&p=https%3A//www.farfeshplus.online&dtd=501
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:54:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
196
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:54:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D251 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=2065248459&adk=1530395088&adf=1056458448&pi=t.ma~as.2065248459&w=300&lmt=1642499837&psa=0&format=300x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837097&bpp=1&bdt=558&idt=496&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=spoXDkDko4&p=https%3A//www.farfeshplus.online&dtd=501
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 18 Jan 2022 09:57:17 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame D251 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=2065248459&adk=1530395088&adf=1056458448&pi=t.ma~as.2065248459&w=300&lmt=1642499837&psa=0&format=300x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837097&bpp=1&bdt=558&idt=496&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=spoXDkDko4&p=https%3A//www.farfeshplus.online&dtd=501
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1072
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:39:25 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame D251 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=2065248459&adk=1530395088&adf=1056458448&pi=t.ma~as.2065248459&w=300&lmt=1642499837&psa=0&format=300x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837097&bpp=1&bdt=558&idt=496&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=spoXDkDko4&p=https%3A//www.farfeshplus.online&dtd=501
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:52:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
317
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:52:00 GMT
csyncs
ghb.adtelligent.com/ 		441 B
580 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/csyncs?aid1=688265&aid2=688266
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/456249/wrapper_hb_323303_12961.es6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
69b0026d350ed5375d10fd19eba6b6a9953bde0b3c0ca2895dbef43c3047ae40

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:16 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.farfeshplus.online
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
283
u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
pagead2.googlesyndication.com/bg/ Frame 1E14 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=250&slotname=6076681977&adk=2278793534&adf=1225210277&pi=t.ma~as.6076681977&w=300&lmt=1642499837&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837424&bpp=1&bdt=884&idt=1&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600&nras=1&correlator=3444761792216&frm=20&pv=2&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=4681&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=12&uci=a!c&btvi=2&fsb=1&xpc=D5s87EYeoK&p=https%3A//www.farfeshplus.online&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb5358c6c980f19540bb6b15ccf641878aa3d8530e3e225df2e59eab005c3dd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:52:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
32715
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13653
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Jan 2023 00:52:02 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 49E0
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=250&slotname=2097210043&adk=239546933&adf=355767990&pi=t.ma~as.2097210043&w=300&lmt=1642499837&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837372&bpp=3&bdt=832&idt=3&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3444761792216&frm=20&pv=2&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=3946&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&btvi=1&fsb=1&xpc=xy9UMBP64u&p=https%3A//www.farfeshplus.online&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 18 Jan 2022 09:57:17 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 18 Jan 2022 09:57:17 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 18 Jan 2022 09:57:17 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
pagead2.googlesyndication.com/bg/ Frame 5C5F 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=250&slotname=2097210043&adk=239546933&adf=355767990&pi=t.ma~as.2097210043&w=300&lmt=1642499837&psa=0&format=300x250&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837372&bpp=3&bdt=832&idt=3&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3444761792216&frm=20&pv=2&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=569&ady=3946&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&btvi=1&fsb=1&xpc=xy9UMBP64u&p=https%3A//www.farfeshplus.online&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb5358c6c980f19540bb6b15ccf641878aa3d8530e3e225df2e59eab005c3dd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:52:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
32715
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13653
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Jan 2023 00:52:02 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/919015/59742583/ Frame 0C38 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/919015/59742583/skeleton.js?ias_dspID=3&ias_campId=23268776&ias_pubId=pub-6266313190087173&ias_chanId=1&ias_placementId=14569750229&bidurl=https://www.farfeshplus.online/FP45.asp&ias_dealId=
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.91.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-91-250.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
815ed75b1fd07d77dbbf39f705b0a8660e67aea1948118aec056a974230e869b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:17 GMT
content-encoding
gzip
x-server-name
app17.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 0C38 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 20:53:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47047
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 18 Jan 2022 20:53:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/elements/html/ Frame 0C38 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DCWcanhOcVnyrWGGy7kkcb2e25JaBovEg3MsyD1MZCjB7cehDfSWKqrC2BEQnvVHyK8XsS5W7GinN9c7ASeMNvwCEoV5r4M163ySvcZRic3FUyffJiqIXt2RH2QRVi-LdjPfYQ7YZJX_L2T6InAkWLf_GTDw&dbm_d=AKAmf-BXB9UkoMpQs-v9z4UX6rTQlOc45RYhyE-l0g0rN3xDWjtaLK4ta5A2WLsZ9hBxaQKmr1a41MVtTMACi0oJNKzEYiy73eW1ncVsXpmyyYcaOuKyzFRpbUzDg62mWTNf_3DV2bNsvc4j64h5719pE1EJm4-hJBAWPH25r_SmQ4O5Oo1aKwGEgXjnffR2rD9LftSXai79lGJ12cOkNNb-z-0o_FyBHTqRca5h77H2riONAerujBU5LGkhFvu27ZhkP1f0R9-1BVWkAtZordf7viFZiS70w9RPuwiJXGo4NaXN33aFpkIf2eXrM6zol8qFWgMd-xhCHAg5fRhunixjRaQyuz2TdFQ4zV41wYrUydUuyntspcmUebCtHG_fhVsoIxdeitfRmJ6L5SwrqHdpZP0KBBA2BazcBw73GkHw9tk6o19HNt3ImvtAzR7IqObm8g0ZxLeyAB2lDmn0Dm32gB1-PFWFRb0bri_fsnfeK5aFaAr1-I50n5A4ANGiHTPM1Z7QXjqw-lrKQ5lKFp-BTh3o9LnlQhfyMvinCa1oln3zW0zENqXwO924vHcw32w4HgLoS5omdROnfYLfa7bNPBHE5D0kx6iwOgb7oOuFH7M-_tUsjSULko-PGi9TTuq56IZ1ERnei9JEfeqNmHLv0hyVTDRtWaxGUgbKS9Z_fSuAWb4C4KhWAE3gQhyLVmOkk4LliJCdwez7dW2MPJUa4rB0_eGXU1oNHc0TpLXB9qSQksJpwQtPWnAzOwMuV9IjXhN7Hs-CiDUjVGzNAaE03gvQl5T4BdTZse0jzhP2VlsDySzywTxyCoeLo14Z-93d4rADY2rPKlefq4GRSGVQCT0vWTSZg4aCTlgtXV5Ffl2TIgi6CEdyPfoYX3lzRFi7mSldyVnR-oAPcdMt84ZOuySKh5yWk7odd0dXSue5jcTK-pTrGKpd-cE3OJ60g0Ilu0oKEgbbKgpR9Hv9wO1FZmzEvjhdahcJKyvqQPa9KagE_iml2lNOPgdiw7YQwgUbohb2sqZIdWVTnbkA0Xyxsnb3GCX_WTrmNhHIlJTsI0dbzs4TZwbo8FELOhPotyrPRLT07butLWnSQdi9cTFQa7NxZbJzzmdwCSpKMkhP4Eq1hNLyOfseD4WCJzqDdHNtSuY8VG0YcDWdFo7R62Jw099EEKcGRZz1Rfyo6MR6H-H7TH_UB9jx0X8QiOtT6Du9FawTUpQr8UeOS9f6LyVJ2CCWwTcalIzu_Zi6BoFB8vkYpQRbRPGRDmuGtV9pWJVJWJIEj-2wzEIXaIqu7uBnXNOp_IHQ747QfIOZe80EI7YhNMzcyTI0669SXzpunn6D_aSLbjG8DT3DycexgPjOzqgLrXh7_bN1Hs7DTg5OaRv2Wy81kfmu63pAU44TP03bnba33txhe8JmaQ6btn8GqQzBdX3spnXt10k9ZC7JjzYWqkq_FiX4SzhTJ8YJwVz_dZR7TUZc-ziAJ6FKIONrqwDFISlH42Z8Trm8F9vbAM7zxFXH99FprYKgRexX9ShPjznn4kJhgbvN8_tD7k8rPqtjbsmI1RW64HQ9GHO4vHAfxiokLFpMDy7ZYdpDdsg9yhGrVz3axTN2tVoR91TkanJP-O_Yn0H13RJPj4vYiDy5Aoma2vTA3FLXtWsDbyA0FAO4sTmXG_K12_DWqQw1jWkPTuKGeF4E1KIK8dLTrxnyjx1-4XziUBdN3kvG-I3zHT1Dq485iD4EOhbqy22VPWuk-DYbIXM2-w4L4Zq-vleNg5y4FyUhza3Npxc6Sm3ioOfpcwG4Y_JlCxI4aa2eZRRA4NaCg2nAggFP6W-FFH3-aLVXzeMgtbPfRms2RmVMWv8GEiQtBDn27W_hOxY4fZs7PtxWdT3A3-ZRVMEEGTC_gML-e5NTfHuohOcPaShXTinSruQiR9umWAU8HglfTDqicNvnL6B2co5K7IiDyUN9PakNDZtj-LlR5pRLRpo2cUDlhjm3trX989UR_F2FBKaGZFdaEVY3irdrm76GdwOUU7hiklTofK74BRzEV0_GRtMrhoWlu21BY186IjqavslLuOfpUa46PBGl85Ny5dyeu2pO0XYFoW1gCH0Gr5SD6HuSEBz7cqH-u7Mot-rCTr_qzKBPuAS2Lhz6lo40uEKnQviWG6CozLzuch8zgBRhkdDSCJphCxpzPoCaY1kXuP9wHzybZsw12_irMyOFyf2IJI7YwfcZms7vQDZLz9zjQj-CjcmLyBEyrAPDCFWBjDxnskbNJjpGANPYXuJ6W7om6EKKSdZbrv9zKSzthuR9CvweWf8skoWTiksf4kK_PGK4UMLyINsgWVe0Ru3R-WQOWOHhI_xQ5JzoatDsTU-5S4UJ2o1q3wXJRys8hdQ7RWEObQJxfqdoNz-km0ls9B-NWcp5czFNcSpQo8x4vTV-1G44ac8WhKgdTo8JkiSZrrdbs7_wQMobjd3FR4Qms4zcDwN8-VUHOC4N7VUC0dHX2TIpFSAysDXNHjnDib4cE6yOIQ0YeX__o404MMvaTz_6T86FEAMzWxpYS86yx-auf4yyUhyEeeTxlA7P7XcvK3twlgJx9h1TOi2_rbuEGOOLeYqijaZ2wqmf0ESLvaekPejpMVzMLS6RJXxyVn_kW-TOt3-V6EFO78s3VtnsbaLNncqCgLvYJOiKTlfmjVDT7-Ci3KpbynKg0SiMgN9GQluYyaroC4rqUBOsKt1TZTkXqd6SDP6B7C3EOuDEwbGm062iPUC-LPAo7VEaa8-Qwk2zgOHK07njYo0Jf3HkbwL7uX-oVlBmiCFhmxAV7p9Ro3OfigAX_Yv3K_3ehdgaLryXhcDhoLwc3BF0PlCqHGXkHgCGDPgJQaBi6B0OcqNh4BL1X6-Wki9VlI6-TlQZBBBUqX6BMdA3hWe5ptnoetFF1Yz-Q02AwDsH4APHjapZaSbb0D5DV12bMfXYeu_oR26VFkFlfV27qQGuwGd17ek6R4YpLMDfpy_I0C02ID6i3HxNdOYBOIknxiGE0swpxafL7pvQKo9U9EeEThnsAkBnIJF6uN0uIeFADDG3xGGOlLbv1rODIuHnL-mN7PXOQF8gzEt2OzSdsZqKBogKSpXaWDQm7ivwe3cJXdy6GTNLB0SQHUZ4NPpvLKY2uWa_gGAPOtYgcDxwayoZM7bb1jRtNanSByWIT3LvfI0f6poX674yfiHb&cid=CAASEuRoMtrCfz06edh5zWfBI085Kw&rfl=1%2Chttps%253A%252F%252Fwww.farfeshplus.online%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:52:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
281
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:52:36 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame 0C38 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DCWcanhOcVnyrWGGy7kkcb2e25JaBovEg3MsyD1MZCjB7cehDfSWKqrC2BEQnvVHyK8XsS5W7GinN9c7ASeMNvwCEoV5r4M163ySvcZRic3FUyffJiqIXt2RH2QRVi-LdjPfYQ7YZJX_L2T6InAkWLf_GTDw&dbm_d=AKAmf-BXB9UkoMpQs-v9z4UX6rTQlOc45RYhyE-l0g0rN3xDWjtaLK4ta5A2WLsZ9hBxaQKmr1a41MVtTMACi0oJNKzEYiy73eW1ncVsXpmyyYcaOuKyzFRpbUzDg62mWTNf_3DV2bNsvc4j64h5719pE1EJm4-hJBAWPH25r_SmQ4O5Oo1aKwGEgXjnffR2rD9LftSXai79lGJ12cOkNNb-z-0o_FyBHTqRca5h77H2riONAerujBU5LGkhFvu27ZhkP1f0R9-1BVWkAtZordf7viFZiS70w9RPuwiJXGo4NaXN33aFpkIf2eXrM6zol8qFWgMd-xhCHAg5fRhunixjRaQyuz2TdFQ4zV41wYrUydUuyntspcmUebCtHG_fhVsoIxdeitfRmJ6L5SwrqHdpZP0KBBA2BazcBw73GkHw9tk6o19HNt3ImvtAzR7IqObm8g0ZxLeyAB2lDmn0Dm32gB1-PFWFRb0bri_fsnfeK5aFaAr1-I50n5A4ANGiHTPM1Z7QXjqw-lrKQ5lKFp-BTh3o9LnlQhfyMvinCa1oln3zW0zENqXwO924vHcw32w4HgLoS5omdROnfYLfa7bNPBHE5D0kx6iwOgb7oOuFH7M-_tUsjSULko-PGi9TTuq56IZ1ERnei9JEfeqNmHLv0hyVTDRtWaxGUgbKS9Z_fSuAWb4C4KhWAE3gQhyLVmOkk4LliJCdwez7dW2MPJUa4rB0_eGXU1oNHc0TpLXB9qSQksJpwQtPWnAzOwMuV9IjXhN7Hs-CiDUjVGzNAaE03gvQl5T4BdTZse0jzhP2VlsDySzywTxyCoeLo14Z-93d4rADY2rPKlefq4GRSGVQCT0vWTSZg4aCTlgtXV5Ffl2TIgi6CEdyPfoYX3lzRFi7mSldyVnR-oAPcdMt84ZOuySKh5yWk7odd0dXSue5jcTK-pTrGKpd-cE3OJ60g0Ilu0oKEgbbKgpR9Hv9wO1FZmzEvjhdahcJKyvqQPa9KagE_iml2lNOPgdiw7YQwgUbohb2sqZIdWVTnbkA0Xyxsnb3GCX_WTrmNhHIlJTsI0dbzs4TZwbo8FELOhPotyrPRLT07butLWnSQdi9cTFQa7NxZbJzzmdwCSpKMkhP4Eq1hNLyOfseD4WCJzqDdHNtSuY8VG0YcDWdFo7R62Jw099EEKcGRZz1Rfyo6MR6H-H7TH_UB9jx0X8QiOtT6Du9FawTUpQr8UeOS9f6LyVJ2CCWwTcalIzu_Zi6BoFB8vkYpQRbRPGRDmuGtV9pWJVJWJIEj-2wzEIXaIqu7uBnXNOp_IHQ747QfIOZe80EI7YhNMzcyTI0669SXzpunn6D_aSLbjG8DT3DycexgPjOzqgLrXh7_bN1Hs7DTg5OaRv2Wy81kfmu63pAU44TP03bnba33txhe8JmaQ6btn8GqQzBdX3spnXt10k9ZC7JjzYWqkq_FiX4SzhTJ8YJwVz_dZR7TUZc-ziAJ6FKIONrqwDFISlH42Z8Trm8F9vbAM7zxFXH99FprYKgRexX9ShPjznn4kJhgbvN8_tD7k8rPqtjbsmI1RW64HQ9GHO4vHAfxiokLFpMDy7ZYdpDdsg9yhGrVz3axTN2tVoR91TkanJP-O_Yn0H13RJPj4vYiDy5Aoma2vTA3FLXtWsDbyA0FAO4sTmXG_K12_DWqQw1jWkPTuKGeF4E1KIK8dLTrxnyjx1-4XziUBdN3kvG-I3zHT1Dq485iD4EOhbqy22VPWuk-DYbIXM2-w4L4Zq-vleNg5y4FyUhza3Npxc6Sm3ioOfpcwG4Y_JlCxI4aa2eZRRA4NaCg2nAggFP6W-FFH3-aLVXzeMgtbPfRms2RmVMWv8GEiQtBDn27W_hOxY4fZs7PtxWdT3A3-ZRVMEEGTC_gML-e5NTfHuohOcPaShXTinSruQiR9umWAU8HglfTDqicNvnL6B2co5K7IiDyUN9PakNDZtj-LlR5pRLRpo2cUDlhjm3trX989UR_F2FBKaGZFdaEVY3irdrm76GdwOUU7hiklTofK74BRzEV0_GRtMrhoWlu21BY186IjqavslLuOfpUa46PBGl85Ny5dyeu2pO0XYFoW1gCH0Gr5SD6HuSEBz7cqH-u7Mot-rCTr_qzKBPuAS2Lhz6lo40uEKnQviWG6CozLzuch8zgBRhkdDSCJphCxpzPoCaY1kXuP9wHzybZsw12_irMyOFyf2IJI7YwfcZms7vQDZLz9zjQj-CjcmLyBEyrAPDCFWBjDxnskbNJjpGANPYXuJ6W7om6EKKSdZbrv9zKSzthuR9CvweWf8skoWTiksf4kK_PGK4UMLyINsgWVe0Ru3R-WQOWOHhI_xQ5JzoatDsTU-5S4UJ2o1q3wXJRys8hdQ7RWEObQJxfqdoNz-km0ls9B-NWcp5czFNcSpQo8x4vTV-1G44ac8WhKgdTo8JkiSZrrdbs7_wQMobjd3FR4Qms4zcDwN8-VUHOC4N7VUC0dHX2TIpFSAysDXNHjnDib4cE6yOIQ0YeX__o404MMvaTz_6T86FEAMzWxpYS86yx-auf4yyUhyEeeTxlA7P7XcvK3twlgJx9h1TOi2_rbuEGOOLeYqijaZ2wqmf0ESLvaekPejpMVzMLS6RJXxyVn_kW-TOt3-V6EFO78s3VtnsbaLNncqCgLvYJOiKTlfmjVDT7-Ci3KpbynKg0SiMgN9GQluYyaroC4rqUBOsKt1TZTkXqd6SDP6B7C3EOuDEwbGm062iPUC-LPAo7VEaa8-Qwk2zgOHK07njYo0Jf3HkbwL7uX-oVlBmiCFhmxAV7p9Ro3OfigAX_Yv3K_3ehdgaLryXhcDhoLwc3BF0PlCqHGXkHgCGDPgJQaBi6B0OcqNh4BL1X6-Wki9VlI6-TlQZBBBUqX6BMdA3hWe5ptnoetFF1Yz-Q02AwDsH4APHjapZaSbb0D5DV12bMfXYeu_oR26VFkFlfV27qQGuwGd17ek6R4YpLMDfpy_I0C02ID6i3HxNdOYBOIknxiGE0swpxafL7pvQKo9U9EeEThnsAkBnIJF6uN0uIeFADDG3xGGOlLbv1rODIuHnL-mN7PXOQF8gzEt2OzSdsZqKBogKSpXaWDQm7ivwe3cJXdy6GTNLB0SQHUZ4NPpvLKY2uWa_gGAPOtYgcDxwayoZM7bb1jRtNanSByWIT3LvfI0f6poX674yfiHb&cid=CAASEuRoMtrCfz06edh5zWfBI085Kw&rfl=1%2Chttps%253A%252F%252Fwww.farfeshplus.online%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7c55617f84818daf4c70cc10ada26ddd5b582b1d1c2c2829b3220487a6db477
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:54:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
159
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
server
cafe
etag
6261108306223674270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:54:38 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D251 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstrb_vbRvnSOk_ifHHKBl6WRcIwVbCKFGr23WJzaN8E8y3pkrYAMq3GW9AyghyKr9VN55vXa9F3phCK22jj-A7aH9zFEEfN7Px7jNDb-HbBy6kR7yvlscYJ-GDRQ0dF1b6GvnlYTcXqAlOYjFbghqfEG5EqsGLln1ZRUaUob6K_lmBlSjcaxHhlNCF9JEUQ95YmznfMEXAlb2sqGx9g1SnYgixKO0_t2qwSy8ZgkB9MQ2E2eFY5b55ZCvUSONIJLuY_tWtkqILnrDIQeNI60bE3pHOgsX6UwPTSnhY0lBWgfBuWO_bgqh1EWXTxw-8E48TFrfmPL3sVh5F6Vib-o7s2sclBvlhfV4LMTAuB5IwHGB-x2q7TDQs70OTfnVpJ7QTi98svMWd7pyaZhpf8vZ0teaQedjk4j7yX8lFEpz_zBu2sQl0txhQ6c8JH2gGgbIy_gN0S0j4Vb8Ti02unEpuv7uwvTCSVWQlIE8uzoc_czxB2t7ck6AkCjAdk4gxfozdWBjWlNV7zuwrWHJrorQJNEPVb55pmVvKSrthmqTxW8_OiHMHaPgWpWyw5aBmTcNGpmpTkZWdBNMl5TblAlVKwGVi9Lqf6lOzhmhaVSQwy5EVyDMzwCFsmKunDKSWfycRZeiDW35AvQpyI6-gxXBFoKxnCMdP6DKO9vJs2tph4O_OrNoUzzXnZnR6ReumXkhM-hZOeNEj1NuounatXRSOsPsdJi7i8c4WRL2qlZB92gEaDD-lXfWCga3mPW6DcHkaaI6-YdSVzfB1X2FiPZD-guojmX7e2zlKZ2cWyBkDly-nAcz4oMmka_5y4Z6VuOXpVsUx0kkKATTAqNooupqzy7YL3OV088uaRQj8_aaKfpT9fc_s2Y9kNbYMv7n3DPB0fZZLGbl6tZlz4CO0MK11VxK7oRBULQH2up1dceu2dm-ZgIPeC0a7mi0oEN_8G4JjWypUeQ7L-cDqkOU6JiQfTDa4Y42COakJqtOMKM17WoVB45k4gw7FP5jAFDLjX_sQZA7oG5Qv1AhkPSQbKpleTR8H576imLmyz5v00a16IMhi1sduYZfovS4nRVs40NKfOPVpufsOg1ElCEAZAINXA4ov6xRft1Q&sai=AMfl-YSAJ91spASxKBOY_wqOD0bh7hfWxT8d7SiZHQUdesHZpv4rlAUEfFonJg&sig=Cg0ArKJSzF3w87EwJhonEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=2065248459&adk=1530395088&adf=1056458448&pi=t.ma~as.2065248459&w=300&lmt=1642499837&psa=0&format=300x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837097&bpp=1&bdt=558&idt=496&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=spoXDkDko4&p=https%3A//www.farfeshplus.online&dtd=501
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 18 Jan 2022 09:57:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame D251 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=2065248459&adk=1530395088&adf=1056458448&pi=t.ma~as.2065248459&w=300&lmt=1642499837&psa=0&format=300x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837097&bpp=1&bdt=558&idt=496&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=spoXDkDko4&p=https%3A//www.farfeshplus.online&dtd=501
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 20:53:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47047
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 18 Jan 2022 20:53:10 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D251 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=600&slotname=2065248459&adk=1530395088&adf=1056458448&pi=t.ma~as.2065248459&w=300&lmt=1642499837&psa=0&format=300x600&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837097&bpp=1&bdt=558&idt=496&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=spoXDkDko4&p=https%3A//www.farfeshplus.online&dtd=501
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:31:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69939
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Jan 2023 14:31:38 GMT
container.html
58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 33A4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 18 Jan 2022 09:57:16 GMT
expires
Wed, 18 Jan 2023 09:57:16 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rum
dsum-sec.casalemedia.com/ Frame C643
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAxIdgXNDGi4hBZXgYlVjZI&google_cver=1
43 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAxIdgXNDGi4hBZXgYlVjZI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMK8XhDJqr3dAhjop9m-ATAB&v=APEucNVqiMlNqeioD9uY7F4EDjBxkLtRkP2EpcSdZS8cyrxlMXV-SXyBgbfan32L0vcls5ggkChd6Do3A1RSfAytZXmeshT18edVgMHBU32oaerBlYeIw9JCqMg-ECo5BPEi9ft7W63j3lPG-2pFLBYiHcgdpWX1WZZ29cYibOhtasIy5gQkj2U
Protocol
HTTP/1.1
Server
104.92.100.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-100-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 09:57:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 18 Jan 2022 09:57:17 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAxIdgXNDGi4hBZXgYlVjZI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C643
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YeaO-dp9OUtgjeqPLoebGgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAxIdgXNDGi4hBZXgYlVjZI&google_cver=1
43 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAxIdgXNDGi4hBZXgYlVjZI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMK8XhDJqr3dAhjop9m-ATAB&v=APEucNVqiMlNqeioD9uY7F4EDjBxkLtRkP2EpcSdZS8cyrxlMXV-SXyBgbfan32L0vcls5ggkChd6Do3A1RSfAytZXmeshT18edVgMHBU32oaerBlYeIw9JCqMg-ECo5BPEi9ft7W63j3lPG-2pFLBYiHcgdpWX1WZZ29cYibOhtasIy5gQkj2U
Protocol
HTTP/1.1
Server
104.92.100.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-100-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 09:57:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 18 Jan 2022 09:57:18 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAxIdgXNDGi4hBZXgYlVjZI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame C643
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDLd-dbc5oht-CQkRrEDZyI&google_cver=1
43 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEDLd-dbc5oht-CQkRrEDZyI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMK8XhDJqr3dAhjop9m-ATAB&v=APEucNVqiMlNqeioD9uY7F4EDjBxkLtRkP2EpcSdZS8cyrxlMXV-SXyBgbfan32L0vcls5ggkChd6Do3A1RSfAytZXmeshT18edVgMHBU32oaerBlYeIw9JCqMg-ECo5BPEi9ft7W63j3lPG-2pFLBYiHcgdpWX1WZZ29cYibOhtasIy5gQkj2U
Protocol
HTTP/1.1
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 09:57:17 GMT
X-Proxy-Origin
192.145.127.217; 192.145.127.217; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
e817af5d-65b6-4b14-8407-b770f2ee9064
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEDLd-dbc5oht-CQkRrEDZyI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C643
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQxOTgxODIzNjc4NzkzMzcwNg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQxOTgxODIzNjc4NzkzMzcwNg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMK8XhDJqr3dAhjop9m-ATAB&v=APEucNVqiMlNqeioD9uY7F4EDjBxkLtRkP2EpcSdZS8cyrxlMXV-SXyBgbfan32L0vcls5ggkChd6Do3A1RSfAytZXmeshT18edVgMHBU32oaerBlYeIw9JCqMg-ECo5BPEi9ft7W63j3lPG-2pFLBYiHcgdpWX1WZZ29cYibOhtasIy5gQkj2U
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 09:57:17 GMT
X-Proxy-Origin
192.145.127.217; 192.145.127.217; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
01fe3c29-2d02-4b0c-a655-42e3a9077699
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQxOTgxODIzNjc4NzkzMzcwNg%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
5929018931708618918_17154916781026283499.jpeg
static.doubleclick.net/dynamic/5/77970773/ Frame 2975 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/77970773/5929018931708618918_17154916781026283499.jpeg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1738279810&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1642499837&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837136&bpp=5&bdt=596&idt=476&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=utUxa3igyK&p=https%3A//www.farfeshplus.online&dtd=480
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c97af9cb064cb57627d2a2ca3ca22d933f29e9fd7e0a28837c196d2fafd26615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:08:09 GMT
x-content-type-options
nosniff
age
348548
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67821
x-xss-protection
0
last-modified
Fri, 14 Jan 2022 02:42:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Jan 2023 09:08:09 GMT
8162259828689033659_11935127729185142370.jpeg
static.doubleclick.net/dynamic/5/77970773/ Frame 2975 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/77970773/8162259828689033659_11935127729185142370.jpeg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1738279810&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1642499837&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837136&bpp=5&bdt=596&idt=476&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=utUxa3igyK&p=https%3A//www.farfeshplus.online&dtd=480
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0691a3d6a406d8f14c14387b0fd5bf921163a3dbeae61e7e83ad62248aa46371
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:28:16 GMT
x-content-type-options
nosniff
age
347341
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70659
x-xss-protection
0
last-modified
Fri, 14 Jan 2022 02:41:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Jan 2023 09:28:16 GMT
8128719695558180995_9153958881400702861.jpeg
static.doubleclick.net/dynamic/5/77970773/ Frame 2975 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/77970773/8128719695558180995_9153958881400702861.jpeg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1738279810&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1642499837&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837136&bpp=5&bdt=596&idt=476&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=utUxa3igyK&p=https%3A//www.farfeshplus.online&dtd=480
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
416cb38e2040045349ac29b4bc162a17a28fa89ec4bc0f8ab59d2ef3ff29c580
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 15 Jan 2022 20:34:31 GMT
x-content-type-options
nosniff
age
220966
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49117
x-xss-protection
0
last-modified
Fri, 14 Jan 2022 02:41:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 15 Jan 2023 20:34:31 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame 2975 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1738279810&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1642499837&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837136&bpp=5&bdt=596&idt=476&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=utUxa3igyK&p=https%3A//www.farfeshplus.online&dtd=480
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:52:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
317
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:52:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 2975 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1738279810&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1642499837&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837136&bpp=5&bdt=596&idt=476&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=utUxa3igyK&p=https%3A//www.farfeshplus.online&dtd=480
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:54:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
196
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:54:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2975 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1738279810&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1642499837&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837136&bpp=5&bdt=596&idt=476&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=utUxa3igyK&p=https%3A//www.farfeshplus.online&dtd=480
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 18 Jan 2022 09:57:17 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 2975 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1738279810&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1642499837&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837136&bpp=5&bdt=596&idt=476&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=utUxa3igyK&p=https%3A//www.farfeshplus.online&dtd=480
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1072
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:39:25 GMT
l
www.google.com/ads/measurement/ Frame 2975 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTW2HuX0AhVLaVlmITfbVo_9Wq3TqfxMyo1hBy1AmWE-PIzqFpA9o5sGTiDMdHW9gn4q76BU1XvN2CSrnT0JHmasn7hbw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1738279810&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1642499837&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837136&bpp=5&bdt=596&idt=476&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=utUxa3igyK&p=https%3A//www.farfeshplus.online&dtd=480
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame FBA2 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 18:05:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57096
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 18 Jan 2022 18:05:41 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/elements/html/ Frame FBA2 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CdzP6eIGSC9MaDtrdp7CjCkzKD0E9Xwl7XfxskSZAYjcklGJqtr9dq2sA4REUj-qJadH5zKEF-c2pOz0uJ8DdQf_KH6RdU_KBvb6zW4XE-f6kcDP0wD0Hylv_7yizvgwm3mNcJaHHjFOYEZNT7NP8srr5qpg&dbm_d=AKAmf-Cp16xIR3hQeTTu4Jtkxk9jKEUehcq1iiQ7KwjbAXno_zV3iqwbVk82uHYZPRAeS6p5jL97DJa9pUYDEUFYU5TZWHtr1YsYAXLrt9EeVQksgqcQKJhQsGNbf7f20cXKpj4JFs7ekD_RZ1-K_i55DWVB7jVGYzSKLuDlwkZ2tUUQ4FF6nzU5mbrvoyh9gibBWj_VwSxlJwYblctDCysFLEFHhl6EPqxdtIkCo8r87W95nfwxVmAQ6RhpsBmQY897PdxRYWp5G-IZ7aGLpNSHD9i-zE4Rz2RGaTbXQOsz_6cI2BjI4OzzUOCHK2pWfW7Ck-AhCE4Ai8LbWdcLceMBiXaTGyOEErHRGrVC2fzib25L_krGTS0pd7gNJ6pQ38_Wfue71O_gC0w1HKGjqsb05HFVAGnaZuylj2MPH7_YdD86wgMRWCGQ_YIa2pU9zfb1AwmVrzNs-h0hMnnw-VypkUJ_7G47ns6qgTy8DFrUhZlkSM50-snumuecIVRuVRkbpQfEe1NLl953CUC-Cm7BT7gLg5dQ1PGGyXco4kbgreVxJGf0V-N95jCdGlFgUjRbOV3fRxnG2su3NzMBnW0eD5wovSd3byemwzmNqdP7Tr6rIoG_PuJVkKEic-E5i9KzM-Gn88BnA9uPCu0vRI32hpgruL2ot4f3u2U5zbwbRTvYG-qEieW_biRgcy9ykxtrLYES6K_l3V0oeS8O9YjTO4VXyEGQzyhDRObzXuaUXC92gmbq-7oLRoa2OJe2AC679JEC0JdN2uHlZyOYb22eGFuAbVA9LvmECkswK0GY_uZQ3DoGlyhsvRevzGJ46vMZ0zqvOvX7dE3A8fK491hEE7JsDPEatd574_vAkGYZjuIBLJuBOsP3KgIoPtMmKdipgf-qEs46Dgz6IfoaHZsL8hAWuNujc0AbNuc77uNwuVPlXhhfo5Yc7ngD50HE1Y-izCJaRavFS9mzldsqMEJrS9-UFq7nLemux9kb6bveaW4VCJaBXZnAS_YkKz-m8jzekfZTTfnIKwAKFg1I3VI7urZ1kqRSqs2PQd5imQNQbMaZW9goyCqg7apUTzg2GjY1xlxuInEUS-GxG67qlfOAtb5vEgGKJRLn6WYRwQIdvidNabrs46H60Dc7sFN2OEM4z4GLWYndba6T8OLHK5Fl7B3T4fi77lIKYaTu-1mGGtQapiq7uR7nTbJmMkC9SPaEkjonS_Jwzkyv5UrkaYm2woJ1o93WgABatmwRH2C4u_gOQW0w8KBNxrf93WGx1Wdt5OpkumvbxTtD7Ypty70vKGCbdWp3zsyz4luSiNLJSnZfNfcPTS9YqYrEiDAbEYsaIFCjk-bAkvFGr2Xlebt_zLWHUI1ojFvmzYSiQ8NegonPNADnvQI4Ze8m3JGkRup6L7HBEmxasnECDTpeuY48MSIcd7dsUBqAa4xepa8M2LCAywtuaIs6af1flJSDCq4Jv23TJx51NWJ5rcNhw2BkdPq_Vcek1fdGZyetZV00YUUwVdqvAqrxobcpo_mj7fz4C0JnjobN60B6SukaNXZ9hvko_JItZGIqf5Nr43fRnHS233Fj1tfpt2VkWyioA5TTY-OcpCYuWiEl4-6UvobOHGeh97GH1oe28Jfxt__2yS2yTT36VJ8nPpjJFm7Z0-sc7WpGCJ4jPw1LoV04XuvRs-xx5b1tR75SdQAX-b-2FvjqxvlnnR8upRjH4hDfWp_vpj3_FNA9C2b2qYxyiH9DZUBg5IqK4zxFZUby09rJF36c6KwxPrxeJ-iKhd1IxYp2VWWvxYfj8XL5RRm97k3yvlZl0j6CMpZYVvm1guk3gtA06j1xIsnz30g1yJ4bN8kvSX1mSy-RvrdEXo1uvpwIDw8z9vKJ8WIDQkVYf2zJQpvEun2y9sDfOPjWRLatDxyoenjRVbgL-s6h30jtghxhFl_OPMYMczm-FIhzAom7ugwJFhSojoSmpLEWqUkwD6VgQrJsKhhnMRzc1EmyB7n_v6F2g6QAJw86wWUN0wvz8sYs4J9MzZjrSRtUTYBnZGBhuqIZ7JkazsbDnnqNh6vY_OHbplGjryqLXE-1jo7SlNCnUi-VNpKm5l2aBZtfU7dpTqaI0NP3NKJvqG9X-xO89db0ia7258EnhRQmSWMdP_mCUwXRE3qYUuWeFQhfQYSsfj-1iZ75bIpiOcOznkzKZdffQTimmFnFNPQsgSjSEtV0bSKSc5GuygDR2KFfvUPwPl1iqJRTW_dnfR7vQxG3k22Z2l7CL1rBafPBE9JvEW7CN-wUeD_dlRIhZ9QuaFNLAJC-z1xLoOME5Jzcjs3HUYru0X9jIX1ednVqHCse0JuISqe1T7kD41OarV8GtDDGCddFTaERukI5_GNvwVT3PHG9_3MzcDNiQLZwNcq7JFeCP-5lVkdUw-sXSyPo47iii7Jxm7IJ8B-pOohYAQ75adCMQvDVsODa2fOafOr4xsp6v8DMc12rwkxFeU7drmQhbW9TtpCCwmtzwMBe1i8wascKZ0f8_dE3zHcRvRtRCz2-P-vhBvZvF2Q9QxIcHxVrNKoDLEdRMmRJYbUIM1nMvP0iZLFfQgcpdMHibK4EaNUW2lL4_POjlP2GsIPFPCzccDejfPoilLNiRw_wTqI2IVcE1vkSd6Ivf8fS5GuirqEGK2tBrvy1xFGbPoALSX6yF_fJgjaCdtPMQyRMC3DwBx0EhZmeMZS6Wpp4-m_EQTpF9V7AWWszrqPad9Yk-Y5v3PElyk_yWWwK5fzgYTMKZmHcJ8u44FKOyWeD5_da1CjdUSNnR7PDM-s0j04y1TpLwz-t7BEORdmhdXsgMCHgJBNkEh7JzxDr0lP0hD89yJ8ysG_MD1hh1lgRj9Ju-hXJh8jyRHeJAWswzfUy9gxV0MvwqYHGylN2mZO5B_RYsEbllvy4c2MuowRhTh5swjMhbUW_Uaflpqzam6grAemm774tgxxtmm5W9Rnp2iC1iyTaX7CEiRkrSPDk2HvFaRpW2oX4mTf4KCkBTiT3ZBuYZ2_MzSWNbw7gzOwuvmXM4ZjR-ht07YKKb-nVMLochYpTvug0HRIARnUAShJ6XTqA_b1iOLnJCPOc8xfWEMIvHXUdD_V5xNLaLBKsfgxv6T4sZ7k-ak4tMVsD8QtcjC4WAIs6ZecYNZMjlPmOUir6UmIL4xbvodod1KY9YUh0pGt8f77k5aXZo5_Lj5nz0SO3AiDfR5WU7putcwqLiAfjrL3IhM7L8Qk&cid=CAASEuRoGLi-Qd4vQOG9fiNdMoTe0g&rfl=1%2Chttps%253A%252F%252Fwww.farfeshplus.online%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:52:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
281
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:52:36 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame FBA2 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CdzP6eIGSC9MaDtrdp7CjCkzKD0E9Xwl7XfxskSZAYjcklGJqtr9dq2sA4REUj-qJadH5zKEF-c2pOz0uJ8DdQf_KH6RdU_KBvb6zW4XE-f6kcDP0wD0Hylv_7yizvgwm3mNcJaHHjFOYEZNT7NP8srr5qpg&dbm_d=AKAmf-Cp16xIR3hQeTTu4Jtkxk9jKEUehcq1iiQ7KwjbAXno_zV3iqwbVk82uHYZPRAeS6p5jL97DJa9pUYDEUFYU5TZWHtr1YsYAXLrt9EeVQksgqcQKJhQsGNbf7f20cXKpj4JFs7ekD_RZ1-K_i55DWVB7jVGYzSKLuDlwkZ2tUUQ4FF6nzU5mbrvoyh9gibBWj_VwSxlJwYblctDCysFLEFHhl6EPqxdtIkCo8r87W95nfwxVmAQ6RhpsBmQY897PdxRYWp5G-IZ7aGLpNSHD9i-zE4Rz2RGaTbXQOsz_6cI2BjI4OzzUOCHK2pWfW7Ck-AhCE4Ai8LbWdcLceMBiXaTGyOEErHRGrVC2fzib25L_krGTS0pd7gNJ6pQ38_Wfue71O_gC0w1HKGjqsb05HFVAGnaZuylj2MPH7_YdD86wgMRWCGQ_YIa2pU9zfb1AwmVrzNs-h0hMnnw-VypkUJ_7G47ns6qgTy8DFrUhZlkSM50-snumuecIVRuVRkbpQfEe1NLl953CUC-Cm7BT7gLg5dQ1PGGyXco4kbgreVxJGf0V-N95jCdGlFgUjRbOV3fRxnG2su3NzMBnW0eD5wovSd3byemwzmNqdP7Tr6rIoG_PuJVkKEic-E5i9KzM-Gn88BnA9uPCu0vRI32hpgruL2ot4f3u2U5zbwbRTvYG-qEieW_biRgcy9ykxtrLYES6K_l3V0oeS8O9YjTO4VXyEGQzyhDRObzXuaUXC92gmbq-7oLRoa2OJe2AC679JEC0JdN2uHlZyOYb22eGFuAbVA9LvmECkswK0GY_uZQ3DoGlyhsvRevzGJ46vMZ0zqvOvX7dE3A8fK491hEE7JsDPEatd574_vAkGYZjuIBLJuBOsP3KgIoPtMmKdipgf-qEs46Dgz6IfoaHZsL8hAWuNujc0AbNuc77uNwuVPlXhhfo5Yc7ngD50HE1Y-izCJaRavFS9mzldsqMEJrS9-UFq7nLemux9kb6bveaW4VCJaBXZnAS_YkKz-m8jzekfZTTfnIKwAKFg1I3VI7urZ1kqRSqs2PQd5imQNQbMaZW9goyCqg7apUTzg2GjY1xlxuInEUS-GxG67qlfOAtb5vEgGKJRLn6WYRwQIdvidNabrs46H60Dc7sFN2OEM4z4GLWYndba6T8OLHK5Fl7B3T4fi77lIKYaTu-1mGGtQapiq7uR7nTbJmMkC9SPaEkjonS_Jwzkyv5UrkaYm2woJ1o93WgABatmwRH2C4u_gOQW0w8KBNxrf93WGx1Wdt5OpkumvbxTtD7Ypty70vKGCbdWp3zsyz4luSiNLJSnZfNfcPTS9YqYrEiDAbEYsaIFCjk-bAkvFGr2Xlebt_zLWHUI1ojFvmzYSiQ8NegonPNADnvQI4Ze8m3JGkRup6L7HBEmxasnECDTpeuY48MSIcd7dsUBqAa4xepa8M2LCAywtuaIs6af1flJSDCq4Jv23TJx51NWJ5rcNhw2BkdPq_Vcek1fdGZyetZV00YUUwVdqvAqrxobcpo_mj7fz4C0JnjobN60B6SukaNXZ9hvko_JItZGIqf5Nr43fRnHS233Fj1tfpt2VkWyioA5TTY-OcpCYuWiEl4-6UvobOHGeh97GH1oe28Jfxt__2yS2yTT36VJ8nPpjJFm7Z0-sc7WpGCJ4jPw1LoV04XuvRs-xx5b1tR75SdQAX-b-2FvjqxvlnnR8upRjH4hDfWp_vpj3_FNA9C2b2qYxyiH9DZUBg5IqK4zxFZUby09rJF36c6KwxPrxeJ-iKhd1IxYp2VWWvxYfj8XL5RRm97k3yvlZl0j6CMpZYVvm1guk3gtA06j1xIsnz30g1yJ4bN8kvSX1mSy-RvrdEXo1uvpwIDw8z9vKJ8WIDQkVYf2zJQpvEun2y9sDfOPjWRLatDxyoenjRVbgL-s6h30jtghxhFl_OPMYMczm-FIhzAom7ugwJFhSojoSmpLEWqUkwD6VgQrJsKhhnMRzc1EmyB7n_v6F2g6QAJw86wWUN0wvz8sYs4J9MzZjrSRtUTYBnZGBhuqIZ7JkazsbDnnqNh6vY_OHbplGjryqLXE-1jo7SlNCnUi-VNpKm5l2aBZtfU7dpTqaI0NP3NKJvqG9X-xO89db0ia7258EnhRQmSWMdP_mCUwXRE3qYUuWeFQhfQYSsfj-1iZ75bIpiOcOznkzKZdffQTimmFnFNPQsgSjSEtV0bSKSc5GuygDR2KFfvUPwPl1iqJRTW_dnfR7vQxG3k22Z2l7CL1rBafPBE9JvEW7CN-wUeD_dlRIhZ9QuaFNLAJC-z1xLoOME5Jzcjs3HUYru0X9jIX1ednVqHCse0JuISqe1T7kD41OarV8GtDDGCddFTaERukI5_GNvwVT3PHG9_3MzcDNiQLZwNcq7JFeCP-5lVkdUw-sXSyPo47iii7Jxm7IJ8B-pOohYAQ75adCMQvDVsODa2fOafOr4xsp6v8DMc12rwkxFeU7drmQhbW9TtpCCwmtzwMBe1i8wascKZ0f8_dE3zHcRvRtRCz2-P-vhBvZvF2Q9QxIcHxVrNKoDLEdRMmRJYbUIM1nMvP0iZLFfQgcpdMHibK4EaNUW2lL4_POjlP2GsIPFPCzccDejfPoilLNiRw_wTqI2IVcE1vkSd6Ivf8fS5GuirqEGK2tBrvy1xFGbPoALSX6yF_fJgjaCdtPMQyRMC3DwBx0EhZmeMZS6Wpp4-m_EQTpF9V7AWWszrqPad9Yk-Y5v3PElyk_yWWwK5fzgYTMKZmHcJ8u44FKOyWeD5_da1CjdUSNnR7PDM-s0j04y1TpLwz-t7BEORdmhdXsgMCHgJBNkEh7JzxDr0lP0hD89yJ8ysG_MD1hh1lgRj9Ju-hXJh8jyRHeJAWswzfUy9gxV0MvwqYHGylN2mZO5B_RYsEbllvy4c2MuowRhTh5swjMhbUW_Uaflpqzam6grAemm774tgxxtmm5W9Rnp2iC1iyTaX7CEiRkrSPDk2HvFaRpW2oX4mTf4KCkBTiT3ZBuYZ2_MzSWNbw7gzOwuvmXM4ZjR-ht07YKKb-nVMLochYpTvug0HRIARnUAShJ6XTqA_b1iOLnJCPOc8xfWEMIvHXUdD_V5xNLaLBKsfgxv6T4sZ7k-ak4tMVsD8QtcjC4WAIs6ZecYNZMjlPmOUir6UmIL4xbvodod1KY9YUh0pGt8f77k5aXZo5_Lj5nz0SO3AiDfR5WU7putcwqLiAfjrL3IhM7L8Qk&cid=CAASEuRoGLi-Qd4vQOG9fiNdMoTe0g&rfl=1%2Chttps%253A%252F%252Fwww.farfeshplus.online%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7c55617f84818daf4c70cc10ada26ddd5b582b1d1c2c2829b3220487a6db477
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:54:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
159
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
server
cafe
etag
6261108306223674270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:54:38 GMT
sd
us-u.openx.net/w/1.0/ Frame F9C5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPxS9VvqUP9pv7CV_HC1JkI&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPxS9VvqUP9pv7CV_HC1JkI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQo5yvhgMYzseQvQEwAQ&v=APEucNWAWLJUR5riBj2OUwJ9DZ0FO7anhxH1bejFQLyeq_j3dENesBaQotGM4SuNFIP9MO_aTCHq-yJCYvVG8mSJjwutGGWvXDee3y4BuGBZzq2MOw70VRr_39w9uHkseKKryt442VFKN19ld6vCmXpKmTYPH9XJQKbWQvdrVDG3b1NVe1YcpvA
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:17 GMT
via
1.1 google
server
OXGW/17.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPxS9VvqUP9pv7CV_HC1JkI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame F9C5 		43 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQo5yvhgMYzseQvQEwAQ&v=APEucNWAWLJUR5riBj2OUwJ9DZ0FO7anhxH1bejFQLyeq_j3dENesBaQotGM4SuNFIP9MO_aTCHq-yJCYvVG8mSJjwutGGWvXDee3y4BuGBZzq2MOw70VRr_39w9uHkseKKryt442VFKN19ld6vCmXpKmTYPH9XJQKbWQvdrVDG3b1NVe1YcpvA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:17 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame F9C5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEA5X2ZqbwNNBfySFjnpriwc&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEA5X2ZqbwNNBfySFjnpriwc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQo5yvhgMYzseQvQEwAQ&v=APEucNWAWLJUR5riBj2OUwJ9DZ0FO7anhxH1bejFQLyeq_j3dENesBaQotGM4SuNFIP9MO_aTCHq-yJCYvVG8mSJjwutGGWvXDee3y4BuGBZzq2MOw70VRr_39w9uHkseKKryt442VFKN19ld6vCmXpKmTYPH9XJQKbWQvdrVDG3b1NVe1YcpvA
Protocol
H2
Server
104.90.104.248 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-248.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:17 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 18 Jan 2022 09:57:17 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEA5X2ZqbwNNBfySFjnpriwc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame F9C5 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQo5yvhgMYzseQvQEwAQ&v=APEucNWAWLJUR5riBj2OUwJ9DZ0FO7anhxH1bejFQLyeq_j3dENesBaQotGM4SuNFIP9MO_aTCHq-yJCYvVG8mSJjwutGGWvXDee3y4BuGBZzq2MOw70VRr_39w9uHkseKKryt442VFKN19ld6vCmXpKmTYPH9XJQKbWQvdrVDG3b1NVe1YcpvA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.104.248 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-248.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:17 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 18 Jan 2022 09:57:17 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
css
fonts.googleapis.com/ Frame BC18 		2 KB
513 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=194721897&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1642499837&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837225&bpp=4&bdt=685&idt=465&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=2416&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=MOK4ELxiBJ&p=https%3A//www.farfeshplus.online&dtd=467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2f43f6b7ddbd421caa2f283b114e810e158b5ed13d7fd35884b299303f3b464
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 18 Jan 2022 08:52:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 18 Jan 2022 09:57:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 18 Jan 2022 09:57:17 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 97D6 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIPUjgIQw9WUAhik_IufATAB&v=APEucNVvvBNaWYkkhAqT7IdKeKPXKH3GMcCwBgtV_fYkpfd97Dgayz17FOqq6a9DsH2XbyHIFuPbfRjcTalw_Yy0sS2DswvlNh61lSIqUHUtwRw5dlhUADhx-5MNbQ13M8iFuXerW_odaSC6fJPi7x_5U9zF2CASo2fY3_Z7ZoHy6bUrbOt43LppnmfruQoYs3kMKoHCmaFytCAN3-1t8W4Tbs2UVUlLnQ
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 18 Jan 2022 09:57:17 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 5F35 		25 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Am4lVa7EXCjIhjv4v_MzjKQveQyzX_-Rhrz4VSjzQ084fcJKY1D8RYgLXJufDUB7rF0wk0EY3CogisQuDfjVGOJtnVLnAEIJrpv63R037_B_2lNEDrypSettXoJryx7Cq6FXv-JLQD_pN-zfv5lJwjq3K3wQ&cry=1&dbm_d=AKAmf-A96ypXuddUBHumdV9L_EVGzQ_XYUiUQyUtpvdP9PtmTEmewr9Z9kWeE5VhscuOi-nEifk98kntbGFktnxxpvoKJyidZkIFA9qAQsNXJL1Ov-CiVC2PtF4fj7TkVa0jqov1Tu8KA_o1UGV1NuZ74DnpCCr19hHbXWn_Pe75x7y4QlprGsDvxYhEW_baWcOMEmltj5lEy0ytS97w-0x3bqeH4ZzQVq0G01ndK00poP6_tVHz0l8P1O9lfb_oMaqYGkC8G4dJbI7UobkH51fWwmbQiTuzFdC_SIFm9hTu0FCP7BrvoOLYzJOdDzq_uo9ltgz5qEyiEZEnjdY1xFFgZVxRRZObr4ESFiJnJrsX1nvLVJb_znbq8T7HA8lUfcbNdTotFrvtYAhgoCXd9-qW_LeCm-FVSjsbdh3d_TAx2Mt6HUcVGysnZWmNIM8mFO2h8fR59bpkHp9h20-F6t4B4LYT3FA7xyvy2mCZ7RWh-cIns-NT3kh53oNKPOKoUfHEBTQ-yLt0P5YNqunnEJtcFLFfRQ6hFbq8ZnoYtJ-kkCqTWdkamNkVxYNkPGLrtETPHu51dvkutzny51jd2qriCLknI0p8b6OapeKI86VryRtkYo9kzxs-NyuTivVX_A3BhWnHRa8hAVarXLRWjn2UbKCCv6z__1V9lbcs9UXg8jfIRkF179kArIPs7gZA2N-Z0yoS_L5dS4Ql_4mBM3EfDcGp4PaRBvMtrnly_H3sr6BQi3EbGJo1EKpDJolVL-n2ylYTFCoa290oUr-xjgKIusMTnpUAxbzImasHMQhob-y9AdS-zBV7LsVItXYmDMAzcy6vgovEvMKz9mXXdxyIhLILVrPpW_SYOj_t5Xr1FLZOTtDzZHf0nLdf8T_QILJd4ejA1MZG4crAdue8wkOohwMARnmaxQabkSEFkiiwxj3F6NiOdQVPTVbXsJcRmVaPebGyemIOUASMQdVoZU43OB_FHFogR5Mvh0vkfCHZ_cd2MGP4Tz9_Rj9rJmGESOedCt3h2FE8IarBteyTUjb16Uj77dA2y-M71Nj7HvvmvHO3OZyFvy0dGrAS22_JtOUL1qr_ZgDHQMkm9HV6XmDN5CEYy2H7Ovg9dMs7Tstk2p83mDxp_Iw3-NuBu80Rb8LA1MWlR9ZNOh7LqDPUAS6WnODt5C85VtnrLRjef01eSAY2Lax3nb0wYa5ouK2VkdaBLj8UtebXo0Q8cQ3znDShKtzdPqUS1GKuTUQK59sh4pm9jv7vf8a5YGSqhYZjMMC2h2_hemzYEakZ2SLeCr6XCKukEbYyIA47lZAyLN1M2Pfxwv86HUja1AxWc_0hQBy71nYfbfKzXODhoUMDPJfZzVbrlBaqn9f96bMHwgONIbVvQ9iQyZ9lj6s5UXu2Z1GPIurni9DjpLRm_X9wJyz2pwXMx0u8zzF0dkVVthCWTurxvtjEn0MuP1vZpeFz4it8jBoaAaCOia3cQJ28-iiPP8jI6T8Zak3gpVUU94cRxJy_hdRt6bs-LBoJzSunYYH3HdgY-vTb6aFe5YsdTrhw1QyXiZzM4N6YHw5x8RuvIeUvxedXAO0jfo5J-PJHq6r9wxcXbCCU4DFs80tKRwAOLQhip-3c_OyTDc_PVQiZqSJUFJDoMSEs4U3nwXTByfvKMihod_C_FZHDk8_h16777kPVouXTWm6N_HQ8y8m5_4xJgn9Xo0COfbWPv7QAIhWHMYrwrmZsWLG9Fa-jItiMa3eDiM0emzicTt7L1jCdBceeRliB-2aAS74Z15Mtyd3wU2DDgsQRqW2nfLGAJ_x59DCeviEtPRJaxL0eWUCDp_EqJxTK3XJybKiMkquoBp2s93_dD8rjAHl5Y65xewGN2s67Kr8gbmyNdUIUUGCLvQ2VqWuuYpqocz-AbFU0x1SWgVZfrNhpPuPOVez27lAbFR54VFdjztLNcaj1FDX4yD0GhCDx8-QH_WKivJwTJanuA8OhAH4z_cdW3P16zvuCgy_afQpTo79eNUglg8UL9IP7neLUYvPWk5qlaYowLKKCKBKo0QJKM4RaKxUfYU8bIlkwbQDMxYksUYrHI_FqPGf0rcfJm2x5AEyb7i_yrBdF_hIx5UB0v-BkXH_TzZRCXJneBB7XEADZxegqvRE57XnEkMsiFNima-EmI-elLcAAfI-XpuoJlJHV_Y8LcCvSBdP_D1X4ck0RDGo4II_RbCVhGaUjaYmH3uxeMKHW8aSc7zjdylBQU2FcGNLtXVWiQSHfNhBfzX_RcMyRqvIlrmPVJRsmDFGNCms4943cSuZgXdoYfHNePoAvEviM2KR2fjM7z0FY5w4hvYtPQNJJTEvNiXWMKOFmkNN57AJR9X1qFci0NizjFkC6_mXVvKUt21NhLfqC_t56x1Tb4U92AUc1UdMzHm7OpFEkRz6lRNJ9y4C2RoTUbvT8Ryu70sLNGFYWOaK3Xan6nWsLj5Ktpdu3os3JvBqq_Y2vqfKFAIhA7egL4UWr6a029LboC4ij_40FCVDhPS2ub2EeH1mb0eQrDjfsdNx1RAsVfTyheGyHqOOhC4-5K9mC3brHCS6WTOpnDyQluk5y6KZBU0GrCER5RJshrRytEBxvrqmj8hWkwm7G3iH4y9RnM1SSi2cfoPHiGg3Z95zjXrk_ig4Qw5vCUI3hj4qVZNucrpPHuI7A8T23BJ22dOHcTQgAOh1nhxNealjerigoxYL3neXbLwmIwK7ysNSYAcFkYo-gnSMUq8JNgICzDFTr17Bxvmjp4bbuej6Yf452WsFep0YhyApG3X8CRVGjgcDh5_Bjqw7qcCGqfAPemZsj1WZYI2ywdJ6oXAO50fOrdsBCfqvVWmowP4R4BYxGYTIao9tiurjuPmylNrrqJkQLd3Od4yEb15z4IL0FFhkj_QDNuVUPWo4FbP0kV3HrSvKKK40pRCX9v6vmz5Iyy1Y6L5lCLQVcg2Eow_47we-kZbtp0YiyO114u8A6xy1CbijYgj-AJdCzugmFgSd-5baL_bIRF9Xvt9Q9_13C5cqhZj0MbCAGpRg4zPWYZiNVjWaQZAi7hGWIu82rG-42Am_oJ3ygL7_CXw6oh9ubF0h9oLTmUDvtIXgxza1G3WeF5USuaDNj4wiAL_o63ybVwbYBVurFYwuyyT-gXeASMX50EXvIDSgu4l8EeC8-TcxuGiA4J68JrRHbzc7N7ITgmHXbtxAzIJwY-5JCtc7jdq7M9gnfdSW-1-RzlR8Q-TPsuNFsjnsY97X3FmY5AydavssqJ6omlyKe7FW1TNuewOkJ-R08pOq7AMV7j_5Mw4k_uk_MJb0c9U-xhmt5zGu2NdOn3uTphEtTiX6p27UyLA&cid=CAASEuRoK5y8vqmBhiyh8dLAoQo3oQ&rfl=2%2Chttps%253A%252F%252Fwww.farfeshplus.online%252F%240
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd65d0f03c5b9464fbed4c23d6e90c442fae0114276ad4b2e858eb97dc800868
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14510
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/adfscript/ Frame 5F35 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=44454688;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CKMev_I7mYejfM7aS7_UP0pC00AGmuaK3Z7aZv_CpDfAuEAEglZvKIWD9gpGE6BGgAZnb4eACyAEJqQJVRqiZDyGzPqgDAaoEnQJP0ImlpyQOVXq8LHOmsnql3y-KCBFj3VGI_cGbPD7-9CLRMtzwKKeHjOs8mGSSJTiiTFNqm7HJXUU43Z3uhb7y3f944Nv38Q-AYeeztQ9jhjwvf6tTvddpwdvCC9xl-CcqYCS-L5fsfXFfuq5sdCvx76GS3dPd50rK3xUwWfbeANtcaQ_ftkZ9TZV-_s_YujG2LcbHQx9lkXcp5Fi9Xdq6q_omImJivMKybiT2KwCJUaqRVqxObr90o7YF3VRWtTrP0HDdZOwBA6SBT4DTRRpRtYIDQDhr90HE8fyz1MKcB_BNT58BsDE0kUBUGYCUnngdNgREuX4nuzpOUzG4oew6UiVDlGWFfyD__BqpE4GWrQpAFX2OSMEzrFwzkA7ABKeMgcHEA-AEA5AGAaAGTYAHz6SenwGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTU2MjAwNzA5OTAwNTcyODCACgOYCwHICwGADAGwE7ve-g3QEwDYEwPYFAHQFQGAFwE&ae=1&num=1&cid=CAASEuRoK5y8vqmBhiyh8dLAoQo3oQ&sig=AOD64_1ULGzkaA4dVj6IXinBfTIT7IIVbQ&client=ca-pub-3831894559014614&dbm_c=AKAmf-CHq3cBUU490OCNjvEnutiXubLG3ysIHp99HQMIsl1JRo-DrDsj_QcoPKFR-qNbH3OTUaJ66wZZn6L-KCxOcRxJJynOkCFthtoLvI7bvmPEyPWhMikgzMCh3_Sfne2gBEKH5POcUKz3oFAWKdzXGyoI9VRKAw&cry=1&dbm_d=AKAmf-CkIeplFgm1pkGouS8hEoLbx5nyvKl3q61i3t9pDkLYJO8YkUarhpdurFK0InREN541xMyzD2qrg8MsyWxOAvmKyr15Dh2kMTppmtVCQ_m8kA-Am2reUnlgmcW0ohTRDlWaaMU5u5Krq8jGf4cF3AutlLZTieefh2dOBz021VUtdaNQhb3Q3FkA0C3Lql_mK2i6WQBe0DNdUYzm1fhzY0RfXHCRwq-Tw5KJL34hGW6xxFO6TWxtkLE50jdSO4J7gRJoWwopBmwlpHXl2_Z7MrgLvsykpZeRpgTVpXksLD-Ir6WXOYUGUPFs2YWBVrX2ddjD6bmbZChhznGU2ezltj8VMyTSg90lk41RDRV9IaMqtb5gWCObkfxWDPLC3wcajycAKzocC0Wj_Ti4IcSuA-_7sadgDo3x6NS2Xb7twI8nDpo4SvzZU1oOONHIzvCX9qNKbWue1jNGzgjKdGPmtUc6ER9Fpg&adurl=
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
f21e2eda0b3bd79ca2a89a0c5e7ff2332e1eeb73f11f5ae4381660e1f6e40ccb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:17 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2174
expires
-1
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 5F35 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:54:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
196
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:54:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5F35 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 18 Jan 2022 09:57:17 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 5F35 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1072
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:39:25 GMT
l
www.google.com/ads/measurement/ Frame 5F35 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTW3r6vpmku2GZsW85hMuVzenUzHy6_HHSWA9YzbSF-LyY9AtJzGfC7f-qyAJcAblNfcRZR7mtb_X-4SQvn_y4ZzfRqMQ
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5F35 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D8EMNi_YvVc3kCvRJPGzJbi8DK67mjGLmsUQs8nWVQevmEoKxtVQa11Pe27t_WAcyENQsQuW216cY8cS875Zgwe4mJf93cQDPINwXx0Nbwvc_ZK70
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
14584108477233219256
tpc.googlesyndication.com/simgad/ Frame 2975 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14584108477233219256
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1738279810&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1642499837&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837136&bpp=5&bdt=596&idt=476&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=utUxa3igyK&p=https%3A//www.farfeshplus.online&dtd=480
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8514676e0ebf7301f842b4c5b74e88f266ae1926b9acca83b188e9720253fefd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 07:18:22 GMT
x-content-type-options
nosniff
age
9535
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38375
x-xss-protection
0
last-modified
Mon, 12 Aug 2019 08:53:11 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 18 Jan 2023 07:18:22 GMT
1px-matching-adtelligent.gif
t.trafmag.com/images/images/
Redirect Chain
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=d13c6ca0430f3af5
35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=d13c6ca0430f3af5
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
HTTP/1.1
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
t.trafmag.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:18 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"

Redirect headers

Location
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=d13c6ca0430f3af5
Date
Tue, 18 Jan 2022 09:57:17 GMT
Server
VertaMedia 1.0
Etag
d13c6ca0430f3af5
Content-Length
0
match
dm.hybrid.ai/ 		0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=186&burl=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D324902%26extuid%3D%24%7BVID%7D
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.21 , Russian Federation, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:17 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
108
x-xss-protection
1; mode=block
expires
-1
pixel
googleads.g.doubleclick.net/xbbe/ Frame A806 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCE4EIYzrGLCzAB&v=APEucNWVm7VKWfC0tRL70MMgrzPIN7lYZaDsXps48W4C-byV6y8YOfAuR040t_uxQ5bIKyNRSRixLFdNxnV7grDAdBexRi1StgwQKy6-tiuzOoZfzocBVlAy7_iu0xskdosXM2WLOADSWvu67MT-9aybSWvswactMISzFC7thM3uI0n2-ySNr-mwMaQFGMeRmpL5VUh9X3KKPfu5aVNAperkAwnjrgfC1A
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 18 Jan 2022 09:57:17 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 8458 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CVKOg-uP_mN0AQ76M__TkLbcY-zr0nO01-i7-qz5iiXkVqJhEwwHY9DdIPb1p35BsYTRqBmLHjE7qxqQEjuvZ3rGIV9HlvBv8ArblkhUqKEWUEbf9qyVbVkZ_ZJ3X-IVblxOk2Gs6SCfS50L6EkXj9BKcluA&dbm_d=AKAmf-Ag7q3YD7Kv0JXVyJzDdCV7rIJZRCkFWQEzfbyZZXNcmK5KogrwAw6z3g3_h0-JVVDenFOZPAnm_6b-F3MgO8Dy4Eva8TFkEkdvHr9h7OmwGYR2fd1tOF2MZWeF-z8mWLoIbQMs51uLewvTpxC3IEFMxrsfDV7WnA8E130Gyl7txP1S9shm-LMvRksZ6kc87HPbYl3WJd4aqMoiPW6ZPp1iQpxlbFZ2EaAry3mcDHehF9WLdZiguXOzd5hAVbX6fBXBoqw8i-z3GLD-iq57iR0IKa8jqaGtRTDwu0DCdDw47NfdWE1L6NWczAnpD27t_qyF4UGoTFs92Jquj73OoOseR5jwZcyHlrWsq0lQm_K_Q87A1HBK62vlNZzM9ZxSpSYUj37bCNDWSyVMeKauhTdojJIfcTeXk17q2Me-I0XjuOEl-hARIF6BKvrn25yJfezuSh75thQ0iIpEXq7rAwQRfVNsKt_RIIUmDRV1d1YmEZGmKJ8VehEtQQ4ibH2cuZ0QRzOJNp2YVB2IhTj5iHnIBGHYVJCKnEyy22OPqYj-T51dz2Acptwo4Nff9k-sede7uX8qrb1Imwat7nS42G3UWhJxicFqW-zFZ7Qbgb16TyE899BJOsoF8EnaeDLEratg9xEzebljAupesbVeU0YbVL44C9VKlM_Rz3WIGVHffcVfCC89MtHoQgDieAliFdQsD_Q7ZN0f-tzQbGSIC8f-HvtJ8erIr7DLVY6nnhPGP0lZmOcKEufrq7I9edNVh7bS7XuXxyTlbLAkg8uPy-qRZLN6yiB8SoqPLBgBPWgJDnDJ3dDK15xRFc-V97NA-b8OEDZn7pvnAYU95UNbt7jYcIY5FFxpdA6-BNA2gnxp6nW6SjSjYDCbFOCI7lLayKV02PET20cAZaYHlk-leSI-E7gldk9KfiSoDtiL50Xb6Dwzx-ZdEsxLLsWSDco2gqubWmybwQx2dHGI8SNpLsfUArZOnB2XT5PkztZGq-7ftsx6sFKrozJCZCc7oXQJQVYlKvgX4rUqF5NCbM8fem0tpO356LVfM5w3kPePO62v02KmDhFdWbQWHNRqVsW0UFOyVaraku6VmU0Bo4Z1CDcEtItF3rX58t1k1znmKbnbHApnIBK9ZejwLuEOwn7AI_b5941m1vOTSDzYz9SBLnxJM8PsNyYMA5JHKNO2KYaE6jylaSW_MYiiGW6TGzdYvnpKPqIQRH6Y3n8sKjwqosYFJOXfzXA_tp-Oi6_Yu3sTrzAN82WJWMayE5NpKSrNUiAL6XFvQ4QJ1kXIi9sOIRp6qP9AUCg2oSPSopM_ogJjcfzt5M9lEPUV3tNys0oapj2IJaNNDPxzwCoJzeeVyqNq0IIgPqJM-sur5L1hstPM1IsdSko4soxT1d_8jmUAR4-1rMnx9vI_ssUm_q78vVI7jUjMy3dtX6uQsjV4S-5kBqJsDzD5TaPLo0d6tH3xgw0iPfeHVLcnj3l7pVsYcBlCx9mwaUUXZHUbjBzpyQWARprd9GEeeTut_pmpfL4VTyxxAQ5YBe-QT8xsCXmJsrJCLfAXBORQWotOFgSJjDBuZeuZYK8L1DmAwhbOZQOu8liRNq3n2uKPaCqh-hxqH5qzqCDkgVZ87sV7QqTyNCnFrP_dHC4LSIZv5HgKXt-dEVqf1IrX_nLRLoEIRvFFd8N_06s1SQxINZtt4xhKz50gtNXA-0GDtcuUlDicNzeK_2fcIxbEA8NFMBdMgwxMTgLTFwvmW1vUZuZYpr8L1GB4NI4flw722nwVZks8Rey0JTtq21GVi8FgiJ2cCLvYmZrh2Ey50zFiOAVa5M7EeK159ypdrYT1j2FJIRUdRDVeCIkNmzRv8nDeOcg9IfGLYa9tEVW75zV3vAR-j-r5mlutJE0R22OuT-wQwNP1kGFct357YUbEmm9czt4hjS2BmhjOVJM-6hlMtUMbSTaDM6b-IWg11ON3AIiFiYOpUYqfm_3mFSegqXQlnHyp_D2YNqnu704SvN9ATx3CoyXq03Re0Q76X9T7in07zO9gwBKGi2IcG8d-aaD2cDsEOOCc0USeOp8s8lhyKOJeZ3D0_SG29Hx7qEg9vYK9w1GSXrV_xnenJ6nipGhX2nua2utrdIkA9JvdzurSc0VDxzllCt66-Ehey5OQ9NO36kFL7VXApRDZcWlWWXos7w7u85twlljCOfjeoyhL_CCF1AXmGVCUHYCA5fBCGq8B5flYVVcQk3hqS46_UmbTuBwK-krlSZxMUFrrr8NFNleHkygQ8QSNocd1ka8Q6K_GGEpMeDil5danVXCZDXv0811FaRcGpqIUCMlI2ELXYJaSi308vkKg0pgmhPGGMfyCTTjPIDg77ZitByoLA4iPsrhjjMcpkvTCKulWF0gpbC164rJX65wnBDRVBjjIin24X05POPS1z46Lg0yAxVt0MLXWr5Cxo3Xm84YhMZSzdsZldEwx36iNHsSXc1C5vqmBi1RoDdurqqIZI_Y2qETzV-hLiKbv2PtMcqoapbkkgn6NYlDefb4zHJ8SbVnezKgLYx4w4Qqu7_L-El6i3vvxnqR0hGH_Pvf-MKlY1xfUWHm1a1wuouwbfaqqJrFWPG1VU126wE0ldi0gqW3ZdnRdmkYybuSSzGAiNxqltrf_S6WZb-Z5Qr7zoSeQkdB0OhjpYWM0QPkgxXiYHT5c_0wUPihTCjtlse79E9x9TcoORDRYYGyL3LQ90__-36u9M6n3wVs5l3nYm_Sq4E_e4R8ogfhmVtRjoyGknlXs-TzaMeiBa-f90f5n1k1z21fFgHSyIHOWrqTHzcLgmvFHKsGgHdWZ9lVxu7mNll1NLmyjQr4qf54yj24oV6t9XrvIF5UItyD6JUVsn8jL2UvVH1g-XO_pVWmWiBdX79eEDjsKwciXd8SIwhix6t-jqrVzyiCPzfEcLbfZKX3zxiFNPBuvAOAZsukp8Xx9fQexjktpISVoE_O1KJ13iebtzwzn1LTWign4V7M-4eLdNlO5VylQidK7c-9vF3iHJDNZSuO46eyp1d-xkWFVhXNjpAj7WrTXWmFS5dCmjjiAAlrs_BrnxdNXfLP6ARAhFny5r-Z5st28ZltJWJ0pkhX2Ok1MoIvWgmW9l6ul_4CyWQDxeLHwyCYofRaC3NBPJ7aSfLw4lH-jmLTMvkexOljG5P3tC8rK3IHTZw0HaiizGbqNokVwFOkazpnfq43KAhveke1N-wJ7U4r9ihJ5l0koOFlZtf-qkjRBh_nF8gzHbUVX91e9D-HrZoTu8-eAu06Bdfx9uUhDFCZOD5J1chCMbflUwxYwsnnSWqofAzUmupgg&cid=CAASEuRok8HxHJbsjTN3xH9sYp1rAg&rfl=1%2Chttps%253A%252F%252Fwww.farfeshplus.online%252F%240
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1d78f1041f477db1e9bbaca5838b5fc44189f5bbd1b4ffd94a941a28a1cbad6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8458 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bi8I08n3nXNBO6WlEL-j6mkQu80Fkf49CLS_Yc7LWS6QsS-6AnTaiBtddmFSuvWFiuPZCbZUykQWEgwcEl5XtBsnzuppLr1LBPQ9mQsSF81jITIPs
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 8458 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:54:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
196
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:54:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8458 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 18 Jan 2022 09:57:17 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 8458 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1072
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:39:25 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 2975 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CCnR9_I7mYZThHYaE3wPY2JHoDKT2zc1kgu66nLgKjNmWmYYYEAEg4OLZVmD9gpGE6BGgAfnczPADyAEJqQKLb_GUYo2EPqgDAcgDywSqBPoBT9DfCskI0hxeLE-zgmNnvlS2bqqGgVO_dbdntZGIfw-n9LYg_sUAHJUbeAZH7Xew9IIrW8la1EvnAiDJamO2_9_61CyC5spEzwzuSdoWGdAhiKGcWTobuo1ANQuuaKgf4LB8fNtCAh3Rfz8yp-BG68o429OX4mQ4ppCZ0UkhRv40rvlIYufUNYMRlmrd5AL9CU1G-PWqWYkiMSBzGAFV0Q6nY8g3Hx9GpE1mLWtvmFV5HFHebsMbj-eOMiEh-nOHpyHREnGGegtXhDtklYm5dCQnruDktjnhE12nWHWyZfRLkmdlvVx5hSEE9lN8cETFM4a27AR834rHHcAE8Oax-KkCkgUECAQYAZIFBAgFGASgBi6AB5T3_DKoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQjOAF0ggJCIDhgBAQARgfgAoByAsB2BMMiBQD0BUBgBcBshccChoIABIUcHViLTgzNjc3NDk5NTY5MTcwMDYYAA&sigh=toYbMU8arfI&uach_m=[UACH]&template_id=494
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1738279810&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1642499837&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837136&bpp=5&bdt=596&idt=476&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=utUxa3igyK&p=https%3A//www.farfeshplus.online&dtd=480
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1738279810&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1642499837&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837136&bpp=5&bdt=596&idt=476&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=utUxa3igyK&p=https%3A//www.farfeshplus.online&dtd=480
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 18 Jan 2022 09:57:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1A62 		499 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvochCQpY4CGM3Po74BMAE&v=APEucNU8ty2_bxHIt5Mt3tYisM1JTXZUWSYNWCn7z4cYvWfZc2YniiAhsa7dzdqZ_7_qJC12NRAw4FmbsINZhvENSUOKHgpzTWvs-sKFWdbUnObtSLEn610HfWHs0FwppA1Cp7I6srJm0QU5fjEPt-5weAt3HLLONLfcqLnSxDVceuqUnr26o4URDAmFxjxiGfm7TA8LUETjs_6vZ11eZXvCKNj0Ud_G_g
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 18 Jan 2022 09:57:17 GMT
server
cafe
cache-control
private
content-length
313
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 4E33 		82 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BlWDOSwMfEz_0jCo9DjwklujCiwOK8p1TzWWAyh307dyMJ_-2CMexpa06AJZ6pJ_afqRWWJdjxg9lIk_CSFgYyNneBgCsNPPDtx_g_mS_QC0mn6x_ejGdEnNJpHw3MnvrRGpu3jAMxnLWTjco1GzeSngbU4g&dbm_d=AKAmf-Bjq9Was6QaNt60EWxFZUT9xc2lKQ6J8lyEMnwQG4axrBZAEpxmU9ahE7S59tGI062K9UZLREO2mgJx-ANPuNQUUkmbEDZE9QvBOmooMB7V4_AM0re-JEeIBwxFLUZBB4lEV8HUM9s-uQCHqv4am4IyB3uPo2eRjRXhSDazLASwgTV6qUaPnTFnj5dL11Rw8H32VaIguCXsU2yash6MrrsWPHzfKAqfu9uGfnvX_bULvGbYmN26yXJhPfaGBxr8MyHPKj44TANQDBTQdX_-vd0WWuj97Qic2sd5FB2hZNf_ZLsfI0_nBJ4N57IJzhSIM7U0gEPWO-xN3g-oYYnP8A_yL92Kx-WvMEPqXSA5FIFf4OZkr5tzAm91lIr0OL_kcHGZsQ22i2UXofU5Xoz96vfjGSXHBJYgMOFPeg02RCCB7hyty4DcdPH2bjxx6kJJad3tXIo2FVv_dSHQM0GlyqWFoKULwEf5vVazsyu4St0gnTSKfPgZK-a85JlUeWEHR2OyeHkagqY2thajqlFhYeZzZZxJDlhMLZQQZeO_PBCx_TL4Qlxgbh-kK-3oqPbpxQgkKDaNOmNJztmUZ1cfa_F9j_gpMBY4BOnzMp4H1IzOcOTnxgT63gco5aNw03n6sYtRmigBsARC5FS51fAsA9UBcPXSjaT0W2jV4-eofeb7q72PPMyzMHGQDk4oDUGn6k0FwhnQfg-C_latrZ590btWcjMoLMiRfkFQLjwU9HaC7sQL8z1P-7LB8OlCHQuK-d1CsL3py3mDTZwrbyMHZUKyeS8IqTujc9eWb24dYAExJR9lqjB3jrcbP0yw9DSex040N575So_eYf3dmW-t1IW1rKpnj-bSz2itaEwYH9-61GmDsOy8-Uhv6UsqZl49v7Yxb3FVi4ZKtwoPXDfVYdHyClfsd3Lwezq2BxOIvJNI7Uwze3X6ndQR8rQe2psLdgEnJcbgXmRZq50I1bk_tzROgdxamgz0FOgxOl42IAANoePop6NzNgkUV506Ed8M4PEVSJQOJ-eJ7WzhFn_qxPjhjdWgf-xAFTYHdl1Gy_CUDrTyQnj41EqXODsWqWAUBw6kUF1Yr5Zuo1RJNExDEghqR43St3-xIWnXzXnOsugrEcKgHgvP7t-9FqA9VBoIwCra8WmsMoAdM6GCdaFVOIGY0KAH6RVyqLZFwgZcOUDwP8beAQYkyxgJs_pwVF5d1A5JWXKpLyBjGBaaG72h3PbPkh3nUsTp5v5s461350iGFaswBGnX6ni5Bp_dYLUHVDt9CDRu6GVa5blzu7bMbSRHQtDCsAfzPfk2o0_Jlv8e-HuOessnOP0D6-X9STJBV-KXaRMCyrj7qeE3xV14x242CNpbxiOyuH1YCH2Ur5aS44SEumaPrfrx_h4AtzqQDxMnIE1D9zCoCkpoCGcAq3D-HFDdhpuSIDVyn-MR7pRT82UnNpsyA7auKg1HIk0Zq3dW9-RF--Xxa_g9OzJEqVIOrL4Roh4zCt0pfPajaWMHGeRDWa4QY82fck0MV5-e4YJvZR6tpag82fmSO0w5_i9vgi2xFVlhMvfinIhdyyBG3YqDTMDO9gOEpE5iCNouecggqP4Q6lkN0jokNtLfkcV0y96GsMmTMOyHCCf_TQH8BAW8JehSC8w3d-4yr0rOhBj4lkvQy8eH7-ZluWZ79xJZ9NmzUfp1eM0LM2YtcGuepKIEJ1Pr8LxVBUeC2vv5lrlYUMl9Z0JTKnjdFE0cyorP1sSn6jXWMNNv1j-TA8roUXjtLPkCfD85jOZeg6xBJyZZMVjlaryg3LFPr_3yBisZfm4gnPvjk0uSiEvIegTpXJfr4N_Vz3_8-0Ybq_XZ8ZvwpS1jcCM9raAWaM7n3pbkNseH-1W903n8KwnXYsqsmnnuYXQHAdtlyRjQFCjVw7o1H__rD0eYHrP-nFsIXIbxXfGz9Loqc22r1VlSyuq2cN_5Fp-7CIzPTVF9U9IlWlcvZ4jk82RcYiJb7PTnIK-pD8sRD0PPNJBFQHppIU_wo383z1HsKkP3p5G-WvRdjQokiFB5WtVc-EPe58x9oJuFPVuc8WqT7BZdHYQkcNlfabLnwnPatRV_YjmQMQ6zdFqNK3_OoWFJ2YEoxqNUZ9h5RlhpoaO9ZlJAH1kazcSpzaa6IGENVvAIByypMEdfoqt4QpcAqDbwwcDxiNT9PIv1PvMKtggNi0wxksAmlWA-Z6qrVs_k2yA4a8x_kp36etGvaC0sgVO0xvGC7W-ikbVbm8XSn2HkbvzcThPgcsU7X0ErQx0QZGzDyeSp2xRg8cjbXCJ6BEXf8Y-305C8eY73mt48P2DzgSOHc-16Kk-7E46EipKYgLJcSEelUEWT3uF7NIuuo7RmkBp4XoW-Y4Ecv3LIXUc93Idu52JqhZeW-h87QSb8Jyixtg-xHQDbhXSVrmmEqm3UpKaeVrsrD2OpbptHtp1dRlAk-rE92Fz1pqTmNjD20JVFptr_RVAcwrp_yMf3ghPl-QLeucHWkNeHLOx3ADkn5YrKKk_QAgUZFT3LNxIkWaRL6QcT37oU8S-PjPMnyzSm3MaugMqZRM0-Lo63a8_aYFgyAyKcOnZPjaudmrb4Kdoqp1ZZOOWqeZZVbWdwG9RbanLSOCk3R604o8INroFAasuNKKmGvjelFuLjIQ1Ngb8oHfrebZZcNlx-QdNwuf9mEZkIN7gLcy961BW3dPRXKuJgxA6XeFXJaX33umon8aWRiNInk1uwLO3VUh-YD2EOfNMkGYsnCrd4Bi_ClJ3bc18iT9mDObsxW7K9rT2wMtfp6ZeNLw8UT-bjT4aX8aTdY2o4a9pHhOUZ4ZH7RTEPD3gB7UoG4o8i3LFBap0KAu0Pvm8E4q28DFcqJWB5v4gMl3wt_YdORKFlJCTdGCwU2UrO7yX1C7t1f0HkMftTAyWC6njHIgurg6mhwQzI2ACzfY7rhV7QjpuHavnTs1Y-kX_N9BxgpRyUrYkzwDDyeLso4TvSSoQ1wf2ZfTvqsOBDpzjcvMqF1R0HytcB0sotXUOAc7g7PSVn4drkfSSY77cp6qngg9nrRIU9FSzM4rvlnKmQbtTLhh4_kEXnWzFiMSHwwklmnM3lo-eVr9HUgKYqdcwRs50r1pR2yfjZxSv4Zn1tCwovf-cdRVMUyqaEhG2C_xwqA9k-f0J8-UXFZOrq9KPwCIniewyfVrgdaN2pu49lkW6Qw5eoj3yxgZFf8QaO8bQBLRr2CbZj0M4UAJImhOYWQkBAw_11TGFYQkP-djPpgSFcIIe58De9xVCtPdnMKsgzWDvov_QTL6Mm4RuuFgnmJoIsQyg6JxSDOOUoXkNWg8EWqMQ4TN2PUu_hB9RC7BurONykYiCM_AFiMnN0zqwJCacrNLd2h1fLI7xb30Gc2nlenJ2Mb_mNZ9YxO2Ezfm6p0aTCoLUuvigOpjjvmkaiDIUMxlmEb3LNbESmFvJvjY4NpWt3_B_vIsviRoWrSKP0Mi3OEWkH-4TJ4OXxzZtBUYGickC2BvoL_PEYWOtX1u5f1Hl2mbEM6UcLtqS8x4pvT_6w_KA5C5dkT1mVBPiA92nR5XeuFOoNErYAPErIV34X8ULEiVuSxTeKogaYSVMnQjE27-Kqh70axevtgsXIBzTD1F6ECKFoSr8Y00TyUOV6GAZFXDfEfdBLrZk3FXon6O1EFCqaCg_peOg-6qhKang37E7neypZqf0SBa3hOXLGI68Xsb0ErYVWxSkwOl3PZ0guorpd8yQ&cid=CAASEuRofA9oR6PyfG0gLAEWClJN8w&rfl=1%2Chttps%253A%252F%252Fwww.farfeshplus.online%252F%240
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb1ce97f608c307c9abf3fc4c75247e36b5edd34f7434ee0dad04d62285a47ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33711
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E33 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CpDhJ_PFUM1YiLyUkye7BQiVVW_CcbZQxQeEQXwT388cLO_ETzCYqfJCP_BncVu7MmRK0WqzBeFnhSuic_PS0_QvNs_vs6Vznc8dtPXcdqUYoR0Do
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 4E33 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:54:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
196
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:54:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4E33 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 18 Jan 2022 09:57:17 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 4E33 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1072
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:39:25 GMT
l
www.google.com/ads/measurement/ Frame 4E33 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQHqVN-b3dPFHQmoapfb43vmVwgRd6-9OvQqffVTgS1oSzPPN_ntbvT23GuzJh42wHTXkAqy-3UB6Rc1uYw-Y4Kx2vMhg
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame BC18 		1 KB
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=194721897&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1642499837&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837225&bpp=4&bdt=685&idt=465&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=2416&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=MOK4ELxiBJ&p=https%3A//www.farfeshplus.online&dtd=467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:54:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
848
x-xss-protection
0
server
cafe
etag
2277666839114365613
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:54:48 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame BC18 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=194721897&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1642499837&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837225&bpp=4&bdt=685&idt=465&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=2416&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=MOK4ELxiBJ&p=https%3A//www.farfeshplus.online&dtd=467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:52:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
317
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:52:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame BC18 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=194721897&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1642499837&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837225&bpp=4&bdt=685&idt=465&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=2416&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=MOK4ELxiBJ&p=https%3A//www.farfeshplus.online&dtd=467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:54:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
196
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:54:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BC18 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=194721897&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1642499837&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837225&bpp=4&bdt=685&idt=465&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=2416&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=MOK4ELxiBJ&p=https%3A//www.farfeshplus.online&dtd=467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 18 Jan 2022 09:57:17 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame BC18 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=194721897&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1642499837&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837225&bpp=4&bdt=685&idt=465&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=2416&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=MOK4ELxiBJ&p=https%3A//www.farfeshplus.online&dtd=467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1072
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:39:25 GMT
l
www.google.com/ads/measurement/ Frame BC18 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTWl5CMSm9OAmv23WsKPVomYuHA-Hz6ejW5hSWirgruKOcOHXdSOWsZAAPnr99v73-hRhnnUtADl2Ia4TBDlSyPp2pIiQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=194721897&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1642499837&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837225&bpp=4&bdt=685&idt=465&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=2416&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=MOK4ELxiBJ&p=https%3A//www.farfeshplus.online&dtd=467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
b08052bb948632636d2eb594b39baf17.js
www.gstatic.com/mysidia/ Frame BC18 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b08052bb948632636d2eb594b39baf17.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=194721897&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1642499837&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837225&bpp=4&bdt=685&idt=465&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=2416&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=MOK4ELxiBJ&p=https%3A//www.farfeshplus.online&dtd=467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7cb23a8c81d8e04f278b4ebbcc8c169c2f602398e4fb0f336dbf71e4752470c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 15:07:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
413376
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11476
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 08:34:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 13 Apr 2022 15:07:41 GMT
container.html
58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B159 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 18 Jan 2022 09:57:16 GMT
expires
Wed, 18 Jan 2023 09:57:16 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
downsize_200k_v1
tpc.googlesyndication.com/simgad/1227948598440155448/ Frame BC18 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1227948598440155448/downsize_200k_v1?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=194721897&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1642499837&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837225&bpp=4&bdt=685&idt=465&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=2416&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=MOK4ELxiBJ&p=https%3A//www.farfeshplus.online&dtd=467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3af52eb9f2f15dab677b998d3330f6748bf8ffa76fba5cd85e43934a353d5f04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 15 Jan 2022 07:02:22 GMT
x-content-type-options
nosniff
age
269695
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38579
x-xss-protection
0
last-modified
Thu, 25 Feb 2021 09:53:36 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/content-ads-owners
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 15 Jan 2023 07:02:22 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 3355 		1 KB
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:54:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
848
x-xss-protection
0
server
cafe
etag
2277666839114365613
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:54:48 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame 3355 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:52:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
317
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:52:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 3355 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:54:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
196
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:54:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3355 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 18 Jan 2022 09:57:17 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 3355 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1072
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:39:25 GMT
fccbdb50d0e11463e1edb3d8fcf7c364.js
www.gstatic.com/mysidia/ Frame 3355 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/fccbdb50d0e11463e1edb3d8fcf7c364.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 19:23:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
398023
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11411
x-xss-protection
0
last-modified
Thu, 13 Jan 2022 18:31:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 13 Apr 2022 19:23:34 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame BC18 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CKe8g_I7mYfbEI9eKiQb995bwAbbburtn-bDZ5KMPloLNhYgWEAEg4OLZVmD9gpGE6BGgAaGV8u0CyAEJqQJVRqiZDyGzPqgDAcgDywSqBP4BT9C0EAD4lwIOBZmv0i8RfpMHm3OUYeh4BEFlAjcmVDoxeILpTa9gWI5bALpbsAyWnYD4ltpoWy-xRsDGUHIL2B0gTr5VazwOB50C5oSOW3FWIHYRimLiZ0eAmADhI2mgmE3Bn8dv8onbi_9LRVS3yjn4F5vf627HY2EiEmPysHb-GPlgy2Rx_VNhzwRVcfogAVzH0d5KDYWcULZOO2jfjprP9cdbt3ogdn4ldh-aLLVHT5nik-kR4KvP7j_U1G-gwitA-c0GWlysdEyhSFjqFlUPtJWEBhOmITGI58vEFHMxRueg7GIFkKbvimJ-p9KIGPSS37mrjMWBC3amEnPABKL99eDvA5IFBAgEGAGSBQQIBRgEoAYugAfH6o2SAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEJ6YBNIICQiA4YAQEAEYH4AKAcgLAbgTiCfYEwvQFQGYFgGAFwGyFxwKGggAEhRwdWItODM2Nzc0OTk1NjkxNzAwNhgA&sigh=S0LWzfH2FQ8&uach_m=[UACH]&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=194721897&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1642499837&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837225&bpp=4&bdt=685&idt=465&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=2416&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=MOK4ELxiBJ&p=https%3A//www.farfeshplus.online&dtd=467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=194721897&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1642499837&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837225&bpp=4&bdt=685&idt=465&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=2416&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=MOK4ELxiBJ&p=https%3A//www.farfeshplus.online&dtd=467
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 18 Jan 2022 09:57:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 26E8 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1738279810&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1642499837&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837136&bpp=5&bdt=596&idt=476&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=utUxa3igyK&p=https%3A//www.farfeshplus.online&dtd=480
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1738279810&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1642499837&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837136&bpp=5&bdt=596&idt=476&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=utUxa3igyK&p=https%3A//www.farfeshplus.online&dtd=480

Response headers

x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
145
x-xss-protection
0
date
Tue, 18 Jan 2022 09:04:56 GMT
cache-control
public, max-age=3600
content-type
text/html; charset=UTF-8
age
3141
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
s
googleads.g.doubleclick.net/pagead/drt/ Frame E9D1 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/

Response headers

x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
145
x-xss-protection
0
date
Tue, 18 Jan 2022 09:04:56 GMT
cache-control
public, max-age=3600
content-type
text/html; charset=UTF-8
age
3141
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame BC18 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame BC18 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame D251 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2afe976ced6a000e8cd514366f3bafa2cf06f39e3015fc4917e113b248e60571

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A077 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 17 Jan 2022 14:31:40 GMT
expires
Tue, 17 Jan 2023 14:31:40 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
69937
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_csp
pagead2.googlesyndication.com/pagead/ Frame 2975 		0
20 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJTPsNqEu_UCFQbCdwodWGwEzQ&gqi=_I7mYfqWHcWClQey4aXwBg&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1738279810&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1642499837&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837136&bpp=5&bdt=596&idt=476&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=utUxa3igyK&p=https%3A//www.farfeshplus.online&dtd=480
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame 5F35 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Am4lVa7EXCjIhjv4v_MzjKQveQyzX_-Rhrz4VSjzQ084fcJKY1D8RYgLXJufDUB7rF0wk0EY3CogisQuDfjVGOJtnVLnAEIJrpv63R037_B_2lNEDrypSettXoJryx7Cq6FXv-JLQD_pN-zfv5lJwjq3K3wQ&cry=1&dbm_d=AKAmf-A96ypXuddUBHumdV9L_EVGzQ_XYUiUQyUtpvdP9PtmTEmewr9Z9kWeE5VhscuOi-nEifk98kntbGFktnxxpvoKJyidZkIFA9qAQsNXJL1Ov-CiVC2PtF4fj7TkVa0jqov1Tu8KA_o1UGV1NuZ74DnpCCr19hHbXWn_Pe75x7y4QlprGsDvxYhEW_baWcOMEmltj5lEy0ytS97w-0x3bqeH4ZzQVq0G01ndK00poP6_tVHz0l8P1O9lfb_oMaqYGkC8G4dJbI7UobkH51fWwmbQiTuzFdC_SIFm9hTu0FCP7BrvoOLYzJOdDzq_uo9ltgz5qEyiEZEnjdY1xFFgZVxRRZObr4ESFiJnJrsX1nvLVJb_znbq8T7HA8lUfcbNdTotFrvtYAhgoCXd9-qW_LeCm-FVSjsbdh3d_TAx2Mt6HUcVGysnZWmNIM8mFO2h8fR59bpkHp9h20-F6t4B4LYT3FA7xyvy2mCZ7RWh-cIns-NT3kh53oNKPOKoUfHEBTQ-yLt0P5YNqunnEJtcFLFfRQ6hFbq8ZnoYtJ-kkCqTWdkamNkVxYNkPGLrtETPHu51dvkutzny51jd2qriCLknI0p8b6OapeKI86VryRtkYo9kzxs-NyuTivVX_A3BhWnHRa8hAVarXLRWjn2UbKCCv6z__1V9lbcs9UXg8jfIRkF179kArIPs7gZA2N-Z0yoS_L5dS4Ql_4mBM3EfDcGp4PaRBvMtrnly_H3sr6BQi3EbGJo1EKpDJolVL-n2ylYTFCoa290oUr-xjgKIusMTnpUAxbzImasHMQhob-y9AdS-zBV7LsVItXYmDMAzcy6vgovEvMKz9mXXdxyIhLILVrPpW_SYOj_t5Xr1FLZOTtDzZHf0nLdf8T_QILJd4ejA1MZG4crAdue8wkOohwMARnmaxQabkSEFkiiwxj3F6NiOdQVPTVbXsJcRmVaPebGyemIOUASMQdVoZU43OB_FHFogR5Mvh0vkfCHZ_cd2MGP4Tz9_Rj9rJmGESOedCt3h2FE8IarBteyTUjb16Uj77dA2y-M71Nj7HvvmvHO3OZyFvy0dGrAS22_JtOUL1qr_ZgDHQMkm9HV6XmDN5CEYy2H7Ovg9dMs7Tstk2p83mDxp_Iw3-NuBu80Rb8LA1MWlR9ZNOh7LqDPUAS6WnODt5C85VtnrLRjef01eSAY2Lax3nb0wYa5ouK2VkdaBLj8UtebXo0Q8cQ3znDShKtzdPqUS1GKuTUQK59sh4pm9jv7vf8a5YGSqhYZjMMC2h2_hemzYEakZ2SLeCr6XCKukEbYyIA47lZAyLN1M2Pfxwv86HUja1AxWc_0hQBy71nYfbfKzXODhoUMDPJfZzVbrlBaqn9f96bMHwgONIbVvQ9iQyZ9lj6s5UXu2Z1GPIurni9DjpLRm_X9wJyz2pwXMx0u8zzF0dkVVthCWTurxvtjEn0MuP1vZpeFz4it8jBoaAaCOia3cQJ28-iiPP8jI6T8Zak3gpVUU94cRxJy_hdRt6bs-LBoJzSunYYH3HdgY-vTb6aFe5YsdTrhw1QyXiZzM4N6YHw5x8RuvIeUvxedXAO0jfo5J-PJHq6r9wxcXbCCU4DFs80tKRwAOLQhip-3c_OyTDc_PVQiZqSJUFJDoMSEs4U3nwXTByfvKMihod_C_FZHDk8_h16777kPVouXTWm6N_HQ8y8m5_4xJgn9Xo0COfbWPv7QAIhWHMYrwrmZsWLG9Fa-jItiMa3eDiM0emzicTt7L1jCdBceeRliB-2aAS74Z15Mtyd3wU2DDgsQRqW2nfLGAJ_x59DCeviEtPRJaxL0eWUCDp_EqJxTK3XJybKiMkquoBp2s93_dD8rjAHl5Y65xewGN2s67Kr8gbmyNdUIUUGCLvQ2VqWuuYpqocz-AbFU0x1SWgVZfrNhpPuPOVez27lAbFR54VFdjztLNcaj1FDX4yD0GhCDx8-QH_WKivJwTJanuA8OhAH4z_cdW3P16zvuCgy_afQpTo79eNUglg8UL9IP7neLUYvPWk5qlaYowLKKCKBKo0QJKM4RaKxUfYU8bIlkwbQDMxYksUYrHI_FqPGf0rcfJm2x5AEyb7i_yrBdF_hIx5UB0v-BkXH_TzZRCXJneBB7XEADZxegqvRE57XnEkMsiFNima-EmI-elLcAAfI-XpuoJlJHV_Y8LcCvSBdP_D1X4ck0RDGo4II_RbCVhGaUjaYmH3uxeMKHW8aSc7zjdylBQU2FcGNLtXVWiQSHfNhBfzX_RcMyRqvIlrmPVJRsmDFGNCms4943cSuZgXdoYfHNePoAvEviM2KR2fjM7z0FY5w4hvYtPQNJJTEvNiXWMKOFmkNN57AJR9X1qFci0NizjFkC6_mXVvKUt21NhLfqC_t56x1Tb4U92AUc1UdMzHm7OpFEkRz6lRNJ9y4C2RoTUbvT8Ryu70sLNGFYWOaK3Xan6nWsLj5Ktpdu3os3JvBqq_Y2vqfKFAIhA7egL4UWr6a029LboC4ij_40FCVDhPS2ub2EeH1mb0eQrDjfsdNx1RAsVfTyheGyHqOOhC4-5K9mC3brHCS6WTOpnDyQluk5y6KZBU0GrCER5RJshrRytEBxvrqmj8hWkwm7G3iH4y9RnM1SSi2cfoPHiGg3Z95zjXrk_ig4Qw5vCUI3hj4qVZNucrpPHuI7A8T23BJ22dOHcTQgAOh1nhxNealjerigoxYL3neXbLwmIwK7ysNSYAcFkYo-gnSMUq8JNgICzDFTr17Bxvmjp4bbuej6Yf452WsFep0YhyApG3X8CRVGjgcDh5_Bjqw7qcCGqfAPemZsj1WZYI2ywdJ6oXAO50fOrdsBCfqvVWmowP4R4BYxGYTIao9tiurjuPmylNrrqJkQLd3Od4yEb15z4IL0FFhkj_QDNuVUPWo4FbP0kV3HrSvKKK40pRCX9v6vmz5Iyy1Y6L5lCLQVcg2Eow_47we-kZbtp0YiyO114u8A6xy1CbijYgj-AJdCzugmFgSd-5baL_bIRF9Xvt9Q9_13C5cqhZj0MbCAGpRg4zPWYZiNVjWaQZAi7hGWIu82rG-42Am_oJ3ygL7_CXw6oh9ubF0h9oLTmUDvtIXgxza1G3WeF5USuaDNj4wiAL_o63ybVwbYBVurFYwuyyT-gXeASMX50EXvIDSgu4l8EeC8-TcxuGiA4J68JrRHbzc7N7ITgmHXbtxAzIJwY-5JCtc7jdq7M9gnfdSW-1-RzlR8Q-TPsuNFsjnsY97X3FmY5AydavssqJ6omlyKe7FW1TNuewOkJ-R08pOq7AMV7j_5Mw4k_uk_MJb0c9U-xhmt5zGu2NdOn3uTphEtTiX6p27UyLA&cid=CAASEuRoK5y8vqmBhiyh8dLAoQo3oQ&rfl=2%2Chttps%253A%252F%252Fwww.farfeshplus.online%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7c55617f84818daf4c70cc10ada26ddd5b582b1d1c2c2829b3220487a6db477
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:54:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
159
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
server
cafe
etag
6261108306223674270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:54:38 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5F35 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Am4lVa7EXCjIhjv4v_MzjKQveQyzX_-Rhrz4VSjzQ084fcJKY1D8RYgLXJufDUB7rF0wk0EY3CogisQuDfjVGOJtnVLnAEIJrpv63R037_B_2lNEDrypSettXoJryx7Cq6FXv-JLQD_pN-zfv5lJwjq3K3wQ&cry=1&dbm_d=AKAmf-A96ypXuddUBHumdV9L_EVGzQ_XYUiUQyUtpvdP9PtmTEmewr9Z9kWeE5VhscuOi-nEifk98kntbGFktnxxpvoKJyidZkIFA9qAQsNXJL1Ov-CiVC2PtF4fj7TkVa0jqov1Tu8KA_o1UGV1NuZ74DnpCCr19hHbXWn_Pe75x7y4QlprGsDvxYhEW_baWcOMEmltj5lEy0ytS97w-0x3bqeH4ZzQVq0G01ndK00poP6_tVHz0l8P1O9lfb_oMaqYGkC8G4dJbI7UobkH51fWwmbQiTuzFdC_SIFm9hTu0FCP7BrvoOLYzJOdDzq_uo9ltgz5qEyiEZEnjdY1xFFgZVxRRZObr4ESFiJnJrsX1nvLVJb_znbq8T7HA8lUfcbNdTotFrvtYAhgoCXd9-qW_LeCm-FVSjsbdh3d_TAx2Mt6HUcVGysnZWmNIM8mFO2h8fR59bpkHp9h20-F6t4B4LYT3FA7xyvy2mCZ7RWh-cIns-NT3kh53oNKPOKoUfHEBTQ-yLt0P5YNqunnEJtcFLFfRQ6hFbq8ZnoYtJ-kkCqTWdkamNkVxYNkPGLrtETPHu51dvkutzny51jd2qriCLknI0p8b6OapeKI86VryRtkYo9kzxs-NyuTivVX_A3BhWnHRa8hAVarXLRWjn2UbKCCv6z__1V9lbcs9UXg8jfIRkF179kArIPs7gZA2N-Z0yoS_L5dS4Ql_4mBM3EfDcGp4PaRBvMtrnly_H3sr6BQi3EbGJo1EKpDJolVL-n2ylYTFCoa290oUr-xjgKIusMTnpUAxbzImasHMQhob-y9AdS-zBV7LsVItXYmDMAzcy6vgovEvMKz9mXXdxyIhLILVrPpW_SYOj_t5Xr1FLZOTtDzZHf0nLdf8T_QILJd4ejA1MZG4crAdue8wkOohwMARnmaxQabkSEFkiiwxj3F6NiOdQVPTVbXsJcRmVaPebGyemIOUASMQdVoZU43OB_FHFogR5Mvh0vkfCHZ_cd2MGP4Tz9_Rj9rJmGESOedCt3h2FE8IarBteyTUjb16Uj77dA2y-M71Nj7HvvmvHO3OZyFvy0dGrAS22_JtOUL1qr_ZgDHQMkm9HV6XmDN5CEYy2H7Ovg9dMs7Tstk2p83mDxp_Iw3-NuBu80Rb8LA1MWlR9ZNOh7LqDPUAS6WnODt5C85VtnrLRjef01eSAY2Lax3nb0wYa5ouK2VkdaBLj8UtebXo0Q8cQ3znDShKtzdPqUS1GKuTUQK59sh4pm9jv7vf8a5YGSqhYZjMMC2h2_hemzYEakZ2SLeCr6XCKukEbYyIA47lZAyLN1M2Pfxwv86HUja1AxWc_0hQBy71nYfbfKzXODhoUMDPJfZzVbrlBaqn9f96bMHwgONIbVvQ9iQyZ9lj6s5UXu2Z1GPIurni9DjpLRm_X9wJyz2pwXMx0u8zzF0dkVVthCWTurxvtjEn0MuP1vZpeFz4it8jBoaAaCOia3cQJ28-iiPP8jI6T8Zak3gpVUU94cRxJy_hdRt6bs-LBoJzSunYYH3HdgY-vTb6aFe5YsdTrhw1QyXiZzM4N6YHw5x8RuvIeUvxedXAO0jfo5J-PJHq6r9wxcXbCCU4DFs80tKRwAOLQhip-3c_OyTDc_PVQiZqSJUFJDoMSEs4U3nwXTByfvKMihod_C_FZHDk8_h16777kPVouXTWm6N_HQ8y8m5_4xJgn9Xo0COfbWPv7QAIhWHMYrwrmZsWLG9Fa-jItiMa3eDiM0emzicTt7L1jCdBceeRliB-2aAS74Z15Mtyd3wU2DDgsQRqW2nfLGAJ_x59DCeviEtPRJaxL0eWUCDp_EqJxTK3XJybKiMkquoBp2s93_dD8rjAHl5Y65xewGN2s67Kr8gbmyNdUIUUGCLvQ2VqWuuYpqocz-AbFU0x1SWgVZfrNhpPuPOVez27lAbFR54VFdjztLNcaj1FDX4yD0GhCDx8-QH_WKivJwTJanuA8OhAH4z_cdW3P16zvuCgy_afQpTo79eNUglg8UL9IP7neLUYvPWk5qlaYowLKKCKBKo0QJKM4RaKxUfYU8bIlkwbQDMxYksUYrHI_FqPGf0rcfJm2x5AEyb7i_yrBdF_hIx5UB0v-BkXH_TzZRCXJneBB7XEADZxegqvRE57XnEkMsiFNima-EmI-elLcAAfI-XpuoJlJHV_Y8LcCvSBdP_D1X4ck0RDGo4II_RbCVhGaUjaYmH3uxeMKHW8aSc7zjdylBQU2FcGNLtXVWiQSHfNhBfzX_RcMyRqvIlrmPVJRsmDFGNCms4943cSuZgXdoYfHNePoAvEviM2KR2fjM7z0FY5w4hvYtPQNJJTEvNiXWMKOFmkNN57AJR9X1qFci0NizjFkC6_mXVvKUt21NhLfqC_t56x1Tb4U92AUc1UdMzHm7OpFEkRz6lRNJ9y4C2RoTUbvT8Ryu70sLNGFYWOaK3Xan6nWsLj5Ktpdu3os3JvBqq_Y2vqfKFAIhA7egL4UWr6a029LboC4ij_40FCVDhPS2ub2EeH1mb0eQrDjfsdNx1RAsVfTyheGyHqOOhC4-5K9mC3brHCS6WTOpnDyQluk5y6KZBU0GrCER5RJshrRytEBxvrqmj8hWkwm7G3iH4y9RnM1SSi2cfoPHiGg3Z95zjXrk_ig4Qw5vCUI3hj4qVZNucrpPHuI7A8T23BJ22dOHcTQgAOh1nhxNealjerigoxYL3neXbLwmIwK7ysNSYAcFkYo-gnSMUq8JNgICzDFTr17Bxvmjp4bbuej6Yf452WsFep0YhyApG3X8CRVGjgcDh5_Bjqw7qcCGqfAPemZsj1WZYI2ywdJ6oXAO50fOrdsBCfqvVWmowP4R4BYxGYTIao9tiurjuPmylNrrqJkQLd3Od4yEb15z4IL0FFhkj_QDNuVUPWo4FbP0kV3HrSvKKK40pRCX9v6vmz5Iyy1Y6L5lCLQVcg2Eow_47we-kZbtp0YiyO114u8A6xy1CbijYgj-AJdCzugmFgSd-5baL_bIRF9Xvt9Q9_13C5cqhZj0MbCAGpRg4zPWYZiNVjWaQZAi7hGWIu82rG-42Am_oJ3ygL7_CXw6oh9ubF0h9oLTmUDvtIXgxza1G3WeF5USuaDNj4wiAL_o63ybVwbYBVurFYwuyyT-gXeASMX50EXvIDSgu4l8EeC8-TcxuGiA4J68JrRHbzc7N7ITgmHXbtxAzIJwY-5JCtc7jdq7M9gnfdSW-1-RzlR8Q-TPsuNFsjnsY97X3FmY5AydavssqJ6omlyKe7FW1TNuewOkJ-R08pOq7AMV7j_5Mw4k_uk_MJb0c9U-xhmt5zGu2NdOn3uTphEtTiX6p27UyLA&cid=CAASEuRoK5y8vqmBhiyh8dLAoQo3oQ&rfl=2%2Chttps%253A%252F%252Fwww.farfeshplus.online%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:31:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69939
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Jan 2023 14:31:38 GMT
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 8458 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
Origin
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 18:05:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57096
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 18 Jan 2022 18:05:41 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/elements/html/ Frame 8458 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CVKOg-uP_mN0AQ76M__TkLbcY-zr0nO01-i7-qz5iiXkVqJhEwwHY9DdIPb1p35BsYTRqBmLHjE7qxqQEjuvZ3rGIV9HlvBv8ArblkhUqKEWUEbf9qyVbVkZ_ZJ3X-IVblxOk2Gs6SCfS50L6EkXj9BKcluA&dbm_d=AKAmf-Ag7q3YD7Kv0JXVyJzDdCV7rIJZRCkFWQEzfbyZZXNcmK5KogrwAw6z3g3_h0-JVVDenFOZPAnm_6b-F3MgO8Dy4Eva8TFkEkdvHr9h7OmwGYR2fd1tOF2MZWeF-z8mWLoIbQMs51uLewvTpxC3IEFMxrsfDV7WnA8E130Gyl7txP1S9shm-LMvRksZ6kc87HPbYl3WJd4aqMoiPW6ZPp1iQpxlbFZ2EaAry3mcDHehF9WLdZiguXOzd5hAVbX6fBXBoqw8i-z3GLD-iq57iR0IKa8jqaGtRTDwu0DCdDw47NfdWE1L6NWczAnpD27t_qyF4UGoTFs92Jquj73OoOseR5jwZcyHlrWsq0lQm_K_Q87A1HBK62vlNZzM9ZxSpSYUj37bCNDWSyVMeKauhTdojJIfcTeXk17q2Me-I0XjuOEl-hARIF6BKvrn25yJfezuSh75thQ0iIpEXq7rAwQRfVNsKt_RIIUmDRV1d1YmEZGmKJ8VehEtQQ4ibH2cuZ0QRzOJNp2YVB2IhTj5iHnIBGHYVJCKnEyy22OPqYj-T51dz2Acptwo4Nff9k-sede7uX8qrb1Imwat7nS42G3UWhJxicFqW-zFZ7Qbgb16TyE899BJOsoF8EnaeDLEratg9xEzebljAupesbVeU0YbVL44C9VKlM_Rz3WIGVHffcVfCC89MtHoQgDieAliFdQsD_Q7ZN0f-tzQbGSIC8f-HvtJ8erIr7DLVY6nnhPGP0lZmOcKEufrq7I9edNVh7bS7XuXxyTlbLAkg8uPy-qRZLN6yiB8SoqPLBgBPWgJDnDJ3dDK15xRFc-V97NA-b8OEDZn7pvnAYU95UNbt7jYcIY5FFxpdA6-BNA2gnxp6nW6SjSjYDCbFOCI7lLayKV02PET20cAZaYHlk-leSI-E7gldk9KfiSoDtiL50Xb6Dwzx-ZdEsxLLsWSDco2gqubWmybwQx2dHGI8SNpLsfUArZOnB2XT5PkztZGq-7ftsx6sFKrozJCZCc7oXQJQVYlKvgX4rUqF5NCbM8fem0tpO356LVfM5w3kPePO62v02KmDhFdWbQWHNRqVsW0UFOyVaraku6VmU0Bo4Z1CDcEtItF3rX58t1k1znmKbnbHApnIBK9ZejwLuEOwn7AI_b5941m1vOTSDzYz9SBLnxJM8PsNyYMA5JHKNO2KYaE6jylaSW_MYiiGW6TGzdYvnpKPqIQRH6Y3n8sKjwqosYFJOXfzXA_tp-Oi6_Yu3sTrzAN82WJWMayE5NpKSrNUiAL6XFvQ4QJ1kXIi9sOIRp6qP9AUCg2oSPSopM_ogJjcfzt5M9lEPUV3tNys0oapj2IJaNNDPxzwCoJzeeVyqNq0IIgPqJM-sur5L1hstPM1IsdSko4soxT1d_8jmUAR4-1rMnx9vI_ssUm_q78vVI7jUjMy3dtX6uQsjV4S-5kBqJsDzD5TaPLo0d6tH3xgw0iPfeHVLcnj3l7pVsYcBlCx9mwaUUXZHUbjBzpyQWARprd9GEeeTut_pmpfL4VTyxxAQ5YBe-QT8xsCXmJsrJCLfAXBORQWotOFgSJjDBuZeuZYK8L1DmAwhbOZQOu8liRNq3n2uKPaCqh-hxqH5qzqCDkgVZ87sV7QqTyNCnFrP_dHC4LSIZv5HgKXt-dEVqf1IrX_nLRLoEIRvFFd8N_06s1SQxINZtt4xhKz50gtNXA-0GDtcuUlDicNzeK_2fcIxbEA8NFMBdMgwxMTgLTFwvmW1vUZuZYpr8L1GB4NI4flw722nwVZks8Rey0JTtq21GVi8FgiJ2cCLvYmZrh2Ey50zFiOAVa5M7EeK159ypdrYT1j2FJIRUdRDVeCIkNmzRv8nDeOcg9IfGLYa9tEVW75zV3vAR-j-r5mlutJE0R22OuT-wQwNP1kGFct357YUbEmm9czt4hjS2BmhjOVJM-6hlMtUMbSTaDM6b-IWg11ON3AIiFiYOpUYqfm_3mFSegqXQlnHyp_D2YNqnu704SvN9ATx3CoyXq03Re0Q76X9T7in07zO9gwBKGi2IcG8d-aaD2cDsEOOCc0USeOp8s8lhyKOJeZ3D0_SG29Hx7qEg9vYK9w1GSXrV_xnenJ6nipGhX2nua2utrdIkA9JvdzurSc0VDxzllCt66-Ehey5OQ9NO36kFL7VXApRDZcWlWWXos7w7u85twlljCOfjeoyhL_CCF1AXmGVCUHYCA5fBCGq8B5flYVVcQk3hqS46_UmbTuBwK-krlSZxMUFrrr8NFNleHkygQ8QSNocd1ka8Q6K_GGEpMeDil5danVXCZDXv0811FaRcGpqIUCMlI2ELXYJaSi308vkKg0pgmhPGGMfyCTTjPIDg77ZitByoLA4iPsrhjjMcpkvTCKulWF0gpbC164rJX65wnBDRVBjjIin24X05POPS1z46Lg0yAxVt0MLXWr5Cxo3Xm84YhMZSzdsZldEwx36iNHsSXc1C5vqmBi1RoDdurqqIZI_Y2qETzV-hLiKbv2PtMcqoapbkkgn6NYlDefb4zHJ8SbVnezKgLYx4w4Qqu7_L-El6i3vvxnqR0hGH_Pvf-MKlY1xfUWHm1a1wuouwbfaqqJrFWPG1VU126wE0ldi0gqW3ZdnRdmkYybuSSzGAiNxqltrf_S6WZb-Z5Qr7zoSeQkdB0OhjpYWM0QPkgxXiYHT5c_0wUPihTCjtlse79E9x9TcoORDRYYGyL3LQ90__-36u9M6n3wVs5l3nYm_Sq4E_e4R8ogfhmVtRjoyGknlXs-TzaMeiBa-f90f5n1k1z21fFgHSyIHOWrqTHzcLgmvFHKsGgHdWZ9lVxu7mNll1NLmyjQr4qf54yj24oV6t9XrvIF5UItyD6JUVsn8jL2UvVH1g-XO_pVWmWiBdX79eEDjsKwciXd8SIwhix6t-jqrVzyiCPzfEcLbfZKX3zxiFNPBuvAOAZsukp8Xx9fQexjktpISVoE_O1KJ13iebtzwzn1LTWign4V7M-4eLdNlO5VylQidK7c-9vF3iHJDNZSuO46eyp1d-xkWFVhXNjpAj7WrTXWmFS5dCmjjiAAlrs_BrnxdNXfLP6ARAhFny5r-Z5st28ZltJWJ0pkhX2Ok1MoIvWgmW9l6ul_4CyWQDxeLHwyCYofRaC3NBPJ7aSfLw4lH-jmLTMvkexOljG5P3tC8rK3IHTZw0HaiizGbqNokVwFOkazpnfq43KAhveke1N-wJ7U4r9ihJ5l0koOFlZtf-qkjRBh_nF8gzHbUVX91e9D-HrZoTu8-eAu06Bdfx9uUhDFCZOD5J1chCMbflUwxYwsnnSWqofAzUmupgg&cid=CAASEuRok8HxHJbsjTN3xH9sYp1rAg&rfl=1%2Chttps%253A%252F%252Fwww.farfeshplus.online%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:52:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
281
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:52:36 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame 8458 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CVKOg-uP_mN0AQ76M__TkLbcY-zr0nO01-i7-qz5iiXkVqJhEwwHY9DdIPb1p35BsYTRqBmLHjE7qxqQEjuvZ3rGIV9HlvBv8ArblkhUqKEWUEbf9qyVbVkZ_ZJ3X-IVblxOk2Gs6SCfS50L6EkXj9BKcluA&dbm_d=AKAmf-Ag7q3YD7Kv0JXVyJzDdCV7rIJZRCkFWQEzfbyZZXNcmK5KogrwAw6z3g3_h0-JVVDenFOZPAnm_6b-F3MgO8Dy4Eva8TFkEkdvHr9h7OmwGYR2fd1tOF2MZWeF-z8mWLoIbQMs51uLewvTpxC3IEFMxrsfDV7WnA8E130Gyl7txP1S9shm-LMvRksZ6kc87HPbYl3WJd4aqMoiPW6ZPp1iQpxlbFZ2EaAry3mcDHehF9WLdZiguXOzd5hAVbX6fBXBoqw8i-z3GLD-iq57iR0IKa8jqaGtRTDwu0DCdDw47NfdWE1L6NWczAnpD27t_qyF4UGoTFs92Jquj73OoOseR5jwZcyHlrWsq0lQm_K_Q87A1HBK62vlNZzM9ZxSpSYUj37bCNDWSyVMeKauhTdojJIfcTeXk17q2Me-I0XjuOEl-hARIF6BKvrn25yJfezuSh75thQ0iIpEXq7rAwQRfVNsKt_RIIUmDRV1d1YmEZGmKJ8VehEtQQ4ibH2cuZ0QRzOJNp2YVB2IhTj5iHnIBGHYVJCKnEyy22OPqYj-T51dz2Acptwo4Nff9k-sede7uX8qrb1Imwat7nS42G3UWhJxicFqW-zFZ7Qbgb16TyE899BJOsoF8EnaeDLEratg9xEzebljAupesbVeU0YbVL44C9VKlM_Rz3WIGVHffcVfCC89MtHoQgDieAliFdQsD_Q7ZN0f-tzQbGSIC8f-HvtJ8erIr7DLVY6nnhPGP0lZmOcKEufrq7I9edNVh7bS7XuXxyTlbLAkg8uPy-qRZLN6yiB8SoqPLBgBPWgJDnDJ3dDK15xRFc-V97NA-b8OEDZn7pvnAYU95UNbt7jYcIY5FFxpdA6-BNA2gnxp6nW6SjSjYDCbFOCI7lLayKV02PET20cAZaYHlk-leSI-E7gldk9KfiSoDtiL50Xb6Dwzx-ZdEsxLLsWSDco2gqubWmybwQx2dHGI8SNpLsfUArZOnB2XT5PkztZGq-7ftsx6sFKrozJCZCc7oXQJQVYlKvgX4rUqF5NCbM8fem0tpO356LVfM5w3kPePO62v02KmDhFdWbQWHNRqVsW0UFOyVaraku6VmU0Bo4Z1CDcEtItF3rX58t1k1znmKbnbHApnIBK9ZejwLuEOwn7AI_b5941m1vOTSDzYz9SBLnxJM8PsNyYMA5JHKNO2KYaE6jylaSW_MYiiGW6TGzdYvnpKPqIQRH6Y3n8sKjwqosYFJOXfzXA_tp-Oi6_Yu3sTrzAN82WJWMayE5NpKSrNUiAL6XFvQ4QJ1kXIi9sOIRp6qP9AUCg2oSPSopM_ogJjcfzt5M9lEPUV3tNys0oapj2IJaNNDPxzwCoJzeeVyqNq0IIgPqJM-sur5L1hstPM1IsdSko4soxT1d_8jmUAR4-1rMnx9vI_ssUm_q78vVI7jUjMy3dtX6uQsjV4S-5kBqJsDzD5TaPLo0d6tH3xgw0iPfeHVLcnj3l7pVsYcBlCx9mwaUUXZHUbjBzpyQWARprd9GEeeTut_pmpfL4VTyxxAQ5YBe-QT8xsCXmJsrJCLfAXBORQWotOFgSJjDBuZeuZYK8L1DmAwhbOZQOu8liRNq3n2uKPaCqh-hxqH5qzqCDkgVZ87sV7QqTyNCnFrP_dHC4LSIZv5HgKXt-dEVqf1IrX_nLRLoEIRvFFd8N_06s1SQxINZtt4xhKz50gtNXA-0GDtcuUlDicNzeK_2fcIxbEA8NFMBdMgwxMTgLTFwvmW1vUZuZYpr8L1GB4NI4flw722nwVZks8Rey0JTtq21GVi8FgiJ2cCLvYmZrh2Ey50zFiOAVa5M7EeK159ypdrYT1j2FJIRUdRDVeCIkNmzRv8nDeOcg9IfGLYa9tEVW75zV3vAR-j-r5mlutJE0R22OuT-wQwNP1kGFct357YUbEmm9czt4hjS2BmhjOVJM-6hlMtUMbSTaDM6b-IWg11ON3AIiFiYOpUYqfm_3mFSegqXQlnHyp_D2YNqnu704SvN9ATx3CoyXq03Re0Q76X9T7in07zO9gwBKGi2IcG8d-aaD2cDsEOOCc0USeOp8s8lhyKOJeZ3D0_SG29Hx7qEg9vYK9w1GSXrV_xnenJ6nipGhX2nua2utrdIkA9JvdzurSc0VDxzllCt66-Ehey5OQ9NO36kFL7VXApRDZcWlWWXos7w7u85twlljCOfjeoyhL_CCF1AXmGVCUHYCA5fBCGq8B5flYVVcQk3hqS46_UmbTuBwK-krlSZxMUFrrr8NFNleHkygQ8QSNocd1ka8Q6K_GGEpMeDil5danVXCZDXv0811FaRcGpqIUCMlI2ELXYJaSi308vkKg0pgmhPGGMfyCTTjPIDg77ZitByoLA4iPsrhjjMcpkvTCKulWF0gpbC164rJX65wnBDRVBjjIin24X05POPS1z46Lg0yAxVt0MLXWr5Cxo3Xm84YhMZSzdsZldEwx36iNHsSXc1C5vqmBi1RoDdurqqIZI_Y2qETzV-hLiKbv2PtMcqoapbkkgn6NYlDefb4zHJ8SbVnezKgLYx4w4Qqu7_L-El6i3vvxnqR0hGH_Pvf-MKlY1xfUWHm1a1wuouwbfaqqJrFWPG1VU126wE0ldi0gqW3ZdnRdmkYybuSSzGAiNxqltrf_S6WZb-Z5Qr7zoSeQkdB0OhjpYWM0QPkgxXiYHT5c_0wUPihTCjtlse79E9x9TcoORDRYYGyL3LQ90__-36u9M6n3wVs5l3nYm_Sq4E_e4R8ogfhmVtRjoyGknlXs-TzaMeiBa-f90f5n1k1z21fFgHSyIHOWrqTHzcLgmvFHKsGgHdWZ9lVxu7mNll1NLmyjQr4qf54yj24oV6t9XrvIF5UItyD6JUVsn8jL2UvVH1g-XO_pVWmWiBdX79eEDjsKwciXd8SIwhix6t-jqrVzyiCPzfEcLbfZKX3zxiFNPBuvAOAZsukp8Xx9fQexjktpISVoE_O1KJ13iebtzwzn1LTWign4V7M-4eLdNlO5VylQidK7c-9vF3iHJDNZSuO46eyp1d-xkWFVhXNjpAj7WrTXWmFS5dCmjjiAAlrs_BrnxdNXfLP6ARAhFny5r-Z5st28ZltJWJ0pkhX2Ok1MoIvWgmW9l6ul_4CyWQDxeLHwyCYofRaC3NBPJ7aSfLw4lH-jmLTMvkexOljG5P3tC8rK3IHTZw0HaiizGbqNokVwFOkazpnfq43KAhveke1N-wJ7U4r9ihJ5l0koOFlZtf-qkjRBh_nF8gzHbUVX91e9D-HrZoTu8-eAu06Bdfx9uUhDFCZOD5J1chCMbflUwxYwsnnSWqofAzUmupgg&cid=CAASEuRok8HxHJbsjTN3xH9sYp1rAg&rfl=1%2Chttps%253A%252F%252Fwww.farfeshplus.online%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7c55617f84818daf4c70cc10ada26ddd5b582b1d1c2c2829b3220487a6db477
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:54:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
159
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
server
cafe
etag
6261108306223674270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:54:38 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/913323/59535428/ Frame 4E33 		230 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/913323/59535428/skeleton.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.91.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-91-250.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d56e4a7af37794743c0341c8a0f7d7562ffafe9ca89b4189cc25228b75e5dc9a

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:17 GMT
content-encoding
gzip
x-server-name
app03.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 4E33 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
Origin
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 20:53:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47047
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 18 Jan 2022 20:53:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/elements/html/ Frame 4E33 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BlWDOSwMfEz_0jCo9DjwklujCiwOK8p1TzWWAyh307dyMJ_-2CMexpa06AJZ6pJ_afqRWWJdjxg9lIk_CSFgYyNneBgCsNPPDtx_g_mS_QC0mn6x_ejGdEnNJpHw3MnvrRGpu3jAMxnLWTjco1GzeSngbU4g&dbm_d=AKAmf-Bjq9Was6QaNt60EWxFZUT9xc2lKQ6J8lyEMnwQG4axrBZAEpxmU9ahE7S59tGI062K9UZLREO2mgJx-ANPuNQUUkmbEDZE9QvBOmooMB7V4_AM0re-JEeIBwxFLUZBB4lEV8HUM9s-uQCHqv4am4IyB3uPo2eRjRXhSDazLASwgTV6qUaPnTFnj5dL11Rw8H32VaIguCXsU2yash6MrrsWPHzfKAqfu9uGfnvX_bULvGbYmN26yXJhPfaGBxr8MyHPKj44TANQDBTQdX_-vd0WWuj97Qic2sd5FB2hZNf_ZLsfI0_nBJ4N57IJzhSIM7U0gEPWO-xN3g-oYYnP8A_yL92Kx-WvMEPqXSA5FIFf4OZkr5tzAm91lIr0OL_kcHGZsQ22i2UXofU5Xoz96vfjGSXHBJYgMOFPeg02RCCB7hyty4DcdPH2bjxx6kJJad3tXIo2FVv_dSHQM0GlyqWFoKULwEf5vVazsyu4St0gnTSKfPgZK-a85JlUeWEHR2OyeHkagqY2thajqlFhYeZzZZxJDlhMLZQQZeO_PBCx_TL4Qlxgbh-kK-3oqPbpxQgkKDaNOmNJztmUZ1cfa_F9j_gpMBY4BOnzMp4H1IzOcOTnxgT63gco5aNw03n6sYtRmigBsARC5FS51fAsA9UBcPXSjaT0W2jV4-eofeb7q72PPMyzMHGQDk4oDUGn6k0FwhnQfg-C_latrZ590btWcjMoLMiRfkFQLjwU9HaC7sQL8z1P-7LB8OlCHQuK-d1CsL3py3mDTZwrbyMHZUKyeS8IqTujc9eWb24dYAExJR9lqjB3jrcbP0yw9DSex040N575So_eYf3dmW-t1IW1rKpnj-bSz2itaEwYH9-61GmDsOy8-Uhv6UsqZl49v7Yxb3FVi4ZKtwoPXDfVYdHyClfsd3Lwezq2BxOIvJNI7Uwze3X6ndQR8rQe2psLdgEnJcbgXmRZq50I1bk_tzROgdxamgz0FOgxOl42IAANoePop6NzNgkUV506Ed8M4PEVSJQOJ-eJ7WzhFn_qxPjhjdWgf-xAFTYHdl1Gy_CUDrTyQnj41EqXODsWqWAUBw6kUF1Yr5Zuo1RJNExDEghqR43St3-xIWnXzXnOsugrEcKgHgvP7t-9FqA9VBoIwCra8WmsMoAdM6GCdaFVOIGY0KAH6RVyqLZFwgZcOUDwP8beAQYkyxgJs_pwVF5d1A5JWXKpLyBjGBaaG72h3PbPkh3nUsTp5v5s461350iGFaswBGnX6ni5Bp_dYLUHVDt9CDRu6GVa5blzu7bMbSRHQtDCsAfzPfk2o0_Jlv8e-HuOessnOP0D6-X9STJBV-KXaRMCyrj7qeE3xV14x242CNpbxiOyuH1YCH2Ur5aS44SEumaPrfrx_h4AtzqQDxMnIE1D9zCoCkpoCGcAq3D-HFDdhpuSIDVyn-MR7pRT82UnNpsyA7auKg1HIk0Zq3dW9-RF--Xxa_g9OzJEqVIOrL4Roh4zCt0pfPajaWMHGeRDWa4QY82fck0MV5-e4YJvZR6tpag82fmSO0w5_i9vgi2xFVlhMvfinIhdyyBG3YqDTMDO9gOEpE5iCNouecggqP4Q6lkN0jokNtLfkcV0y96GsMmTMOyHCCf_TQH8BAW8JehSC8w3d-4yr0rOhBj4lkvQy8eH7-ZluWZ79xJZ9NmzUfp1eM0LM2YtcGuepKIEJ1Pr8LxVBUeC2vv5lrlYUMl9Z0JTKnjdFE0cyorP1sSn6jXWMNNv1j-TA8roUXjtLPkCfD85jOZeg6xBJyZZMVjlaryg3LFPr_3yBisZfm4gnPvjk0uSiEvIegTpXJfr4N_Vz3_8-0Ybq_XZ8ZvwpS1jcCM9raAWaM7n3pbkNseH-1W903n8KwnXYsqsmnnuYXQHAdtlyRjQFCjVw7o1H__rD0eYHrP-nFsIXIbxXfGz9Loqc22r1VlSyuq2cN_5Fp-7CIzPTVF9U9IlWlcvZ4jk82RcYiJb7PTnIK-pD8sRD0PPNJBFQHppIU_wo383z1HsKkP3p5G-WvRdjQokiFB5WtVc-EPe58x9oJuFPVuc8WqT7BZdHYQkcNlfabLnwnPatRV_YjmQMQ6zdFqNK3_OoWFJ2YEoxqNUZ9h5RlhpoaO9ZlJAH1kazcSpzaa6IGENVvAIByypMEdfoqt4QpcAqDbwwcDxiNT9PIv1PvMKtggNi0wxksAmlWA-Z6qrVs_k2yA4a8x_kp36etGvaC0sgVO0xvGC7W-ikbVbm8XSn2HkbvzcThPgcsU7X0ErQx0QZGzDyeSp2xRg8cjbXCJ6BEXf8Y-305C8eY73mt48P2DzgSOHc-16Kk-7E46EipKYgLJcSEelUEWT3uF7NIuuo7RmkBp4XoW-Y4Ecv3LIXUc93Idu52JqhZeW-h87QSb8Jyixtg-xHQDbhXSVrmmEqm3UpKaeVrsrD2OpbptHtp1dRlAk-rE92Fz1pqTmNjD20JVFptr_RVAcwrp_yMf3ghPl-QLeucHWkNeHLOx3ADkn5YrKKk_QAgUZFT3LNxIkWaRL6QcT37oU8S-PjPMnyzSm3MaugMqZRM0-Lo63a8_aYFgyAyKcOnZPjaudmrb4Kdoqp1ZZOOWqeZZVbWdwG9RbanLSOCk3R604o8INroFAasuNKKmGvjelFuLjIQ1Ngb8oHfrebZZcNlx-QdNwuf9mEZkIN7gLcy961BW3dPRXKuJgxA6XeFXJaX33umon8aWRiNInk1uwLO3VUh-YD2EOfNMkGYsnCrd4Bi_ClJ3bc18iT9mDObsxW7K9rT2wMtfp6ZeNLw8UT-bjT4aX8aTdY2o4a9pHhOUZ4ZH7RTEPD3gB7UoG4o8i3LFBap0KAu0Pvm8E4q28DFcqJWB5v4gMl3wt_YdORKFlJCTdGCwU2UrO7yX1C7t1f0HkMftTAyWC6njHIgurg6mhwQzI2ACzfY7rhV7QjpuHavnTs1Y-kX_N9BxgpRyUrYkzwDDyeLso4TvSSoQ1wf2ZfTvqsOBDpzjcvMqF1R0HytcB0sotXUOAc7g7PSVn4drkfSSY77cp6qngg9nrRIU9FSzM4rvlnKmQbtTLhh4_kEXnWzFiMSHwwklmnM3lo-eVr9HUgKYqdcwRs50r1pR2yfjZxSv4Zn1tCwovf-cdRVMUyqaEhG2C_xwqA9k-f0J8-UXFZOrq9KPwCIniewyfVrgdaN2pu49lkW6Qw5eoj3yxgZFf8QaO8bQBLRr2CbZj0M4UAJImhOYWQkBAw_11TGFYQkP-djPpgSFcIIe58De9xVCtPdnMKsgzWDvov_QTL6Mm4RuuFgnmJoIsQyg6JxSDOOUoXkNWg8EWqMQ4TN2PUu_hB9RC7BurONykYiCM_AFiMnN0zqwJCacrNLd2h1fLI7xb30Gc2nlenJ2Mb_mNZ9YxO2Ezfm6p0aTCoLUuvigOpjjvmkaiDIUMxlmEb3LNbESmFvJvjY4NpWt3_B_vIsviRoWrSKP0Mi3OEWkH-4TJ4OXxzZtBUYGickC2BvoL_PEYWOtX1u5f1Hl2mbEM6UcLtqS8x4pvT_6w_KA5C5dkT1mVBPiA92nR5XeuFOoNErYAPErIV34X8ULEiVuSxTeKogaYSVMnQjE27-Kqh70axevtgsXIBzTD1F6ECKFoSr8Y00TyUOV6GAZFXDfEfdBLrZk3FXon6O1EFCqaCg_peOg-6qhKang37E7neypZqf0SBa3hOXLGI68Xsb0ErYVWxSkwOl3PZ0guorpd8yQ&cid=CAASEuRofA9oR6PyfG0gLAEWClJN8w&rfl=1%2Chttps%253A%252F%252Fwww.farfeshplus.online%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:52:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
281
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:52:36 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame 4E33 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BlWDOSwMfEz_0jCo9DjwklujCiwOK8p1TzWWAyh307dyMJ_-2CMexpa06AJZ6pJ_afqRWWJdjxg9lIk_CSFgYyNneBgCsNPPDtx_g_mS_QC0mn6x_ejGdEnNJpHw3MnvrRGpu3jAMxnLWTjco1GzeSngbU4g&dbm_d=AKAmf-Bjq9Was6QaNt60EWxFZUT9xc2lKQ6J8lyEMnwQG4axrBZAEpxmU9ahE7S59tGI062K9UZLREO2mgJx-ANPuNQUUkmbEDZE9QvBOmooMB7V4_AM0re-JEeIBwxFLUZBB4lEV8HUM9s-uQCHqv4am4IyB3uPo2eRjRXhSDazLASwgTV6qUaPnTFnj5dL11Rw8H32VaIguCXsU2yash6MrrsWPHzfKAqfu9uGfnvX_bULvGbYmN26yXJhPfaGBxr8MyHPKj44TANQDBTQdX_-vd0WWuj97Qic2sd5FB2hZNf_ZLsfI0_nBJ4N57IJzhSIM7U0gEPWO-xN3g-oYYnP8A_yL92Kx-WvMEPqXSA5FIFf4OZkr5tzAm91lIr0OL_kcHGZsQ22i2UXofU5Xoz96vfjGSXHBJYgMOFPeg02RCCB7hyty4DcdPH2bjxx6kJJad3tXIo2FVv_dSHQM0GlyqWFoKULwEf5vVazsyu4St0gnTSKfPgZK-a85JlUeWEHR2OyeHkagqY2thajqlFhYeZzZZxJDlhMLZQQZeO_PBCx_TL4Qlxgbh-kK-3oqPbpxQgkKDaNOmNJztmUZ1cfa_F9j_gpMBY4BOnzMp4H1IzOcOTnxgT63gco5aNw03n6sYtRmigBsARC5FS51fAsA9UBcPXSjaT0W2jV4-eofeb7q72PPMyzMHGQDk4oDUGn6k0FwhnQfg-C_latrZ590btWcjMoLMiRfkFQLjwU9HaC7sQL8z1P-7LB8OlCHQuK-d1CsL3py3mDTZwrbyMHZUKyeS8IqTujc9eWb24dYAExJR9lqjB3jrcbP0yw9DSex040N575So_eYf3dmW-t1IW1rKpnj-bSz2itaEwYH9-61GmDsOy8-Uhv6UsqZl49v7Yxb3FVi4ZKtwoPXDfVYdHyClfsd3Lwezq2BxOIvJNI7Uwze3X6ndQR8rQe2psLdgEnJcbgXmRZq50I1bk_tzROgdxamgz0FOgxOl42IAANoePop6NzNgkUV506Ed8M4PEVSJQOJ-eJ7WzhFn_qxPjhjdWgf-xAFTYHdl1Gy_CUDrTyQnj41EqXODsWqWAUBw6kUF1Yr5Zuo1RJNExDEghqR43St3-xIWnXzXnOsugrEcKgHgvP7t-9FqA9VBoIwCra8WmsMoAdM6GCdaFVOIGY0KAH6RVyqLZFwgZcOUDwP8beAQYkyxgJs_pwVF5d1A5JWXKpLyBjGBaaG72h3PbPkh3nUsTp5v5s461350iGFaswBGnX6ni5Bp_dYLUHVDt9CDRu6GVa5blzu7bMbSRHQtDCsAfzPfk2o0_Jlv8e-HuOessnOP0D6-X9STJBV-KXaRMCyrj7qeE3xV14x242CNpbxiOyuH1YCH2Ur5aS44SEumaPrfrx_h4AtzqQDxMnIE1D9zCoCkpoCGcAq3D-HFDdhpuSIDVyn-MR7pRT82UnNpsyA7auKg1HIk0Zq3dW9-RF--Xxa_g9OzJEqVIOrL4Roh4zCt0pfPajaWMHGeRDWa4QY82fck0MV5-e4YJvZR6tpag82fmSO0w5_i9vgi2xFVlhMvfinIhdyyBG3YqDTMDO9gOEpE5iCNouecggqP4Q6lkN0jokNtLfkcV0y96GsMmTMOyHCCf_TQH8BAW8JehSC8w3d-4yr0rOhBj4lkvQy8eH7-ZluWZ79xJZ9NmzUfp1eM0LM2YtcGuepKIEJ1Pr8LxVBUeC2vv5lrlYUMl9Z0JTKnjdFE0cyorP1sSn6jXWMNNv1j-TA8roUXjtLPkCfD85jOZeg6xBJyZZMVjlaryg3LFPr_3yBisZfm4gnPvjk0uSiEvIegTpXJfr4N_Vz3_8-0Ybq_XZ8ZvwpS1jcCM9raAWaM7n3pbkNseH-1W903n8KwnXYsqsmnnuYXQHAdtlyRjQFCjVw7o1H__rD0eYHrP-nFsIXIbxXfGz9Loqc22r1VlSyuq2cN_5Fp-7CIzPTVF9U9IlWlcvZ4jk82RcYiJb7PTnIK-pD8sRD0PPNJBFQHppIU_wo383z1HsKkP3p5G-WvRdjQokiFB5WtVc-EPe58x9oJuFPVuc8WqT7BZdHYQkcNlfabLnwnPatRV_YjmQMQ6zdFqNK3_OoWFJ2YEoxqNUZ9h5RlhpoaO9ZlJAH1kazcSpzaa6IGENVvAIByypMEdfoqt4QpcAqDbwwcDxiNT9PIv1PvMKtggNi0wxksAmlWA-Z6qrVs_k2yA4a8x_kp36etGvaC0sgVO0xvGC7W-ikbVbm8XSn2HkbvzcThPgcsU7X0ErQx0QZGzDyeSp2xRg8cjbXCJ6BEXf8Y-305C8eY73mt48P2DzgSOHc-16Kk-7E46EipKYgLJcSEelUEWT3uF7NIuuo7RmkBp4XoW-Y4Ecv3LIXUc93Idu52JqhZeW-h87QSb8Jyixtg-xHQDbhXSVrmmEqm3UpKaeVrsrD2OpbptHtp1dRlAk-rE92Fz1pqTmNjD20JVFptr_RVAcwrp_yMf3ghPl-QLeucHWkNeHLOx3ADkn5YrKKk_QAgUZFT3LNxIkWaRL6QcT37oU8S-PjPMnyzSm3MaugMqZRM0-Lo63a8_aYFgyAyKcOnZPjaudmrb4Kdoqp1ZZOOWqeZZVbWdwG9RbanLSOCk3R604o8INroFAasuNKKmGvjelFuLjIQ1Ngb8oHfrebZZcNlx-QdNwuf9mEZkIN7gLcy961BW3dPRXKuJgxA6XeFXJaX33umon8aWRiNInk1uwLO3VUh-YD2EOfNMkGYsnCrd4Bi_ClJ3bc18iT9mDObsxW7K9rT2wMtfp6ZeNLw8UT-bjT4aX8aTdY2o4a9pHhOUZ4ZH7RTEPD3gB7UoG4o8i3LFBap0KAu0Pvm8E4q28DFcqJWB5v4gMl3wt_YdORKFlJCTdGCwU2UrO7yX1C7t1f0HkMftTAyWC6njHIgurg6mhwQzI2ACzfY7rhV7QjpuHavnTs1Y-kX_N9BxgpRyUrYkzwDDyeLso4TvSSoQ1wf2ZfTvqsOBDpzjcvMqF1R0HytcB0sotXUOAc7g7PSVn4drkfSSY77cp6qngg9nrRIU9FSzM4rvlnKmQbtTLhh4_kEXnWzFiMSHwwklmnM3lo-eVr9HUgKYqdcwRs50r1pR2yfjZxSv4Zn1tCwovf-cdRVMUyqaEhG2C_xwqA9k-f0J8-UXFZOrq9KPwCIniewyfVrgdaN2pu49lkW6Qw5eoj3yxgZFf8QaO8bQBLRr2CbZj0M4UAJImhOYWQkBAw_11TGFYQkP-djPpgSFcIIe58De9xVCtPdnMKsgzWDvov_QTL6Mm4RuuFgnmJoIsQyg6JxSDOOUoXkNWg8EWqMQ4TN2PUu_hB9RC7BurONykYiCM_AFiMnN0zqwJCacrNLd2h1fLI7xb30Gc2nlenJ2Mb_mNZ9YxO2Ezfm6p0aTCoLUuvigOpjjvmkaiDIUMxlmEb3LNbESmFvJvjY4NpWt3_B_vIsviRoWrSKP0Mi3OEWkH-4TJ4OXxzZtBUYGickC2BvoL_PEYWOtX1u5f1Hl2mbEM6UcLtqS8x4pvT_6w_KA5C5dkT1mVBPiA92nR5XeuFOoNErYAPErIV34X8ULEiVuSxTeKogaYSVMnQjE27-Kqh70axevtgsXIBzTD1F6ECKFoSr8Y00TyUOV6GAZFXDfEfdBLrZk3FXon6O1EFCqaCg_peOg-6qhKang37E7neypZqf0SBa3hOXLGI68Xsb0ErYVWxSkwOl3PZ0guorpd8yQ&cid=CAASEuRofA9oR6PyfG0gLAEWClJN8w&rfl=1%2Chttps%253A%252F%252Fwww.farfeshplus.online%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7c55617f84818daf4c70cc10ada26ddd5b582b1d1c2c2829b3220487a6db477
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:54:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
159
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
server
cafe
etag
6261108306223674270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:54:38 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame FE51 		363 B
227 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLz84QEQkMPrARjtjMG9ATAB&v=APEucNXCHf1eejfV0EcvwSNzfD2YILePzjcxA6POwAfqDm8hf-S50lyi3HTcnQIrDYid_giHxFz7WMeCOQcsHyMcSjJpQIY2uyuJrktYtJgFYs69CqzGETbOMjMb3zM_uTShjL1WE9WxglU1kCeH56sZjQa-liMasWGhKRLkea8CuWfSxffsFt8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=280&slotname=9134183485&adk=3378407940&adf=4248194979&pi=t.ma~as.9134183485&w=336&lmt=1642499837&psa=0&format=336x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837268&bpp=5&bdt=728&idt=432&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90%2C728x90%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=3181&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=5&fsb=1&xpc=UYbEHJCse8&p=https%3A//www.farfeshplus.online&dtd=434
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6edfad1d5d6275fc7ade68ffb1f07d480fdbb39579fa359bc9c7ea1d4649fce9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=280&slotname=9134183485&adk=3378407940&adf=4248194979&pi=t.ma~as.9134183485&w=336&lmt=1642499837&psa=0&format=336x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837268&bpp=5&bdt=728&idt=432&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90%2C728x90%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=3181&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=5&fsb=1&xpc=UYbEHJCse8&p=https%3A//www.farfeshplus.online&dtd=434

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 18 Jan 2022 09:57:17 GMT
server
cafe
cache-control
private
content-length
206
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame A688 		55 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-De8XvCQ8b5l9wdyelAR59kGt25wg4o7XF3HVCUq2KZBgffsSKW0uaQOH3c8OH0_HsDIDPdvgHI0WFK7xvbIS0aOQMS8pbanXyz6Y5LObem7CqZ5l4ccpwSu-6qk4mPbhA9ypQHEQ76NVDK79Af5KKdsYEqYQ&dbm_d=AKAmf-CtCek3eTisLPE0VsAheFMkWVWnlZW3Ti74j_e_9H1nlsR-ISRJKf6oCmxq7xVIKzHHipywgg25yh4J6bQHaWs693g-wYeTolxsn-Yud9rT4WIbc9zsHzJZEXDV0Zqy_5dDtrmPXuLDgI0M5fTfmndnQFCQBZvSjuD4B8ImN2KEFs_r8dxnjRHT3xNw6fQRJPAiqDRSivghnet7uoJ-hENuQMcIHk0R1rzs6qy4T20fkPYYENYgm2evMZNKmdBrtAScFoag5DuQXeX2bBtnv0_wBYUJ8JX5tbLBTLKeO1WtdMGdBFAfYLD7DTA-sZrTVnlbprqFf35wVYhuxv9awJGJPuFnUP-aO13AI_WQdInUCRG_MhTnl9LBM373QdDFf-D4mJzamQ4Gl3Qu8JuNXyyWxEremzOnIWatMOO9rd7KmgYh7CiHFQpa0Sk4nB-jZLPwQEl5VWt8Jj98vzqoXWywNQLs4vvOmB9e2GdsDeJuAXYMDK4wCxYXsNeQ-x1tqUF2B0UUmPu9ThKwfXqLGYZnZsC9PRJXEt0KQpp185kjk9dRoMglcWxvpj7JSzcmsvE93taaFP-45Wc1V7WW8Gwg9rwmSsMphH3Ra52cS9BGRxI2arvp9kYm7vUJfOiKGxH0VZH55kEzN5nxICi90wS_-Y3gTbtL5jBynz6nH2S1SyQKowJ2rJXBWEvSHd5eyG4TF67c9C3kV9MStZoFhKbNh6tOQImhq77FtiRzh1HG-6zGvnvawT1di5cnHwBIR3W-5_wrg70kSa3WiCQsp8zMrlk9vJPjkvHspo6R6OsjnxTnixj71VHkvAraQ_ZWbCExLFP69vlxLX00XwMviLm0gemUxub3Vz2lVmFl6DZ2fU-vTibsMwjY-hBHINtf4TuEk0LYsUy1XJp0QPxOCp3WehQV40qbvOCLUcOLpogS7d3FuUYSiNYIAneBgghoS5Z120sqbJwg0pVI475Hlzjg_-RwNGEKWutyeZm9uIT_5CRnkolN7hGCU7EcFew_uA_6u4hjWu6GBzZrzekqXB1mbLvfdIDJAG861Ygd1q5-9BpkhkMGBVTDpbSVt9EDfT5IY3upJ7F__PFC0YSQbJYJjUbKyD2v2afUa3tb_rV8Md2KE2JVbr31l9OPwIivbPDxkLKyDGEgttV2LbxCCf3pZdeTdg4G5WQtcoxNcTPpruw88NA7aTOFZWoycmOOmNHCh1gbzaLNRqDb3TNzCziSNibW4-ShBDjbIkkBh-znaM36VcYC_tE25Fgrtd0FWB-MGhCv1zg_Unjtt7hzFsWqR1DbOu9qcuT1CXgZqwcfMgO9Ym9-23wI2TgXw6wnkag7h6UnMNNraTk_I79o6ZLODMfWK9C098JoBh09dZkWwV62jLLg9Fehk1fLIuwDsMwrIY__pWxeZK_vAGZwSqyIh9QF4wqKnRs8QjqBJMFE9s0XLxswNJ7_LAYZoJ5FRVwR3g9NG-v4KmG13b8-d3hbeQMVus1AgXhbD70JLgW4fC4HQjzRB6WT8b3IXYiHYX0ho9f00-r9oA8juQtffJpd6e_LYZJy549sT_8oufqdILLrTuoccDu-YJL4n3cRZnxGMH2PYDEZmg0-DMJDnunfk0PBFu8HYivrIC52lugW9DqtAx8TFh_QUnS7ZKd3m_zumKHtFEPSJoiNqvccJI0VrWP61hYN91It3ohKLbS6ZP1TMI_GPAr_SwMsceZeT-cGojG_MHN_W2cQ8FLJQeh04rzUCEtvCr-0J_lePlkwfR6_bcTx8xQeAhGL8bPVdFvFRMRnsM1ILusRgaj8u0K5OX91OrM0pbKcUaBZy7gnixRlrJhb0_50x1jmdQrd8u9yBWvvlFsOEZVYST8CjqFk19jnvf-oCwzAwrBrPcVL3d_IfSkGbIjfMTz1CJaEV3ieo392FjzlABB-KIcFohLRT4Rb3kieJMY6m9KJT35BUNBRzWP_WBDiF5iu_9sUXEQzU4keFrXkI_mwKMSFBoTK7ushDu5VqxFQdiozCjDdry8d4JniMz7DmMg37_sUmlIFeLJf6yhQbOMdvpPxRZek7VAYJ_YcLIBVdAQRQwV63de2yhVxWYJ1QCtT1upTayePQ5Gl9FgSGLyjEHFr04S6wQcDgNGK8ylFg88cOak6ATK9kmU8RDSmBZ4W2uUJjuokM5xOfJy_Fatjc4tSapUpZRlUbQxcKO_5EzapoUoC5eiCcEIa2L2cxRryp0UyZE9-UPHv-1eyjzyGfpcNwEfgoIv6oi8N0m0XBwONSbgpakBsinQyJoNW8lgKd0bUxyT1zKwAHStxlaNbjUVuv2_7HKthyt8ElL4MN45Wig5sA2LbbFmpFuqN3AQPwrOGDdCLOKPb2aiaPCzWOmeC8hB7dIE8qmZwIueAiXcHdaYtF6Pb6rnew7Lvy_tZp4Druya8e-pp9xpnm1uGbmMqlLtDskVCYUJ3IwTh7DbAyBIZ2t305F2kK7cGqYJSebHig1Zg0XEzVyel524lwt7NQZ8cwNJ0n2aVSWFkx4S60G2Lj5K7bDWMZZT8L0J0VKKoealM9SoNZ5ugdLwVTaPryJ1zXhIj_MTl3eYA_GJ1ybmfhX2LMLq-pFmUeeJDCtxaOxcOr89C2uNi4PQrK10yrMg8BDvyxRQTe5kVqT0oSbWfoh94dujTdke6MCS-mmyCH0D4yICuYILl3NUL8zif1GE9IZkee15iQhdzSP862AOh6xPocNMFcUm1wfkPnN4GQQXpTs-DmVQ4Y3oABqK7UlELdDRPc_-a5gpRV4-PLp0Voz3EmYhjBDnKXMHdBtYBBzd2aPMDrdJ1pSm-joZyMIJzzeyAk81SRePm7fG-wBbfwDjgF078SLQg83jJ0A56B0haXZUpBdHKn7NyW0vpwXAdYMse3ahfCkcU0SZlpJh8uhgNb93w7kwaGPpD3ZcA9wq9aGnJNb9Hbw1i4egCAiVC98j835Qh9k5q26q7R1j_gCfOsyZfJyJCq_1-0z1Zq7nntKuun5OtwNb5R_wp68NwhtwlzxEFqFMZ2QOP5xtO1ExCkoSdNTZKd2m7DL2VJHlm4FpDUDXo5uf8DlGYQgtQne9-GiV2XrOvuRf9_hJpTzifgNWXhbY83t52n4zB6jV2HMLPALz1nhT1TpRs_QhzHnSI8DaniRH2S3yk2MAH9sETEfQ&cid=CAASEuRoZnNEHxPsyAtDHH6oeLhxaQ&rfl=2%2Chttps%253A%252F%252Fwww.farfeshplus.online%252F%240
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c8c4b0d3bb87e9f0294631b6c6ebbadf553717441ea9483d51df7d93029be32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=280&slotname=9134183485&adk=3378407940&adf=4248194979&pi=t.ma~as.9134183485&w=336&lmt=1642499837&psa=0&format=336x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837268&bpp=5&bdt=728&idt=432&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90%2C728x90%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=3181&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=5&fsb=1&xpc=UYbEHJCse8&p=https%3A//www.farfeshplus.online&dtd=434
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27878
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame A688 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=280&slotname=9134183485&adk=3378407940&adf=4248194979&pi=t.ma~as.9134183485&w=336&lmt=1642499837&psa=0&format=336x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837268&bpp=5&bdt=728&idt=432&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90%2C728x90%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=3181&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=5&fsb=1&xpc=UYbEHJCse8&p=https%3A//www.farfeshplus.online&dtd=434
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:54:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
196
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:54:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A688 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=280&slotname=9134183485&adk=3378407940&adf=4248194979&pi=t.ma~as.9134183485&w=336&lmt=1642499837&psa=0&format=336x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837268&bpp=5&bdt=728&idt=432&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90%2C728x90%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=3181&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=5&fsb=1&xpc=UYbEHJCse8&p=https%3A//www.farfeshplus.online&dtd=434
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 18 Jan 2022 09:57:17 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame A688 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=280&slotname=9134183485&adk=3378407940&adf=4248194979&pi=t.ma~as.9134183485&w=336&lmt=1642499837&psa=0&format=336x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837268&bpp=5&bdt=728&idt=432&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90%2C728x90%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=3181&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=5&fsb=1&xpc=UYbEHJCse8&p=https%3A//www.farfeshplus.online&dtd=434
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1072
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:39:25 GMT
l
www.google.com/ads/measurement/ Frame A688 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSsDS0MNYuUJ_4Ra3ZstwPFSIypC6W8ALeBKdoD6je1DpFpbsnXPGU75a4bUv65N8IuDtnJY2t1Pv4a6mztGO35ln0xEw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=280&slotname=9134183485&adk=3378407940&adf=4248194979&pi=t.ma~as.9134183485&w=336&lmt=1642499837&psa=0&format=336x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837268&bpp=5&bdt=728&idt=432&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90%2C728x90%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=3181&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=5&fsb=1&xpc=UYbEHJCse8&p=https%3A//www.farfeshplus.online&dtd=434
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame A688 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CluHoV0V3giuc2NuRjBs5dAkZwjspQEyQ6oOX8Yj3PtkVoPm0iuRy0Cz3oHUf5x_LZcStP0AcqOK-dskmexXg5_gtKYBdXjnXDpWB23utVOkHkFeQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=280&slotname=9134183485&adk=3378407940&adf=4248194979&pi=t.ma~as.9134183485&w=336&lmt=1642499837&psa=0&format=336x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837268&bpp=5&bdt=728&idt=432&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90%2C728x90%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=3181&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=5&fsb=1&xpc=UYbEHJCse8&p=https%3A//www.farfeshplus.online&dtd=434
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.gr.19.8.280.js
static.adsafeprotected.com/ Frame 0C38 		188 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.280.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/919015/59742583/skeleton.js?ias_dspID=3&ias_campId=23268776&ias_pubId=pub-6266313190087173&ias_chanId=1&ias_placementId=14569750229&bidurl=https://www.farfeshplus.online/FP45.asp&ias_dealId=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3a2d9cbe8b064e127245b7b16fa32baf1b1512aa3a3c8bdb3e499a4af1eea2f4

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 23:31:11 GMT
content-encoding
gzip
age
555968
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 11 Jan 2022 23:16:08 GMT
server
AmazonS3
etag
W/"90392bea80ae4672c9e7068b39b989e3"
vary
Accept-Encoding
x-amz-version-id
yTEXMMT7bLWcsJAanoak73m.vg84ulfF
via
1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
DUS51-P1
content-type
application/javascript
x-amz-cf-id
5-kvK_njaNDfpATw54XNY6yibSN6nuTXpVvoJ_s5Ai_bGJnNQbia-A==
rum
dsum-sec.casalemedia.com/ Frame 97D6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAxIdgXNDGi4hBZXgYlVjZI&google_cver=1
43 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAxIdgXNDGi4hBZXgYlVjZI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIPUjgIQw9WUAhik_IufATAB&v=APEucNVvvBNaWYkkhAqT7IdKeKPXKH3GMcCwBgtV_fYkpfd97Dgayz17FOqq6a9DsH2XbyHIFuPbfRjcTalw_Yy0sS2DswvlNh61lSIqUHUtwRw5dlhUADhx-5MNbQ13M8iFuXerW_odaSC6fJPi7x_5U9zF2CASo2fY3_Z7ZoHy6bUrbOt43LppnmfruQoYs3kMKoHCmaFytCAN3-1t8W4Tbs2UVUlLnQ
Protocol
HTTP/1.1
Server
104.92.100.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-100-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 09:57:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 18 Jan 2022 09:57:18 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAxIdgXNDGi4hBZXgYlVjZI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 97D6
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YeaO-dp9OUtgjeqPLoebGgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAxIdgXNDGi4hBZXgYlVjZI&google_cver=1
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAxIdgXNDGi4hBZXgYlVjZI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIPUjgIQw9WUAhik_IufATAB&v=APEucNVvvBNaWYkkhAqT7IdKeKPXKH3GMcCwBgtV_fYkpfd97Dgayz17FOqq6a9DsH2XbyHIFuPbfRjcTalw_Yy0sS2DswvlNh61lSIqUHUtwRw5dlhUADhx-5MNbQ13M8iFuXerW_odaSC6fJPi7x_5U9zF2CASo2fY3_Z7ZoHy6bUrbOt43LppnmfruQoYs3kMKoHCmaFytCAN3-1t8W4Tbs2UVUlLnQ
Protocol
HTTP/1.1
Server
104.92.100.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-100-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 09:57:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 18 Jan 2022 09:57:18 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAxIdgXNDGi4hBZXgYlVjZI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 97D6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDLd-dbc5oht-CQkRrEDZyI&google_cver=1
43 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEDLd-dbc5oht-CQkRrEDZyI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIPUjgIQw9WUAhik_IufATAB&v=APEucNVvvBNaWYkkhAqT7IdKeKPXKH3GMcCwBgtV_fYkpfd97Dgayz17FOqq6a9DsH2XbyHIFuPbfRjcTalw_Yy0sS2DswvlNh61lSIqUHUtwRw5dlhUADhx-5MNbQ13M8iFuXerW_odaSC6fJPi7x_5U9zF2CASo2fY3_Z7ZoHy6bUrbOt43LppnmfruQoYs3kMKoHCmaFytCAN3-1t8W4Tbs2UVUlLnQ
Protocol
HTTP/1.1
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 09:57:18 GMT
X-Proxy-Origin
192.145.127.217; 192.145.127.217; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
7d9861fe-e34c-4a53-89d6-0cb1576e2296
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEDLd-dbc5oht-CQkRrEDZyI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 97D6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQxOTgxODIzNjc4NzkzMzcwNg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQxOTgxODIzNjc4NzkzMzcwNg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIPUjgIQw9WUAhik_IufATAB&v=APEucNVvvBNaWYkkhAqT7IdKeKPXKH3GMcCwBgtV_fYkpfd97Dgayz17FOqq6a9DsH2XbyHIFuPbfRjcTalw_Yy0sS2DswvlNh61lSIqUHUtwRw5dlhUADhx-5MNbQ13M8iFuXerW_odaSC6fJPi7x_5U9zF2CASo2fY3_Z7ZoHy6bUrbOt43LppnmfruQoYs3kMKoHCmaFytCAN3-1t8W4Tbs2UVUlLnQ
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 09:57:18 GMT
X-Proxy-Origin
192.145.127.217; 192.145.127.217; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
d2f08b59-3b64-4737-bbed-08236b3570e4
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQxOTgxODIzNjc4NzkzMzcwNg%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 2975 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
39ed0d80ffd0bfcf9190be3f48b59dfbf4b21d25bbabc1fbe721d74043f38083

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/8247523/1641901381889/ Frame 0D51 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/8247523/1641901381889/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96bdef9ebb22ad09a36b0ac5ac22188269495e5178f76ab7d8ec1cc0fe5d9181
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length
2872
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 17 Jan 2022 18:50:35 GMT
expires
Tue, 18 Jan 2022 18:50:35 GMT
cache-control
public, max-age=86400
age
54403
last-modified
Tue, 11 Jan 2022 11:43:01 GMT
content-type
text/html
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 0C38 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsskswBOfWDy0tYsblQQCNmbIlpZJVzkzdRq1vI_rfiTB1JpqIb61RHX81PYbT0Am-g-Gpy96HEEzPopOlxDU6p1d9VIwOXu65dmInG_hMMxr7Zw2Ls5UAKUVP5riW0T58D3Aby4gAlDtOA72lVkKoES-CyZN8o66Covib8QEXlQj1VXji8qM7MJKsuMQf5QMJclDxIWWcOdj6hnk9If-K-Rh-fL_vzJsw8WWwfpurGRbM-doW8K9P1pA5kbGTR5FKCbj2MFOKLamL-e0Nrgb5fD8xxmVe8kKuExm2FtA5Pmg36lOZkamSHYpXkZCCHXQc0u_IjVZpnT61ciBJaYb_EFI2wD7ChZRnMMy6QBcgs1lSpH1sckQPlBQRxNkr0dm2mFoTDmmQGJpCKMFq3xJ9P5OBxkSZBZxPDIEqTWIC0jlS0JQQJ1eM13eeXG8ZjptSnRU5YY0HRJYl8e-y7iJVpWiHX6p-lQXSWOZlEaeAi_l-C7h_uzD6FDGp0kUCA-0u_Y06aYVyZxGY7Mn872VNwVsqtM7mlUHPlRfV5YYdAgNCeQdQnNDHkQmUsyDqVr7Nt1hZ652ve4XoXwDCUeUZ3ac0FipdGz-p-cPTSFGHe-lntHyYQVmThgmeIQRcF77nIe5_xQHA-s7ErYEzGkVYwQLtqLljmRId5yStykwWNOCIy2uChvQotIZI7fEDi8mCk_3Ay8YhMqzUoTqGsWW17laB02BgIHWexuV_egwKjG-8O7GiWHm5QNboi0qNM9JHt-W6_GdCdFKz8xzdcBztQ8U4FyG_wV1cUDyokuHJvKC6G5ltVGIkNZNqTQf8otKQAjnBCYxN3HpWIrZBNMKNSOfHlYDe1fBEUjzRinpJgS8Y5a6kZVcC2-0pocbq3TD3HdX0sbj2OvHksUGh2GNFCECca92lQq5a3qhERH4BBOt9T842cXAflscnawLMMafmD09MpxesRR2347JPbrdCrpAhuVSm_tzK3u-36PLD-BBQ1nGZFQ2jIjm9JxwhC_TmUEERNZW42u3pXdwF_cDJhAz6fUr-RGxcjROodVK4qTo98Z4S0nIyahT-TuCRhbl6ZhRjQg2gVjY1mhLGq_FJNs6dAPilCGXdM3HWERvforoka3esIPsjOMsVaDhXkoRJVWX0M0wH2oP1qwQmihSriqtpwRXFO6F09N34mP9jUNisjwhBE2C0yPYpawPVT8FC-TCfMU0wVmV7yoSjQro0UXXAVXP6HGZgBge5sYnuh3j5BKM4erXQ&sai=AMfl-YRvpMMiGQYr3d4Gpz4Uqkz7OsnB64jabUQfJApi_nnqjqqfJCOBw6qJ6sLkwc9OKovCl_8J-wjrqH2O1acrqVtNUlc25qfoD_cTZvRoC3PJi7Z2m8333Cq_ijXRSSiQpmktAAZPY0TMuh4C4G0RV7UmZI8BxA&sig=Cg0ArKJSzKXHE8Vfe89nEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=609&cbvp=1&cstd=606&cisv=r20220112.86796&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 18 Jan 2022 09:57:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
impression_pixel
t.myvisualiq.net/ul_cb/ Frame 0C38
Redirect Chain
  • https://t.myvisualiq.net/impression_pixel?r=[CACHEBUSTER]&et=i&ago=212&ao=693&aca=27011600&si=7079041&ci=164558803&pi=324858083&ad=516984875&advt=8247523&chnl=-7&vndr=115&sz=10125&u=$$23268776_1456...
  • https://t.myvisualiq.net/ul_cb/impression_pixel?r=[CACHEBUSTER]&et=i&ago=212&ao=693&aca=27011600&si=7079041&ci=164558803&pi=324858083&ad=516984875&advt=8247523&chnl=-7&vndr=115&sz=10125&u=$$2326877...
43 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.myvisualiq.net/ul_cb/impression_pixel?r=[CACHEBUSTER]&et=i&ago=212&ao=693&aca=27011600&si=7079041&ci=164558803&pi=324858083&ad=516984875&advt=8247523&chnl=-7&vndr=115&sz=10125&u=$$23268776_14569750229_399922152$$&viq_did=&pt=i
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3388934107&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837157&bpp=1&bdt=618&idt=478&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=OQC0fQNSPT&p=https%3A//www.farfeshplus.online&dtd=482
Protocol
HTTP/1.1
Server
3.122.144.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-144-9.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Tue, 18 Jan 2022 09:57:18 GMT
Cache-Control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://t.myvisualiq.net/ul_cb/impression_pixel?r=[CACHEBUSTER]&et=i&ago=212&ao=693&aca=27011600&si=7079041&ci=164558803&pi=324858083&ad=516984875&advt=8247523&chnl=-7&vndr=115&sz=10125&u=$$23268776_14569750229_399922152$$&viq_did=&pt=i
Date
Tue, 18 Jan 2022 09:57:18 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
ad_impression.gif
beacon.krxd.net/ Frame 0C38 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/ad_impression.gif?confid=rse3golp6&advertiserid=8247523&campaignid=27011600&siteid=7079041&sitename=N755990.4162781DV360IT0&placementid=324858083&adid=516984875&creativeid=164558803
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3388934107&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837157&bpp=1&bdt=618&idt=478&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=OQC0fQNSPT&p=https%3A//www.farfeshplus.online&dtd=482
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.87.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-87-218.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:18 GMT
cache-control
private, no-cache, no-store
x-request-time
D=33 t=1642499838
x-served-by
beacon-n009-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 33A4 		1 KB
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:54:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
848
x-xss-protection
0
server
cafe
etag
2277666839114365613
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:54:48 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 33A4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CklbD_I7mYczbHdKC9u8PnMCR-ASrguDSZ5qw_pjzDMSmn6rfGhABIK2JgyZg_YKRhOgRoAHph7_uA8gBCakCZYc6tIwesz7gAgCoAwHIA5sEqgSpAk_QYzqbGaTuNJJcqXWxkxWlvs0vbpgQbzcRImGKV6R8qEsnLlImGOpKJdHkugCjD7RDiUvifD1Dz2vYPjXLrf4Ocj5cS7yNCiWlvv3c0ZoCRtaCg0hXaRo2_LlbXmL_iRJcc_M6DXX5SMDexu7v7ypzy_QCcQ4Iw3MMWY-iErBlgKBobQqj8ZT1n0W4BAt9OMJ8uNSANXaDtIHus28YdAAh9k00rCNPVuLZOQAIgILjbdSc0LnUtjSxuPzjTGILYhqH9LHixVqviK4vGuZYKpoJdXLejJ0EIaSVbMZ9G_6bqyeCCrrJjZ1d6_6BuelbWuyemQZJHvVYEm_Lsmp1A6-G0rcZdqgSeOwl6D6riIad9FQ7Mb-A8cK94u3mS_-ffyrXFr8_ffZY2sAErp_j4J4D4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB4TwyGGoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQwK8B0ggJCIjhgBAQARgdgAoByAsB2BMO0BUBgBcBshceChwIABIUcHViLTYyNjYzMTMxOTAwODcxNzMYtfIU&sigh=TsgrfaNMT0Q&uach_m=[UACH]&template_id=494
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame 33A4 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite_fy2019.js
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:52:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
317
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:52:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 33A4 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:54:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
196
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:54:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 33A4 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 18 Jan 2022 09:57:18 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 33A4 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1072
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:39:25 GMT
b08052bb948632636d2eb594b39baf17.js
www.gstatic.com/mysidia/ Frame 33A4 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b08052bb948632636d2eb594b39baf17.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7cb23a8c81d8e04f278b4ebbcc8c169c2f602398e4fb0f336dbf71e4752470c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 15:07:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
413376
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11476
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 08:34:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 13 Apr 2022 15:07:41 GMT
sd
us-u.openx.net/w/1.0/ Frame A806
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPxS9VvqUP9pv7CV_HC1JkI&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPxS9VvqUP9pv7CV_HC1JkI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCE4EIYzrGLCzAB&v=APEucNWVm7VKWfC0tRL70MMgrzPIN7lYZaDsXps48W4C-byV6y8YOfAuR040t_uxQ5bIKyNRSRixLFdNxnV7grDAdBexRi1StgwQKy6-tiuzOoZfzocBVlAy7_iu0xskdosXM2WLOADSWvu67MT-9aybSWvswactMISzFC7thM3uI0n2-ySNr-mwMaQFGMeRmpL5VUh9X3KKPfu5aVNAperkAwnjrgfC1A
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:18 GMT
via
1.1 google
server
OXGW/17.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPxS9VvqUP9pv7CV_HC1JkI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame A806 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCE4EIYzrGLCzAB&v=APEucNWVm7VKWfC0tRL70MMgrzPIN7lYZaDsXps48W4C-byV6y8YOfAuR040t_uxQ5bIKyNRSRixLFdNxnV7grDAdBexRi1StgwQKy6-tiuzOoZfzocBVlAy7_iu0xskdosXM2WLOADSWvu67MT-9aybSWvswactMISzFC7thM3uI0n2-ySNr-mwMaQFGMeRmpL5VUh9X3KKPfu5aVNAperkAwnjrgfC1A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:17 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame A806
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEA5X2ZqbwNNBfySFjnpriwc&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEA5X2ZqbwNNBfySFjnpriwc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCE4EIYzrGLCzAB&v=APEucNWVm7VKWfC0tRL70MMgrzPIN7lYZaDsXps48W4C-byV6y8YOfAuR040t_uxQ5bIKyNRSRixLFdNxnV7grDAdBexRi1StgwQKy6-tiuzOoZfzocBVlAy7_iu0xskdosXM2WLOADSWvu67MT-9aybSWvswactMISzFC7thM3uI0n2-ySNr-mwMaQFGMeRmpL5VUh9X3KKPfu5aVNAperkAwnjrgfC1A
Protocol
H2
Server
104.90.104.248 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-248.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:18 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 18 Jan 2022 09:57:18 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEA5X2ZqbwNNBfySFjnpriwc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame A806 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCE4EIYzrGLCzAB&v=APEucNWVm7VKWfC0tRL70MMgrzPIN7lYZaDsXps48W4C-byV6y8YOfAuR040t_uxQ5bIKyNRSRixLFdNxnV7grDAdBexRi1StgwQKy6-tiuzOoZfzocBVlAy7_iu0xskdosXM2WLOADSWvu67MT-9aybSWvswactMISzFC7thM3uI0n2-ySNr-mwMaQFGMeRmpL5VUh9X3KKPfu5aVNAperkAwnjrgfC1A
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.104.248 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-248.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:18 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 18 Jan 2022 09:57:18 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
300x600.html
s0.2mdn.net/9903731/1639473459339/300x600/ Frame 53C6 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9903731/1639473459339/300x600/300x600.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26f517dbd0424d16a86e7a9aa94611d5d95c9f036a0db15df89218a16e41208f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length
2144
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 17 Jan 2022 15:35:04 GMT
expires
Tue, 18 Jan 2022 15:35:04 GMT
cache-control
public, max-age=86400
age
66134
last-modified
Tue, 14 Dec 2021 09:17:39 GMT
content-type
text/html
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
partner
sync.search.spotxchange.com/ Frame 1A62
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAKzIAT6nFi8QE0ZelyDwkQ&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAKzIAT6nFi8QE0ZelyDwkQ&google_cver=1&__user_check__=1&sync_id=05a564ec-7845-11ec-8529-1a3233820306
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAKzIAT6nFi8QE0ZelyDwkQ&google_cver=1&__user_check__=1&sync_id=05a564ec-7845-11ec-8529-1a3233820306
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvochCQpY4CGM3Po74BMAE&v=APEucNU8ty2_bxHIt5Mt3tYisM1JTXZUWSYNWCn7z4cYvWfZc2YniiAhsa7dzdqZ_7_qJC12NRAw4FmbsINZhvENSUOKHgpzTWvs-sKFWdbUnObtSLEn610HfWHs0FwppA1Cp7I6srJm0QU5fjEPt-5weAt3HLLONLfcqLnSxDVceuqUnr26o4URDAmFxjxiGfm7TA8LUETjs_6vZ11eZXvCKNj0Ud_G_g
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 09:57:18 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
120
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Tue, 18 Jan 2022 09:57:18 GMT
Server
nginx
Location
/partner?adv_id=7025&uid=CAESEAKzIAT6nFi8QE0ZelyDwkQ&google_cver=1&__user_check__=1&sync_id=05a564ec-7845-11ec-8529-1a3233820306
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
109
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 1A62
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDVhNTY0YjUtNzg0NS0xMWVjLTg1MjktMWEzMjMzODIwMzA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDVhNTY0YjUtNzg0NS0xMWVjLTg1MjktMWEzMjMzODIwMzA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvochCQpY4CGM3Po74BMAE&v=APEucNU8ty2_bxHIt5Mt3tYisM1JTXZUWSYNWCn7z4cYvWfZc2YniiAhsa7dzdqZ_7_qJC12NRAw4FmbsINZhvENSUOKHgpzTWvs-sKFWdbUnObtSLEn610HfWHs0FwppA1Cp7I6srJm0QU5fjEPt-5weAt3HLLONLfcqLnSxDVceuqUnr26o4URDAmFxjxiGfm7TA8LUETjs_6vZ11eZXvCKNj0Ud_G_g
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 18 Jan 2022 09:57:18 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDVhNTY0YjUtNzg0NS0xMWVjLTg1MjktMWEzMjMzODIwMzA2
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
132
Connection
keep-alive
Content-Length
0
v1
ads.yahoo.com/cms/ Frame 1A62 		0
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvochCQpY4CGM3Po74BMAE&v=APEucNU8ty2_bxHIt5Mt3tYisM1JTXZUWSYNWCn7z4cYvWfZc2YniiAhsa7dzdqZ_7_qJC12NRAw4FmbsINZhvENSUOKHgpzTWvs-sKFWdbUnObtSLEn610HfWHs0FwppA1Cp7I6srJm0QU5fjEPt-5weAt3HLLONLfcqLnSxDVceuqUnr26o4URDAmFxjxiGfm7TA8LUETjs_6vZ11eZXvCKNj0Ud_G_g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:18 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
shopping
encrypted-tbn1.gstatic.com/ Frame 33A4 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQQYXqWFf0gtS1riUfdZ-cDFFKNtxm1WTca3G1F5i8BNV2b7OEuZurmQkANqQg&usqp=CAI
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d6feebd450355c99036bde7f128dbe3b49a5381e1530be357a585106a83e372
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 19:05:24 GMT
x-content-type-options
nosniff
age
485514
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29419
x-xss-protection
0
last-modified
Wed, 14 Jul 2021 01:16:13 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 12 Jan 2023 19:05:24 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 33A4 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQ2XHiQmbjG1crsk7PB2KVxwVmUVQ27vonW4z3sBiRCVmfofqr8GxF_fztONw&usqp=CAI
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28302dc4a1d47dd0441896a2deb5d9061dcaf52f1d776179ecf494d6635e3816
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 06:44:45 GMT
x-content-type-options
nosniff
age
184353
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31461
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 12:35:34 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Mon, 16 Jan 2023 06:44:45 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 33A4 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcR3bOnkk_rxQlO17GcXhUP-TrOzanBET3H1v7rgjX_ziTQf9eVuYl9Oq2fc1Q&usqp=CAI
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56b85b53790f989fcc3f306d74f634fcde57471c61af5c61e451deffe8df554e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 11:27:14 GMT
x-content-type-options
nosniff
age
167404
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18598
x-xss-protection
0
last-modified
Fri, 30 Apr 2021 02:04:29 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Mon, 16 Jan 2023 11:27:14 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 33A4 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTdWlFg49uimj_dM7miTuL3IUDLs693AzU-llkNaudFpGWMbZyJ5dz3Bl-AIA&usqp=CAI
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18a8f89bf953e9404baabdd6c9e5c8e0bb356f99d4c7e7259bf5c55affbef4cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 16:07:24 GMT
x-content-type-options
nosniff
age
409794
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25720
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 02:24:07 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 13 Jan 2023 16:07:24 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 33A4 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcS-vwEquMrqAEy91YEAdlc86j3JT7uYX4Lxdi_sjV0I9alnJ4gI&usqp=CAI
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f53d966fde824d81737373d60fd0edc349ac72f6b26fe8c5874a8e0aaeb3aeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:18 GMT
x-content-type-options
nosniff
last-modified
Thu, 21 Nov 2019 16:06:30 GMT
server
sffe
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18759
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 18 Jan 2023 09:57:18 GMT
index.html
s0.2mdn.net/sadbundle/15669929445323564715/ Frame B183 		1 KB
613 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15669929445323564715/index.html?e=69&leftOffset=0&topOffset=0&c=gNPp4LbTL4&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
855ec27b2d920d20d9f118c67e5c71600cf3e3417a6095dda4df7be33648c4cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
585
date
Tue, 18 Jan 2022 09:57:18 GMT
expires
Wed, 18 Jan 2023 09:57:18 GMT
cache-control
public, max-age=31536000
last-modified
Fri, 03 Dec 2021 14:56:24 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame FBA2 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu1kVqhwWxXamwTQV9LrKne1rRTe1QuE14SKDLO_KaWDg2C6DDNZHjuZoXOop_8afak4t8VWqAsHOPGvOuL2iD5ZyvZTCVpU2FgqBqcbXZYp0C966d_AVxW5tCyuckoriXmSggXUqq2QF7HTb23F9PFSEvz3i4MNm-Hlwf79q58qceZB5FrnSu_f6HwUSoE3ZUsUa8bct84Hz9PAF05dVm7xGqUvjymLBu-CZOIhuqbSe0_SalgFXljI1PKFWeQL2GWKS_CKayoMe4V6gQ2sGbzTeQYlLxvmEA_zTvnn4gAt2cxtGYl8mbLNE8yzrQijZko74yd8SPhPZks-xlUKH7W2ZVr-R0rUNBVbCVPMoH0XlZDT0Iqf06MXnF-pplk1SWj5IFGEpMCkA7Xnc2nUF-kgJU4V7q1q0tjuRE8q-RLrDJcNWZyXaV8Y0b0tUriFdDVhK6jR0TaGSLFhXThkXyTSz5Mg3A4MZNNevhHXw1RELT8vaK8OM0i9GhHIY04sihw9TDeQELs1Jz7OKppyClHPMinrsDsg_grtcJJxXFiVZslNfbWXaTUP6gbwURrARMSmlK4GSs75B4Bu_fhYcWsd1Qk2MHhhch9Os2IpgRFJEC0dOj82RA9Tf_htbQp0ftSfx5QFkFbndqmeKM-MTD6hzLCLUaNdRgIuzcgQW4gPpEenkrKFEqnIRwKjbsSUmLfY4IU2Kh_2Oeo163m6dmT9s7OhAfQFNLdDLlilRCFOsIo9NxCSyEDjuckPn7aRk3UouD-wo93UUz8Ea9oJwo06hb8KaPS342omifkBrPpBF6dHJB7sDoaGpYJNF7GmA8IOJaKkFVWJUb9iJOWWQBy8wMBO5hc1Km8WMKn0IwUYs1rd7MYBFgX-sfQ9fy9sG0xpdF0vXovq8vStSWqQ7j3CgLCg695BnQkA7gMmIuUG1z36qYVbRRGc9VbHGA4tUwpqOCcmdSQkIv6YQWADUOLmOorUWhRBmETlhkd9Z4hMTcDKVVV7zrtwzPrrV5wjFMnCgQ3nGyUEemCXNZBOzEb8LEyKClN5q9X8Infacx2Kr6Gl80FcgNtQ983kEWTLuCEfgraPU9mrQAb_B0FI4_CyolyoeXaQ917hLlOIVWHXkSZOklamzPQ_PDT1HwbsE0qq7ySOEHviMCxhDSOh567a_qVoL0_auGHyfgEU-Jvboivw4_Jn_BH8wzVbExvjA0kVqBkEMPsoPcbZ-XPWwML-UUanyAfliys5y_sJOVpXf13yBnVTLo2z50aoiw5lxZcZ3IKSvhI3yb0Z3dGEKPTTiNX&sai=AMfl-YQCZGJjxp_kxq1-vyToNUnCrYImrAFYe-s9DvuNOwKGQHATrqd2BPRbcHjNgwwX0Bfp20W5_OpCMD_pwBWpiJZHQ73OunARvEVp33rgUURseLAIN9JccUJ6JiIhIFCmygVxtYzIYFaG2sxyPgG95rB6XGG9pA&sig=Cg0ArKJSzJj7U9OTJajSEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=613&cbvp=1&cstd=605&cisv=r20220112.93337&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 18 Jan 2022 09:57:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
ai.aspx
m.exactag.com/ Frame FBA2 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_it&extLi=26906552&extCr=162732086&extPm=322830967&gdpr_consent=&gdpr=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=2889027078&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837175&bpp=1&bdt=636&idt=488&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1482&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=QKk4MsTAEe&p=https%3A//www.farfeshplus.online&dtd=490
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
213.202.235.8 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection
close
X-ET-Monitoring
1
Content-Length
43
Pragma
no-cache
X-ET-Code
0
Last-Modified
Di, 18 Jan 2022 09:57:18 GMT
Server
Microsoft-IIS/8.5
Date
Tue, 18 Jan 2022 09:57:17 GMT
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1627
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 0C38 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3388934107&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837157&bpp=1&bdt=618&idt=478&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=OQC0fQNSPT&p=https%3A//www.farfeshplus.online&dtd=482
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:31:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69940
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Jan 2023 14:31:38 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0C51 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3388934107&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837157&bpp=1&bdt=618&idt=478&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=OQC0fQNSPT&p=https%3A//www.farfeshplus.online&dtd=482
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 17 Jan 2022 13:26:12 GMT
expires
Tue, 18 Jan 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
73866
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 0C38 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b036201259949ca453154b8aef567ba49b5a61f6585af607cc1322b4f35baeb6

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9E51 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=194721897&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1642499837&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837225&bpp=4&bdt=685&idt=465&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=2416&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=MOK4ELxiBJ&p=https%3A//www.farfeshplus.online&dtd=467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 17 Jan 2022 13:26:12 GMT
expires
Tue, 18 Jan 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
73866
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame BC18 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e686e88e93d4e7e87d3dc4536f4f63174391a0afd095abacb2859cc59b54637d

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame BC18 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 18:21:26 GMT
x-content-type-options
nosniff
age
56152
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 17 Jan 2023 18:21:26 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 5F35 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=44454688;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CKMev_I7mYejfM7aS7_UP0pC00AGmuaK3Z7aZv_CpDfAuEAEglZvKIWD9gpGE6BGgAZnb4eACyAEJqQJVRqiZDyGzPqgDAaoEnQJP0ImlpyQOVXq8LHOmsnql3y-KCBFj3VGI_cGbPD7-9CLRMtzwKKeHjOs8mGSSJTiiTFNqm7HJXUU43Z3uhb7y3f944Nv38Q-AYeeztQ9jhjwvf6tTvddpwdvCC9xl-CcqYCS-L5fsfXFfuq5sdCvx76GS3dPd50rK3xUwWfbeANtcaQ_ftkZ9TZV-_s_YujG2LcbHQx9lkXcp5Fi9Xdq6q_omImJivMKybiT2KwCJUaqRVqxObr90o7YF3VRWtTrP0HDdZOwBA6SBT4DTRRpRtYIDQDhr90HE8fyz1MKcB_BNT58BsDE0kUBUGYCUnngdNgREuX4nuzpOUzG4oew6UiVDlGWFfyD__BqpE4GWrQpAFX2OSMEzrFwzkA7ABKeMgcHEA-AEA5AGAaAGTYAHz6SenwGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTU2MjAwNzA5OTAwNTcyODCACgOYCwHICwGADAGwE7ve-g3QEwDYEwPYFAHQFQGAFwE&ae=1&num=1&cid=CAASEuRoK5y8vqmBhiyh8dLAoQo3oQ&sig=AOD64_1ULGzkaA4dVj6IXinBfTIT7IIVbQ&client=ca-pub-3831894559014614&dbm_c=AKAmf-CHq3cBUU490OCNjvEnutiXubLG3ysIHp99HQMIsl1JRo-DrDsj_QcoPKFR-qNbH3OTUaJ66wZZn6L-KCxOcRxJJynOkCFthtoLvI7bvmPEyPWhMikgzMCh3_Sfne2gBEKH5POcUKz3oFAWKdzXGyoI9VRKAw&cry=1&dbm_d=AKAmf-CkIeplFgm1pkGouS8hEoLbx5nyvKl3q61i3t9pDkLYJO8YkUarhpdurFK0InREN541xMyzD2qrg8MsyWxOAvmKyr15Dh2kMTppmtVCQ_m8kA-Am2reUnlgmcW0ohTRDlWaaMU5u5Krq8jGf4cF3AutlLZTieefh2dOBz021VUtdaNQhb3Q3FkA0C3Lql_mK2i6WQBe0DNdUYzm1fhzY0RfXHCRwq-Tw5KJL34hGW6xxFO6TWxtkLE50jdSO4J7gRJoWwopBmwlpHXl2_Z7MrgLvsykpZeRpgTVpXksLD-Ir6WXOYUGUPFs2YWBVrX2ddjD6bmbZChhznGU2ezltj8VMyTSg90lk41RDRV9IaMqtb5gWCObkfxWDPLC3wcajycAKzocC0Wj_Ti4IcSuA-_7sadgDo3x6NS2Xb7twI8nDpo4SvzZU1oOONHIzvCX9qNKbWue1jNGzgjKdGPmtUc6ER9Fpg&adurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
18191afabdd55f31f8da7876213eb471318fcbff80cd186aba13bbe8d7461585

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:18 GMT
content-encoding
gzip
last-modified
Wed, 05 Jan 2022 15:01:11 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 19 Jan 2022 13:27:01 GMT
css
fonts.googleapis.com/ Frame B159 		2 KB
532 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 18 Jan 2022 08:46:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 18 Jan 2022 09:57:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 18 Jan 2022 09:57:18 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame B159 		1 KB
885 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:54:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
848
x-xss-protection
0
server
cafe
etag
2277666839114365613
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:54:48 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame B159 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C3wWf_I7mYc3bHdKC9u8PnMCR-ASrguDSZ5qw_pjzDMSmn6rfGhABIK2JgyZg_YKRhOgRoAHph7_uA8gBCakCZYc6tIwesz7gAgCoAwHIA5sEqgSkAk_QxEtya7pgHR3ec1C8ORg9kn0BSxUHUWpjV1HmFt3otcc6u9SinF4dy1rda-SKkfNbf3CbVY-UkvE-j-Me7zWLcsNCBDYTcNMaAZYL4BNlx04RZ0LCBeskNGXZJi6Hvmv9nLaA7r1XzKRbzulGSGnrWTptWVZ152Lu1BorjIA8LoI2Hsyu8Q9y342wCVNOW5E_QjFkYmKcaOwPuW1XJboANXdknMwWCaT9oB_zpBEIwybQhPqlfmUr8ldRVbN73ahoGSTdrmIXV51OSdNXogugeaBhXznxl2GTihNKCMK9_ZoelEOQ6TeHfdbpcQjkYLUWeMJlXwOurDROMXuMyHSMeit4fkpntZODV2ETCQbHwNtcSJXK7dPadpKioMK49Z4bYgfABK6f4-CeA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeE8MhhqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpr4b2AcA8gcEEJLvAtIICQiI4YAQEAEYHYAKAcgLAdgTDtAVAYAXAbIXHgocCAASFHB1Yi02MjY2MzEzMTkwMDg3MTczGLXyFA&sigh=mPcX5DxMMNM&uach_m=[UACH]&template_id=494
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame B159 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite_fy2019.js
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:52:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
318
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:52:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame B159 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:54:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
197
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:54:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B159 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 18 Jan 2022 09:57:18 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame B159 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1073
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:39:25 GMT
l
www.google.com/ads/measurement/ Frame B159 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTWc22O7bUOqFozRtblkqVFwwbqLqHtIv4yPD7tJNlIkkBrZnrM-QyIegpFm9ntG2ipbZu7AyCdpNYJrY9uUbn5r2fCvA
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
b08052bb948632636d2eb594b39baf17.js
www.gstatic.com/mysidia/ Frame B159 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b08052bb948632636d2eb594b39baf17.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7cb23a8c81d8e04f278b4ebbcc8c169c2f602398e4fb0f336dbf71e4752470c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 15:07:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
413377
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11476
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 08:34:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 13 Apr 2022 15:07:41 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame FBA2 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=2889027078&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837175&bpp=1&bdt=636&idt=488&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1482&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=QKk4MsTAEe&p=https%3A//www.farfeshplus.online&dtd=490
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:31:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69940
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Jan 2023 14:31:38 GMT
main.gr.19.8.280.js
static.adsafeprotected.com/ Frame FBA2 		188 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.280.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=925113&advId=818662947&campId=15562801328&pubId=1&placementId=396633038&adsafe_par&bundleId=&dealId=&bidurl=https://www.farfeshplus.online/FP45.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3a2d9cbe8b064e127245b7b16fa32baf1b1512aa3a3c8bdb3e499a4af1eea2f4

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 23:31:11 GMT
content-encoding
gzip
age
555968
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 11 Jan 2022 23:16:08 GMT
server
AmazonS3
etag
W/"90392bea80ae4672c9e7068b39b989e3"
vary
Accept-Encoding
x-amz-version-id
yTEXMMT7bLWcsJAanoak73m.vg84ulfF
via
1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
DUS51-P1
content-type
application/javascript
x-amz-cf-id
ZPPFxw4KcJK4OA1XcSQ2-Kna-KFzpZaqZyS_klXxnjl-0XcXBnhsHA==
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4830 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=2889027078&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837175&bpp=1&bdt=636&idt=488&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1482&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=QKk4MsTAEe&p=https%3A//www.farfeshplus.online&dtd=490
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 17 Jan 2022 13:26:12 GMT
expires
Tue, 18 Jan 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
73866
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame FBA2 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d7412b3654cfb35cac728b96d2c5fe92c7b01368023b75958ba5562f3ec7d33

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
shopping
encrypted-tbn1.gstatic.com/ Frame B159 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQQYXqWFf0gtS1riUfdZ-cDFFKNtxm1WTca3G1F5i8BNV2b7OEuZurmQkANqQg&usqp=CAI
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d6feebd450355c99036bde7f128dbe3b49a5381e1530be357a585106a83e372
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 19:05:24 GMT
x-content-type-options
nosniff
age
485514
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29419
x-xss-protection
0
last-modified
Wed, 14 Jul 2021 01:16:13 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 12 Jan 2023 19:05:24 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame B159 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcR3bOnkk_rxQlO17GcXhUP-TrOzanBET3H1v7rgjX_ziTQf9eVuYl9Oq2fc1Q&usqp=CAI
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56b85b53790f989fcc3f306d74f634fcde57471c61af5c61e451deffe8df554e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 11:27:14 GMT
x-content-type-options
nosniff
age
167404
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18598
x-xss-protection
0
last-modified
Fri, 30 Apr 2021 02:04:29 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Mon, 16 Jan 2023 11:27:14 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame B159 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTdWlFg49uimj_dM7miTuL3IUDLs693AzU-llkNaudFpGWMbZyJ5dz3Bl-AIA&usqp=CAI
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18a8f89bf953e9404baabdd6c9e5c8e0bb356f99d4c7e7259bf5c55affbef4cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 16:07:24 GMT
x-content-type-options
nosniff
age
409794
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25720
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 02:24:07 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 13 Jan 2023 16:07:24 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame B159 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQRhwy4RZ05psDp02rcYztmqafds1Kl9n1H5cDKEVVUXcYwH_rUjz3YPk1GYD8&usqp=CAI
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f712c1e362606bf8f7528095249363adb2cdb156b6fd3dbee7814909f3d27774
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 17:00:13 GMT
x-content-type-options
nosniff
age
147425
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16950
x-xss-protection
0
last-modified
Sat, 30 Oct 2021 05:27:20 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Mon, 16 Jan 2023 17:00:13 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame B159 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTa4sA3FtbP2VfHnLKXcpXBf1Xhwhy1F7XkRMTHoct7v_E2TYDzWJJxb1ZcL70&usqp=CAI
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c0342e7c965d0c5d6c86ac23f9b181c35e40b78503459e55748d41d17a3e81c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 12:05:53 GMT
x-content-type-options
nosniff
age
424285
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19966
x-xss-protection
0
last-modified
Fri, 23 Jul 2021 06:10:50 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 13 Jan 2023 12:05:53 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame B159 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTl3lCmAauqUWids9SOAmif6BtBYMI9rFAPrCw3oIioVhsRaXQ6dQX-zINy7uc&usqp=CAI
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4082bc229f7bb07422c69a1e02214aa740fcf467378f2a4215d1ebf476e779e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 08:20:47 GMT
x-content-type-options
nosniff
age
5791
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35547
x-xss-protection
0
last-modified
Mon, 25 Oct 2021 11:12:39 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 18 Jan 2023 08:20:47 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame B159 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcScz9OE6PbOa-eFjBY4idFnTFLDRj05G2pkMwMiuJXZPp0XrkqXLvgck4qSLek&usqp=CAI
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df1cc3f2c21e29e1bc1a8ecd02688dd597adc32d696ddc92804447527ae71922
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 14:29:45 GMT
x-content-type-options
nosniff
age
156453
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7551
x-xss-protection
0
last-modified
Sat, 07 Aug 2021 13:17:36 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Mon, 16 Jan 2023 14:29:45 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame B159 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSFE_1tYmGpB5IbSeHjXVK7s9Eorchs4fPy0VYXMVvYuuQtpdIGPrpzsk4dLOU&usqp=CAI
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c48c9da6c3f37d6bca75a6538a6a0f9552983f2d7a8ae7926d558f73fbd75d49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 07:40:28 GMT
x-content-type-options
nosniff
age
440210
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10202
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 15:28:54 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 13 Jan 2023 07:40:28 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame B159 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSPkACjJN9Tk0cFRshIKhHkwC6K3j8RSe7ATUi_DQr06GP7gJKH&usqp=CAI
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2961d6e64a2259862bbde21c985b1e6878e2b3788388aaa52c31ab2e2a84aa1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 09:44:09 GMT
x-content-type-options
nosniff
age
519189
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4948
x-xss-protection
0
last-modified
Wed, 27 Nov 2019 12:15:34 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 12 Jan 2023 09:44:09 GMT
u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
pagead2.googlesyndication.com/bg/ Frame 9701 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb5358c6c980f19540bb6b15ccf641878aa3d8530e3e225df2e59eab005c3dd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:52:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
32716
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13653
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Jan 2023 00:52:02 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame A688 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-De8XvCQ8b5l9wdyelAR59kGt25wg4o7XF3HVCUq2KZBgffsSKW0uaQOH3c8OH0_HsDIDPdvgHI0WFK7xvbIS0aOQMS8pbanXyz6Y5LObem7CqZ5l4ccpwSu-6qk4mPbhA9ypQHEQ76NVDK79Af5KKdsYEqYQ&dbm_d=AKAmf-CtCek3eTisLPE0VsAheFMkWVWnlZW3Ti74j_e_9H1nlsR-ISRJKf6oCmxq7xVIKzHHipywgg25yh4J6bQHaWs693g-wYeTolxsn-Yud9rT4WIbc9zsHzJZEXDV0Zqy_5dDtrmPXuLDgI0M5fTfmndnQFCQBZvSjuD4B8ImN2KEFs_r8dxnjRHT3xNw6fQRJPAiqDRSivghnet7uoJ-hENuQMcIHk0R1rzs6qy4T20fkPYYENYgm2evMZNKmdBrtAScFoag5DuQXeX2bBtnv0_wBYUJ8JX5tbLBTLKeO1WtdMGdBFAfYLD7DTA-sZrTVnlbprqFf35wVYhuxv9awJGJPuFnUP-aO13AI_WQdInUCRG_MhTnl9LBM373QdDFf-D4mJzamQ4Gl3Qu8JuNXyyWxEremzOnIWatMOO9rd7KmgYh7CiHFQpa0Sk4nB-jZLPwQEl5VWt8Jj98vzqoXWywNQLs4vvOmB9e2GdsDeJuAXYMDK4wCxYXsNeQ-x1tqUF2B0UUmPu9ThKwfXqLGYZnZsC9PRJXEt0KQpp185kjk9dRoMglcWxvpj7JSzcmsvE93taaFP-45Wc1V7WW8Gwg9rwmSsMphH3Ra52cS9BGRxI2arvp9kYm7vUJfOiKGxH0VZH55kEzN5nxICi90wS_-Y3gTbtL5jBynz6nH2S1SyQKowJ2rJXBWEvSHd5eyG4TF67c9C3kV9MStZoFhKbNh6tOQImhq77FtiRzh1HG-6zGvnvawT1di5cnHwBIR3W-5_wrg70kSa3WiCQsp8zMrlk9vJPjkvHspo6R6OsjnxTnixj71VHkvAraQ_ZWbCExLFP69vlxLX00XwMviLm0gemUxub3Vz2lVmFl6DZ2fU-vTibsMwjY-hBHINtf4TuEk0LYsUy1XJp0QPxOCp3WehQV40qbvOCLUcOLpogS7d3FuUYSiNYIAneBgghoS5Z120sqbJwg0pVI475Hlzjg_-RwNGEKWutyeZm9uIT_5CRnkolN7hGCU7EcFew_uA_6u4hjWu6GBzZrzekqXB1mbLvfdIDJAG861Ygd1q5-9BpkhkMGBVTDpbSVt9EDfT5IY3upJ7F__PFC0YSQbJYJjUbKyD2v2afUa3tb_rV8Md2KE2JVbr31l9OPwIivbPDxkLKyDGEgttV2LbxCCf3pZdeTdg4G5WQtcoxNcTPpruw88NA7aTOFZWoycmOOmNHCh1gbzaLNRqDb3TNzCziSNibW4-ShBDjbIkkBh-znaM36VcYC_tE25Fgrtd0FWB-MGhCv1zg_Unjtt7hzFsWqR1DbOu9qcuT1CXgZqwcfMgO9Ym9-23wI2TgXw6wnkag7h6UnMNNraTk_I79o6ZLODMfWK9C098JoBh09dZkWwV62jLLg9Fehk1fLIuwDsMwrIY__pWxeZK_vAGZwSqyIh9QF4wqKnRs8QjqBJMFE9s0XLxswNJ7_LAYZoJ5FRVwR3g9NG-v4KmG13b8-d3hbeQMVus1AgXhbD70JLgW4fC4HQjzRB6WT8b3IXYiHYX0ho9f00-r9oA8juQtffJpd6e_LYZJy549sT_8oufqdILLrTuoccDu-YJL4n3cRZnxGMH2PYDEZmg0-DMJDnunfk0PBFu8HYivrIC52lugW9DqtAx8TFh_QUnS7ZKd3m_zumKHtFEPSJoiNqvccJI0VrWP61hYN91It3ohKLbS6ZP1TMI_GPAr_SwMsceZeT-cGojG_MHN_W2cQ8FLJQeh04rzUCEtvCr-0J_lePlkwfR6_bcTx8xQeAhGL8bPVdFvFRMRnsM1ILusRgaj8u0K5OX91OrM0pbKcUaBZy7gnixRlrJhb0_50x1jmdQrd8u9yBWvvlFsOEZVYST8CjqFk19jnvf-oCwzAwrBrPcVL3d_IfSkGbIjfMTz1CJaEV3ieo392FjzlABB-KIcFohLRT4Rb3kieJMY6m9KJT35BUNBRzWP_WBDiF5iu_9sUXEQzU4keFrXkI_mwKMSFBoTK7ushDu5VqxFQdiozCjDdry8d4JniMz7DmMg37_sUmlIFeLJf6yhQbOMdvpPxRZek7VAYJ_YcLIBVdAQRQwV63de2yhVxWYJ1QCtT1upTayePQ5Gl9FgSGLyjEHFr04S6wQcDgNGK8ylFg88cOak6ATK9kmU8RDSmBZ4W2uUJjuokM5xOfJy_Fatjc4tSapUpZRlUbQxcKO_5EzapoUoC5eiCcEIa2L2cxRryp0UyZE9-UPHv-1eyjzyGfpcNwEfgoIv6oi8N0m0XBwONSbgpakBsinQyJoNW8lgKd0bUxyT1zKwAHStxlaNbjUVuv2_7HKthyt8ElL4MN45Wig5sA2LbbFmpFuqN3AQPwrOGDdCLOKPb2aiaPCzWOmeC8hB7dIE8qmZwIueAiXcHdaYtF6Pb6rnew7Lvy_tZp4Druya8e-pp9xpnm1uGbmMqlLtDskVCYUJ3IwTh7DbAyBIZ2t305F2kK7cGqYJSebHig1Zg0XEzVyel524lwt7NQZ8cwNJ0n2aVSWFkx4S60G2Lj5K7bDWMZZT8L0J0VKKoealM9SoNZ5ugdLwVTaPryJ1zXhIj_MTl3eYA_GJ1ybmfhX2LMLq-pFmUeeJDCtxaOxcOr89C2uNi4PQrK10yrMg8BDvyxRQTe5kVqT0oSbWfoh94dujTdke6MCS-mmyCH0D4yICuYILl3NUL8zif1GE9IZkee15iQhdzSP862AOh6xPocNMFcUm1wfkPnN4GQQXpTs-DmVQ4Y3oABqK7UlELdDRPc_-a5gpRV4-PLp0Voz3EmYhjBDnKXMHdBtYBBzd2aPMDrdJ1pSm-joZyMIJzzeyAk81SRePm7fG-wBbfwDjgF078SLQg83jJ0A56B0haXZUpBdHKn7NyW0vpwXAdYMse3ahfCkcU0SZlpJh8uhgNb93w7kwaGPpD3ZcA9wq9aGnJNb9Hbw1i4egCAiVC98j835Qh9k5q26q7R1j_gCfOsyZfJyJCq_1-0z1Zq7nntKuun5OtwNb5R_wp68NwhtwlzxEFqFMZ2QOP5xtO1ExCkoSdNTZKd2m7DL2VJHlm4FpDUDXo5uf8DlGYQgtQne9-GiV2XrOvuRf9_hJpTzifgNWXhbY83t52n4zB6jV2HMLPALz1nhT1TpRs_QhzHnSI8DaniRH2S3yk2MAH9sETEfQ&cid=CAASEuRoZnNEHxPsyAtDHH6oeLhxaQ&rfl=2%2Chttps%253A%252F%252Fwww.farfeshplus.online%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7c55617f84818daf4c70cc10ada26ddd5b582b1d1c2c2829b3220487a6db477
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:54:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
160
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
server
cafe
etag
6261108306223674270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:54:38 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/elements/html/ Frame A688 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-De8XvCQ8b5l9wdyelAR59kGt25wg4o7XF3HVCUq2KZBgffsSKW0uaQOH3c8OH0_HsDIDPdvgHI0WFK7xvbIS0aOQMS8pbanXyz6Y5LObem7CqZ5l4ccpwSu-6qk4mPbhA9ypQHEQ76NVDK79Af5KKdsYEqYQ&dbm_d=AKAmf-CtCek3eTisLPE0VsAheFMkWVWnlZW3Ti74j_e_9H1nlsR-ISRJKf6oCmxq7xVIKzHHipywgg25yh4J6bQHaWs693g-wYeTolxsn-Yud9rT4WIbc9zsHzJZEXDV0Zqy_5dDtrmPXuLDgI0M5fTfmndnQFCQBZvSjuD4B8ImN2KEFs_r8dxnjRHT3xNw6fQRJPAiqDRSivghnet7uoJ-hENuQMcIHk0R1rzs6qy4T20fkPYYENYgm2evMZNKmdBrtAScFoag5DuQXeX2bBtnv0_wBYUJ8JX5tbLBTLKeO1WtdMGdBFAfYLD7DTA-sZrTVnlbprqFf35wVYhuxv9awJGJPuFnUP-aO13AI_WQdInUCRG_MhTnl9LBM373QdDFf-D4mJzamQ4Gl3Qu8JuNXyyWxEremzOnIWatMOO9rd7KmgYh7CiHFQpa0Sk4nB-jZLPwQEl5VWt8Jj98vzqoXWywNQLs4vvOmB9e2GdsDeJuAXYMDK4wCxYXsNeQ-x1tqUF2B0UUmPu9ThKwfXqLGYZnZsC9PRJXEt0KQpp185kjk9dRoMglcWxvpj7JSzcmsvE93taaFP-45Wc1V7WW8Gwg9rwmSsMphH3Ra52cS9BGRxI2arvp9kYm7vUJfOiKGxH0VZH55kEzN5nxICi90wS_-Y3gTbtL5jBynz6nH2S1SyQKowJ2rJXBWEvSHd5eyG4TF67c9C3kV9MStZoFhKbNh6tOQImhq77FtiRzh1HG-6zGvnvawT1di5cnHwBIR3W-5_wrg70kSa3WiCQsp8zMrlk9vJPjkvHspo6R6OsjnxTnixj71VHkvAraQ_ZWbCExLFP69vlxLX00XwMviLm0gemUxub3Vz2lVmFl6DZ2fU-vTibsMwjY-hBHINtf4TuEk0LYsUy1XJp0QPxOCp3WehQV40qbvOCLUcOLpogS7d3FuUYSiNYIAneBgghoS5Z120sqbJwg0pVI475Hlzjg_-RwNGEKWutyeZm9uIT_5CRnkolN7hGCU7EcFew_uA_6u4hjWu6GBzZrzekqXB1mbLvfdIDJAG861Ygd1q5-9BpkhkMGBVTDpbSVt9EDfT5IY3upJ7F__PFC0YSQbJYJjUbKyD2v2afUa3tb_rV8Md2KE2JVbr31l9OPwIivbPDxkLKyDGEgttV2LbxCCf3pZdeTdg4G5WQtcoxNcTPpruw88NA7aTOFZWoycmOOmNHCh1gbzaLNRqDb3TNzCziSNibW4-ShBDjbIkkBh-znaM36VcYC_tE25Fgrtd0FWB-MGhCv1zg_Unjtt7hzFsWqR1DbOu9qcuT1CXgZqwcfMgO9Ym9-23wI2TgXw6wnkag7h6UnMNNraTk_I79o6ZLODMfWK9C098JoBh09dZkWwV62jLLg9Fehk1fLIuwDsMwrIY__pWxeZK_vAGZwSqyIh9QF4wqKnRs8QjqBJMFE9s0XLxswNJ7_LAYZoJ5FRVwR3g9NG-v4KmG13b8-d3hbeQMVus1AgXhbD70JLgW4fC4HQjzRB6WT8b3IXYiHYX0ho9f00-r9oA8juQtffJpd6e_LYZJy549sT_8oufqdILLrTuoccDu-YJL4n3cRZnxGMH2PYDEZmg0-DMJDnunfk0PBFu8HYivrIC52lugW9DqtAx8TFh_QUnS7ZKd3m_zumKHtFEPSJoiNqvccJI0VrWP61hYN91It3ohKLbS6ZP1TMI_GPAr_SwMsceZeT-cGojG_MHN_W2cQ8FLJQeh04rzUCEtvCr-0J_lePlkwfR6_bcTx8xQeAhGL8bPVdFvFRMRnsM1ILusRgaj8u0K5OX91OrM0pbKcUaBZy7gnixRlrJhb0_50x1jmdQrd8u9yBWvvlFsOEZVYST8CjqFk19jnvf-oCwzAwrBrPcVL3d_IfSkGbIjfMTz1CJaEV3ieo392FjzlABB-KIcFohLRT4Rb3kieJMY6m9KJT35BUNBRzWP_WBDiF5iu_9sUXEQzU4keFrXkI_mwKMSFBoTK7ushDu5VqxFQdiozCjDdry8d4JniMz7DmMg37_sUmlIFeLJf6yhQbOMdvpPxRZek7VAYJ_YcLIBVdAQRQwV63de2yhVxWYJ1QCtT1upTayePQ5Gl9FgSGLyjEHFr04S6wQcDgNGK8ylFg88cOak6ATK9kmU8RDSmBZ4W2uUJjuokM5xOfJy_Fatjc4tSapUpZRlUbQxcKO_5EzapoUoC5eiCcEIa2L2cxRryp0UyZE9-UPHv-1eyjzyGfpcNwEfgoIv6oi8N0m0XBwONSbgpakBsinQyJoNW8lgKd0bUxyT1zKwAHStxlaNbjUVuv2_7HKthyt8ElL4MN45Wig5sA2LbbFmpFuqN3AQPwrOGDdCLOKPb2aiaPCzWOmeC8hB7dIE8qmZwIueAiXcHdaYtF6Pb6rnew7Lvy_tZp4Druya8e-pp9xpnm1uGbmMqlLtDskVCYUJ3IwTh7DbAyBIZ2t305F2kK7cGqYJSebHig1Zg0XEzVyel524lwt7NQZ8cwNJ0n2aVSWFkx4S60G2Lj5K7bDWMZZT8L0J0VKKoealM9SoNZ5ugdLwVTaPryJ1zXhIj_MTl3eYA_GJ1ybmfhX2LMLq-pFmUeeJDCtxaOxcOr89C2uNi4PQrK10yrMg8BDvyxRQTe5kVqT0oSbWfoh94dujTdke6MCS-mmyCH0D4yICuYILl3NUL8zif1GE9IZkee15iQhdzSP862AOh6xPocNMFcUm1wfkPnN4GQQXpTs-DmVQ4Y3oABqK7UlELdDRPc_-a5gpRV4-PLp0Voz3EmYhjBDnKXMHdBtYBBzd2aPMDrdJ1pSm-joZyMIJzzeyAk81SRePm7fG-wBbfwDjgF078SLQg83jJ0A56B0haXZUpBdHKn7NyW0vpwXAdYMse3ahfCkcU0SZlpJh8uhgNb93w7kwaGPpD3ZcA9wq9aGnJNb9Hbw1i4egCAiVC98j835Qh9k5q26q7R1j_gCfOsyZfJyJCq_1-0z1Zq7nntKuun5OtwNb5R_wp68NwhtwlzxEFqFMZ2QOP5xtO1ExCkoSdNTZKd2m7DL2VJHlm4FpDUDXo5uf8DlGYQgtQne9-GiV2XrOvuRf9_hJpTzifgNWXhbY83t52n4zB6jV2HMLPALz1nhT1TpRs_QhzHnSI8DaniRH2S3yk2MAH9sETEfQ&cid=CAASEuRoZnNEHxPsyAtDHH6oeLhxaQ&rfl=2%2Chttps%253A%252F%252Fwww.farfeshplus.online%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:52:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
282
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:52:36 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A688 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssY3dkrgqaFne1cd7yLd2mteU6edlvaINFU7o64lBqmW09rFSnQ0mySo83oj5DF4oeTNiik5M9trdGkSI1a4Z8gfWVzwQOZP1uMNHyyXkizOpDHkDo4tnfPxYOooxxrojnEhdKCC4ShNqoAcsnSMfG9d9FuBvE8B6YScqnYSQ-ieuKOKO-kfpV6luUeEgxzOVUQcWcT5yW-n6ZyMGV3SCAyjw5a_zsikr541qq3y5fGgyKE95Dop4QgTZx3RXn_zIx3LHBPk-Qvvj-cKxLk3wk2vZYFt_47Nzlh8ei9n-AYhYv2ZONF0l8u88JB5fKMGT962hs_xdMFCMMQn0IQuN_SV5zBPPdoLWT6NU1WNG_PqiUBeaBC28wvNs4CX_hdMVwU7loZKJUYy2ue5f1vNuotk02WFX1RSrnSGVDj5KXemBB70OTrsmEtKKMhlpjEinTSiMe-HwvCulrDHy-TFT9JkwhGrXOgps7cAOzpPS3Dlg33auEqOX1ZhvxFdLV1utwHgIeuFI7deKPcB7kRZzbhbNeK-DoVWYufOUkbOecrh9CviYf_F1qyM0fP7wq9rajXFuQLeGiH0wSg3aojJ6X47kQqGhVCMdWtr9W7pb3pLghhPatqeNghvicsxZ-mmRP_REv3ia6b2UBB6htJ2SH4rzYGccJofn-36_TyR82m5qy16OQorji0vRddvZK4sbcixHsGndytzy7r-aLyEATIT4VGRE8XEBKQGSkybS9mt8zPjb5pPg0viOy1v8kIDSWxsdhhnzTtRKfvrknxBlltIEJM2mG0kagdMduUPL8K1g2mPfrHplAXRSUd0im-iiyZXeBeO0-D9nlp17ddxICVPoL8KzU3M8_kvRohKKRSW-_3AjD1jtwlq5PdB22oM_W2g_wWxJ9vdUvNE1BO65aQtuv6CoD1uBVOMe_JdZ-j8FLBuX57ILLd20CS6_aHoJcAVy2aqRqaa9UyznVLDCm2eck1nLYXhzTcgL2Z-1DzFz3coprNvSoPq7JVAF_lssfRShMXHtu8aX3WoYhzMNvSA_x6b7QxqKUzBs-nLu8aPT5zS0dyX4dcJDg3Il3K0FYbCGLkx2HLi3xxyD5z5d4_e0c0G5ZtWeOVVCN-14KK_60Q1Aaoacogulqu_5OgwlLAeq-vU2wnbRjzJo51DZCLoRPESzQGptLExiTblpNSCPyk1pcHvAyYbcnkZSemGczpzu8rrHjdeKw3sKVMPx5DO3Yb_GMmC7QtKmADf2yCAeo2Q6rhdBTjSgrR7PMAdgy_PbE6wW1Umw&sai=AMfl-YR_dhvcb6jR2OpBWOU2J_uDxMuAzKDK-FbdPetIqHbW96JY7Lki-DfJsypbt81XI6tkL7syLND9Akv65yWfp-Ely_0RviP-7w061nGD4zJlUW_mBiFDvdviymFtK9rmxKm9mZcInwtGi1PHRHn9q4jHiurf_oc-XhytV5xcaNkt3Fw9esraRw&sig=Cg0ArKJSzGrlg29sJeyOEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220112.55649&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-De8XvCQ8b5l9wdyelAR59kGt25wg4o7XF3HVCUq2KZBgffsSKW0uaQOH3c8OH0_HsDIDPdvgHI0WFK7xvbIS0aOQMS8pbanXyz6Y5LObem7CqZ5l4ccpwSu-6qk4mPbhA9ypQHEQ76NVDK79Af5KKdsYEqYQ&dbm_d=AKAmf-CtCek3eTisLPE0VsAheFMkWVWnlZW3Ti74j_e_9H1nlsR-ISRJKf6oCmxq7xVIKzHHipywgg25yh4J6bQHaWs693g-wYeTolxsn-Yud9rT4WIbc9zsHzJZEXDV0Zqy_5dDtrmPXuLDgI0M5fTfmndnQFCQBZvSjuD4B8ImN2KEFs_r8dxnjRHT3xNw6fQRJPAiqDRSivghnet7uoJ-hENuQMcIHk0R1rzs6qy4T20fkPYYENYgm2evMZNKmdBrtAScFoag5DuQXeX2bBtnv0_wBYUJ8JX5tbLBTLKeO1WtdMGdBFAfYLD7DTA-sZrTVnlbprqFf35wVYhuxv9awJGJPuFnUP-aO13AI_WQdInUCRG_MhTnl9LBM373QdDFf-D4mJzamQ4Gl3Qu8JuNXyyWxEremzOnIWatMOO9rd7KmgYh7CiHFQpa0Sk4nB-jZLPwQEl5VWt8Jj98vzqoXWywNQLs4vvOmB9e2GdsDeJuAXYMDK4wCxYXsNeQ-x1tqUF2B0UUmPu9ThKwfXqLGYZnZsC9PRJXEt0KQpp185kjk9dRoMglcWxvpj7JSzcmsvE93taaFP-45Wc1V7WW8Gwg9rwmSsMphH3Ra52cS9BGRxI2arvp9kYm7vUJfOiKGxH0VZH55kEzN5nxICi90wS_-Y3gTbtL5jBynz6nH2S1SyQKowJ2rJXBWEvSHd5eyG4TF67c9C3kV9MStZoFhKbNh6tOQImhq77FtiRzh1HG-6zGvnvawT1di5cnHwBIR3W-5_wrg70kSa3WiCQsp8zMrlk9vJPjkvHspo6R6OsjnxTnixj71VHkvAraQ_ZWbCExLFP69vlxLX00XwMviLm0gemUxub3Vz2lVmFl6DZ2fU-vTibsMwjY-hBHINtf4TuEk0LYsUy1XJp0QPxOCp3WehQV40qbvOCLUcOLpogS7d3FuUYSiNYIAneBgghoS5Z120sqbJwg0pVI475Hlzjg_-RwNGEKWutyeZm9uIT_5CRnkolN7hGCU7EcFew_uA_6u4hjWu6GBzZrzekqXB1mbLvfdIDJAG861Ygd1q5-9BpkhkMGBVTDpbSVt9EDfT5IY3upJ7F__PFC0YSQbJYJjUbKyD2v2afUa3tb_rV8Md2KE2JVbr31l9OPwIivbPDxkLKyDGEgttV2LbxCCf3pZdeTdg4G5WQtcoxNcTPpruw88NA7aTOFZWoycmOOmNHCh1gbzaLNRqDb3TNzCziSNibW4-ShBDjbIkkBh-znaM36VcYC_tE25Fgrtd0FWB-MGhCv1zg_Unjtt7hzFsWqR1DbOu9qcuT1CXgZqwcfMgO9Ym9-23wI2TgXw6wnkag7h6UnMNNraTk_I79o6ZLODMfWK9C098JoBh09dZkWwV62jLLg9Fehk1fLIuwDsMwrIY__pWxeZK_vAGZwSqyIh9QF4wqKnRs8QjqBJMFE9s0XLxswNJ7_LAYZoJ5FRVwR3g9NG-v4KmG13b8-d3hbeQMVus1AgXhbD70JLgW4fC4HQjzRB6WT8b3IXYiHYX0ho9f00-r9oA8juQtffJpd6e_LYZJy549sT_8oufqdILLrTuoccDu-YJL4n3cRZnxGMH2PYDEZmg0-DMJDnunfk0PBFu8HYivrIC52lugW9DqtAx8TFh_QUnS7ZKd3m_zumKHtFEPSJoiNqvccJI0VrWP61hYN91It3ohKLbS6ZP1TMI_GPAr_SwMsceZeT-cGojG_MHN_W2cQ8FLJQeh04rzUCEtvCr-0J_lePlkwfR6_bcTx8xQeAhGL8bPVdFvFRMRnsM1ILusRgaj8u0K5OX91OrM0pbKcUaBZy7gnixRlrJhb0_50x1jmdQrd8u9yBWvvlFsOEZVYST8CjqFk19jnvf-oCwzAwrBrPcVL3d_IfSkGbIjfMTz1CJaEV3ieo392FjzlABB-KIcFohLRT4Rb3kieJMY6m9KJT35BUNBRzWP_WBDiF5iu_9sUXEQzU4keFrXkI_mwKMSFBoTK7ushDu5VqxFQdiozCjDdry8d4JniMz7DmMg37_sUmlIFeLJf6yhQbOMdvpPxRZek7VAYJ_YcLIBVdAQRQwV63de2yhVxWYJ1QCtT1upTayePQ5Gl9FgSGLyjEHFr04S6wQcDgNGK8ylFg88cOak6ATK9kmU8RDSmBZ4W2uUJjuokM5xOfJy_Fatjc4tSapUpZRlUbQxcKO_5EzapoUoC5eiCcEIa2L2cxRryp0UyZE9-UPHv-1eyjzyGfpcNwEfgoIv6oi8N0m0XBwONSbgpakBsinQyJoNW8lgKd0bUxyT1zKwAHStxlaNbjUVuv2_7HKthyt8ElL4MN45Wig5sA2LbbFmpFuqN3AQPwrOGDdCLOKPb2aiaPCzWOmeC8hB7dIE8qmZwIueAiXcHdaYtF6Pb6rnew7Lvy_tZp4Druya8e-pp9xpnm1uGbmMqlLtDskVCYUJ3IwTh7DbAyBIZ2t305F2kK7cGqYJSebHig1Zg0XEzVyel524lwt7NQZ8cwNJ0n2aVSWFkx4S60G2Lj5K7bDWMZZT8L0J0VKKoealM9SoNZ5ugdLwVTaPryJ1zXhIj_MTl3eYA_GJ1ybmfhX2LMLq-pFmUeeJDCtxaOxcOr89C2uNi4PQrK10yrMg8BDvyxRQTe5kVqT0oSbWfoh94dujTdke6MCS-mmyCH0D4yICuYILl3NUL8zif1GE9IZkee15iQhdzSP862AOh6xPocNMFcUm1wfkPnN4GQQXpTs-DmVQ4Y3oABqK7UlELdDRPc_-a5gpRV4-PLp0Voz3EmYhjBDnKXMHdBtYBBzd2aPMDrdJ1pSm-joZyMIJzzeyAk81SRePm7fG-wBbfwDjgF078SLQg83jJ0A56B0haXZUpBdHKn7NyW0vpwXAdYMse3ahfCkcU0SZlpJh8uhgNb93w7kwaGPpD3ZcA9wq9aGnJNb9Hbw1i4egCAiVC98j835Qh9k5q26q7R1j_gCfOsyZfJyJCq_1-0z1Zq7nntKuun5OtwNb5R_wp68NwhtwlzxEFqFMZ2QOP5xtO1ExCkoSdNTZKd2m7DL2VJHlm4FpDUDXo5uf8DlGYQgtQne9-GiV2XrOvuRf9_hJpTzifgNWXhbY83t52n4zB6jV2HMLPALz1nhT1TpRs_QhzHnSI8DaniRH2S3yk2MAH9sETEfQ&cid=CAASEuRoZnNEHxPsyAtDHH6oeLhxaQ&rfl=2%2Chttps%253A%252F%252Fwww.farfeshplus.online%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 18 Jan 2022 09:57:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A688 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-De8XvCQ8b5l9wdyelAR59kGt25wg4o7XF3HVCUq2KZBgffsSKW0uaQOH3c8OH0_HsDIDPdvgHI0WFK7xvbIS0aOQMS8pbanXyz6Y5LObem7CqZ5l4ccpwSu-6qk4mPbhA9ypQHEQ76NVDK79Af5KKdsYEqYQ&dbm_d=AKAmf-CtCek3eTisLPE0VsAheFMkWVWnlZW3Ti74j_e_9H1nlsR-ISRJKf6oCmxq7xVIKzHHipywgg25yh4J6bQHaWs693g-wYeTolxsn-Yud9rT4WIbc9zsHzJZEXDV0Zqy_5dDtrmPXuLDgI0M5fTfmndnQFCQBZvSjuD4B8ImN2KEFs_r8dxnjRHT3xNw6fQRJPAiqDRSivghnet7uoJ-hENuQMcIHk0R1rzs6qy4T20fkPYYENYgm2evMZNKmdBrtAScFoag5DuQXeX2bBtnv0_wBYUJ8JX5tbLBTLKeO1WtdMGdBFAfYLD7DTA-sZrTVnlbprqFf35wVYhuxv9awJGJPuFnUP-aO13AI_WQdInUCRG_MhTnl9LBM373QdDFf-D4mJzamQ4Gl3Qu8JuNXyyWxEremzOnIWatMOO9rd7KmgYh7CiHFQpa0Sk4nB-jZLPwQEl5VWt8Jj98vzqoXWywNQLs4vvOmB9e2GdsDeJuAXYMDK4wCxYXsNeQ-x1tqUF2B0UUmPu9ThKwfXqLGYZnZsC9PRJXEt0KQpp185kjk9dRoMglcWxvpj7JSzcmsvE93taaFP-45Wc1V7WW8Gwg9rwmSsMphH3Ra52cS9BGRxI2arvp9kYm7vUJfOiKGxH0VZH55kEzN5nxICi90wS_-Y3gTbtL5jBynz6nH2S1SyQKowJ2rJXBWEvSHd5eyG4TF67c9C3kV9MStZoFhKbNh6tOQImhq77FtiRzh1HG-6zGvnvawT1di5cnHwBIR3W-5_wrg70kSa3WiCQsp8zMrlk9vJPjkvHspo6R6OsjnxTnixj71VHkvAraQ_ZWbCExLFP69vlxLX00XwMviLm0gemUxub3Vz2lVmFl6DZ2fU-vTibsMwjY-hBHINtf4TuEk0LYsUy1XJp0QPxOCp3WehQV40qbvOCLUcOLpogS7d3FuUYSiNYIAneBgghoS5Z120sqbJwg0pVI475Hlzjg_-RwNGEKWutyeZm9uIT_5CRnkolN7hGCU7EcFew_uA_6u4hjWu6GBzZrzekqXB1mbLvfdIDJAG861Ygd1q5-9BpkhkMGBVTDpbSVt9EDfT5IY3upJ7F__PFC0YSQbJYJjUbKyD2v2afUa3tb_rV8Md2KE2JVbr31l9OPwIivbPDxkLKyDGEgttV2LbxCCf3pZdeTdg4G5WQtcoxNcTPpruw88NA7aTOFZWoycmOOmNHCh1gbzaLNRqDb3TNzCziSNibW4-ShBDjbIkkBh-znaM36VcYC_tE25Fgrtd0FWB-MGhCv1zg_Unjtt7hzFsWqR1DbOu9qcuT1CXgZqwcfMgO9Ym9-23wI2TgXw6wnkag7h6UnMNNraTk_I79o6ZLODMfWK9C098JoBh09dZkWwV62jLLg9Fehk1fLIuwDsMwrIY__pWxeZK_vAGZwSqyIh9QF4wqKnRs8QjqBJMFE9s0XLxswNJ7_LAYZoJ5FRVwR3g9NG-v4KmG13b8-d3hbeQMVus1AgXhbD70JLgW4fC4HQjzRB6WT8b3IXYiHYX0ho9f00-r9oA8juQtffJpd6e_LYZJy549sT_8oufqdILLrTuoccDu-YJL4n3cRZnxGMH2PYDEZmg0-DMJDnunfk0PBFu8HYivrIC52lugW9DqtAx8TFh_QUnS7ZKd3m_zumKHtFEPSJoiNqvccJI0VrWP61hYN91It3ohKLbS6ZP1TMI_GPAr_SwMsceZeT-cGojG_MHN_W2cQ8FLJQeh04rzUCEtvCr-0J_lePlkwfR6_bcTx8xQeAhGL8bPVdFvFRMRnsM1ILusRgaj8u0K5OX91OrM0pbKcUaBZy7gnixRlrJhb0_50x1jmdQrd8u9yBWvvlFsOEZVYST8CjqFk19jnvf-oCwzAwrBrPcVL3d_IfSkGbIjfMTz1CJaEV3ieo392FjzlABB-KIcFohLRT4Rb3kieJMY6m9KJT35BUNBRzWP_WBDiF5iu_9sUXEQzU4keFrXkI_mwKMSFBoTK7ushDu5VqxFQdiozCjDdry8d4JniMz7DmMg37_sUmlIFeLJf6yhQbOMdvpPxRZek7VAYJ_YcLIBVdAQRQwV63de2yhVxWYJ1QCtT1upTayePQ5Gl9FgSGLyjEHFr04S6wQcDgNGK8ylFg88cOak6ATK9kmU8RDSmBZ4W2uUJjuokM5xOfJy_Fatjc4tSapUpZRlUbQxcKO_5EzapoUoC5eiCcEIa2L2cxRryp0UyZE9-UPHv-1eyjzyGfpcNwEfgoIv6oi8N0m0XBwONSbgpakBsinQyJoNW8lgKd0bUxyT1zKwAHStxlaNbjUVuv2_7HKthyt8ElL4MN45Wig5sA2LbbFmpFuqN3AQPwrOGDdCLOKPb2aiaPCzWOmeC8hB7dIE8qmZwIueAiXcHdaYtF6Pb6rnew7Lvy_tZp4Druya8e-pp9xpnm1uGbmMqlLtDskVCYUJ3IwTh7DbAyBIZ2t305F2kK7cGqYJSebHig1Zg0XEzVyel524lwt7NQZ8cwNJ0n2aVSWFkx4S60G2Lj5K7bDWMZZT8L0J0VKKoealM9SoNZ5ugdLwVTaPryJ1zXhIj_MTl3eYA_GJ1ybmfhX2LMLq-pFmUeeJDCtxaOxcOr89C2uNi4PQrK10yrMg8BDvyxRQTe5kVqT0oSbWfoh94dujTdke6MCS-mmyCH0D4yICuYILl3NUL8zif1GE9IZkee15iQhdzSP862AOh6xPocNMFcUm1wfkPnN4GQQXpTs-DmVQ4Y3oABqK7UlELdDRPc_-a5gpRV4-PLp0Voz3EmYhjBDnKXMHdBtYBBzd2aPMDrdJ1pSm-joZyMIJzzeyAk81SRePm7fG-wBbfwDjgF078SLQg83jJ0A56B0haXZUpBdHKn7NyW0vpwXAdYMse3ahfCkcU0SZlpJh8uhgNb93w7kwaGPpD3ZcA9wq9aGnJNb9Hbw1i4egCAiVC98j835Qh9k5q26q7R1j_gCfOsyZfJyJCq_1-0z1Zq7nntKuun5OtwNb5R_wp68NwhtwlzxEFqFMZ2QOP5xtO1ExCkoSdNTZKd2m7DL2VJHlm4FpDUDXo5uf8DlGYQgtQne9-GiV2XrOvuRf9_hJpTzifgNWXhbY83t52n4zB6jV2HMLPALz1nhT1TpRs_QhzHnSI8DaniRH2S3yk2MAH9sETEfQ&cid=CAASEuRoZnNEHxPsyAtDHH6oeLhxaQ&rfl=2%2Chttps%253A%252F%252Fwww.farfeshplus.online%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:31:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69940
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Jan 2023 14:31:38 GMT
6990494999750546421
s0.2mdn.net/simgad/ Frame A688 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/6990494999750546421
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=280&slotname=9134183485&adk=3378407940&adf=4248194979&pi=t.ma~as.9134183485&w=336&lmt=1642499837&psa=0&format=336x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837268&bpp=5&bdt=728&idt=432&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90%2C728x90%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=3181&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=5&fsb=1&xpc=UYbEHJCse8&p=https%3A//www.farfeshplus.online&dtd=434
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
beac31356467096ae60ed5f7ef8233c223dd5d3ae34291e873f9ee16c6b476ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 15 Jan 2022 01:08:50 GMT
x-content-type-options
nosniff
age
290908
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91681
x-xss-protection
0
last-modified
Fri, 10 Dec 2021 13:38:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 15 Jan 2023 01:08:50 GMT
4.js
static.adsafeprotected.com/ Frame 4E33
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/913323/59535428/4.js?adContainerId=brand_safety__Y7mYYDyHd2ux_AP6M22-AE&cbFunctionName=goog_wrapCb__Y7mYYDyHd2ux_AP6M22-AE&true_pb=&adsafe_pb=https%3A%2F%2Fsta...
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety__Y7mYYDyHd2ux_AP6M22-AE&cbFunctionName=goog_wrapCb__Y7mYYDyHd2ux_AP6M22-AE&true_pb=
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety__Y7mYYDyHd2ux_AP6M22-AE&cbFunctionName=goog_wrapCb__Y7mYYDyHd2ux_AP6M22-AE&true_pb=
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2600:9000:224a:200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
460ff0b1da5bacd95df6905ad1c8df05bdda30aa4189e2fef38b53b6318e42ff

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 23:15:59 GMT
content-encoding
gzip
age
556880
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Tue, 11 Jan 2022 23:15:55 GMT
server
AmazonS3
etag
W/"96e16e7453ae2e6952bc6d2a20ea29f7"
vary
Accept-Encoding
x-amz-version-id
S0MalrBMHS9xoNN_K2x9NLd99O_UF8Q.
via
1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
DUS51-P1
content-type
application/javascript
x-amz-cf-id
kuY9EWd-q19RZbD8dwHUm1Vo0OUpOlrQrp-z2TifKSnY2EQQnip3XA==

Redirect headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:18 GMT
x-server-name
app15.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety__Y7mYYDyHd2ux_AP6M22-AE&cbFunctionName=goog_wrapCb__Y7mYYDyHd2ux_AP6M22-AE&true_pb=
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 77D5 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 10:01:19 GMT
content-encoding
gzip
age
4751760
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
DUS51-P1
content-type
application/javascript
x-amz-cf-id
WQpYiNG_6xppQ-xWRNBjgVryWLN8Ru-dgQXKhnS4v2xcQbkmapNqsg==
creative.html
s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/ Frame 3298 		1 KB
472 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/creative.html?e=69&leftOffset=0&topOffset=0&c=8FaVaRFRv5&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ade31d429c070a04f15347f118e3cd02cc3d21c909d05a5d3271052a6680edb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
445
date
Tue, 18 Jan 2022 09:57:18 GMT
expires
Wed, 19 Jan 2022 09:57:18 GMT
cache-control
public, max-age=86400
last-modified
Mon, 16 Aug 2021 10:10:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 8458 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu-cu_3XhVmhK4vscuzWxKam63Ddkw7rBc6bmjtXdG7keLLMzg5Kruhhitb80HojwrtTEdRF0XSJidAgzR1WtcNy3nZA7tn2tSJnriaJDD66-AitdsrUKc5cP1x55HsI0ZCJPlzGlAULX7PxAOd3JaB9LyDpRxjDfCHbQbnNCzAqeDSHtB2Mr1UQOAkpEQLoPvhdVHehDmOR30DPjG_2an6cYe4lIT3_bY5fWsHhNCJgwnYhr7NMXrJqXPqavA2q86egjayjP7ZiFOeiv5RQYZLnXE290HvHkHOS9hEd5fSQ6V8f63YqydOfVEEeJWErLUyUwR46Z74ICXcHVadPTtKyVM7yTtLYJkE7L7tvDQOHCL94rt1RzzWm7-yeTSgGtQOvqonEnClX6uvIEmXsaNIZhqg4FOUxn11VPx5hRyHfYHsne5pPY0ppocYcIpuUymPtva8BFBVm8ydA-tPbVABwkgDHQyQnxAzc1mpMgpd7t23NmOFTeaImbpr9DZ7BSW3JZCgs7b_EbAIsiNW1xtxcp_sDkxUwiIjRCvqkamQt_-sG92yShLS6kqsTucVodIcI9mI4cd4jPT2lw1GuQVpvJmOa6p3eHOKYqFWudo2z2kkgUVXmDu9t_HObEpUNcJYya5-VQN_h4IwQyj78DXREujJYRGuMV18ND_TptSb8v3MOTynrSeKNiZ0ZPo4IUg_PobtiYz1KqcHNcU9Pk-wqVSX1Pv8N7XOdDNvlA5FAynNB-xgy1qYBpQ_LDydJd6bl55V8YP9whlNhZMLtjaTnF9noWtR2DHjO1C63gxBBeBo4FSxuQqLZhfD1xWLBwoT-b_3mUt9cQ8-tLsX3sEdo5wkiNbZrztSH1d8z33FEo913lirhilloDBcB4CWII4SBf2NXlChh3uyeU5czGzh7iIn_BfZSDVkhkxWVUBoFh_xfxk7XUbQeQbZT4U-QWt8IRpXZ5YsVuoBpAPee_qXO7uI92Coxv0Zh-I0GFHe915poIWfNdL4Y_dE4Zoi7rzTjyTnrKZXKE9E9sPeglGA9PBBEEqND1ZARDTZtWzhxyROnN0lcPOFenVy4KRUWwS3u5VO5ja3iqW1ECkxq4uCFmMoKTi7Qodz6EjbQpw4Ka-PR_Kx08ahpK1J0Usz0M71bdir4myILiD3shrHXDqqcqeIoZ2QbUBxC3gcMehfMd6Uhi1Fu-_wx1r7HtdzsCUlmujlNaeqYhI3OX6Nzim0GyPm3Xif9oHPOXtkhkNUnpwtKf0Pk0oTYw0exYHGNyB0whTVFFR7LKx0rXAH8ytrj9qP08vYz2qM8VpzP28&sai=AMfl-YRAhXlJtlx63_CVuMKv8QMkWBWwCD-7Z4wUTpeArYwCvX26VZedtNsUW2BjitTcF2A6Nn_pfxGUf6ZuzBKB-aA2QI0RjHFhD4_m2gpQawNKsokidkU5hdjY3lOvhGSrNt4Rvf3SBiclq7o9nOPisIHLY78FFg&sig=Cg0ArKJSzDlQP8L8-KRQEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=510&cbvp=1&cstd=505&cisv=r20220112.01781&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 18 Jan 2022 09:57:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sync
ups.analytics.yahoo.com/ups/55946/ Frame FE51
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESEPgzBwayeRWdFNMSygRVCy0&_origin=1&google_cver=1
  • https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEPgzBwayeRWdFNMSygRVCy0&_origin=1&google_cver=1&apid=UP05ab1ff6-7845-11ec-9b4c-0648c8367d06
0
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEPgzBwayeRWdFNMSygRVCy0&_origin=1&google_cver=1&apid=UP05ab1ff6-7845-11ec-9b4c-0648c8367d06
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLz84QEQkMPrARjtjMG9ATAB&v=APEucNXCHf1eejfV0EcvwSNzfD2YILePzjcxA6POwAfqDm8hf-S50lyi3HTcnQIrDYid_giHxFz7WMeCOQcsHyMcSjJpQIY2uyuJrktYtJgFYs69CqzGETbOMjMb3zM_uTShjL1WE9WxglU1kCeH56sZjQa-liMasWGhKRLkea8CuWfSxffsFt8
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:18 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEPgzBwayeRWdFNMSygRVCy0&_origin=1&google_cver=1&apid=UP05ab1ff6-7845-11ec-9b4c-0648c8367d06
date
Tue, 18 Jan 2022 09:57:18 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame FE51
Redirect Chain
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP05ab1ff6-7845-11ec-9b4c-0648c8367d06
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVAwNWFiMWZmNi03ODQ1LTExZWMtOWI0Yy0wNjQ4YzgzNjdkMDY%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVAwNWFiMWZmNi03ODQ1LTExZWMtOWI0Yy0wNjQ4YzgzNjdkMDY%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLz84QEQkMPrARjtjMG9ATAB&v=APEucNXCHf1eejfV0EcvwSNzfD2YILePzjcxA6POwAfqDm8hf-S50lyi3HTcnQIrDYid_giHxFz7WMeCOQcsHyMcSjJpQIY2uyuJrktYtJgFYs69CqzGETbOMjMb3zM_uTShjL1WE9WxglU1kCeH56sZjQa-liMasWGhKRLkea8CuWfSxffsFt8
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVAwNWFiMWZmNi03ODQ1LTExZWMtOWI0Yy0wNjQ4YzgzNjdkMDY%3D
date
Tue, 18 Jan 2022 09:57:18 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame FE51
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1CSlg4dUlWRTJ1R0ZGXzVzeTY5dm1QTUx2ZlcyaC5LZn5B
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1CSlg4dUlWRTJ1R0ZGXzVzeTY5dm1QTUx2ZlcyaC5LZn5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLz84QEQkMPrARjtjMG9ATAB&v=APEucNXCHf1eejfV0EcvwSNzfD2YILePzjcxA6POwAfqDm8hf-S50lyi3HTcnQIrDYid_giHxFz7WMeCOQcsHyMcSjJpQIY2uyuJrktYtJgFYs69CqzGETbOMjMb3zM_uTShjL1WE9WxglU1kCeH56sZjQa-liMasWGhKRLkea8CuWfSxffsFt8
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1CSlg4dUlWRTJ1R0ZGXzVzeTY5dm1QTUx2ZlcyaC5LZn5B
date
Tue, 18 Jan 2022 09:57:18 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 53C6 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9903731/1639473459339/300x600/300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://s0.2mdn.net/9903731/1639473459339/300x600/300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 18 Jan 2022 09:57:18 GMT
300x600.js
s0.2mdn.net/9903731/1639473459339/300x600/ Frame 53C6 		50 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9903731/1639473459339/300x600/300x600.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9903731/1639473459339/300x600/300x600.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2c094dd25178dde30b030e1f7a97ea5fc23bbdcdacd2dca77b40118e2ca068c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://s0.2mdn.net/9903731/1639473459339/300x600/300x600.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 15:35:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66134
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13717
x-xss-protection
0
last-modified
Tue, 14 Dec 2021 09:17:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 18 Jan 2022 15:35:04 GMT
tweenmax_2.0.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 0D51 		113 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8247523/1641901381889/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://s0.2mdn.net/8247523/1641901381889/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38915
x-xss-protection
0
last-modified
Tue, 19 Jun 2018 18:02:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 18 Jan 2022 09:57:18 GMT
createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 0D51 		186 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8247523/1641901381889/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://s0.2mdn.net/8247523/1641901381889/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49100
x-xss-protection
0
last-modified
Wed, 16 Mar 2016 13:51:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 18 Jan 2022 09:57:18 GMT
index.js
s0.2mdn.net/8247523/1641901381889/ Frame 0D51 		55 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/8247523/1641901381889/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8247523/1641901381889/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
12afc405919393c03a74d8df97652f158b92bad448cb9717b6c308342c2e2505
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://s0.2mdn.net/8247523/1641901381889/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 18:50:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54402
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13434
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 11:43:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 18 Jan 2022 18:50:36 GMT
dt
dt.adsafeprotected.com/ Frame 4E33 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=913323&asId=ed04b975-1387-be09-c711-eea4dfa77ae9&tv=%7Bc:1DPjvd,pingTime:-3,time:191,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:41,h:40,t:32%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:191,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.41.40,am:sp,cc:0.14.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B182~0%5D,as:%5B182~41.40%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sURrWeg+11%7C12%7C131%7C132%7C14%7C151%7C16%7C17%7C18%7C191%7C192%7C1a1%7C1a2%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1c3%7C1d1%7C1e11%7C1f1%7C1g1%7C1h11%7C1i11%7C1j1%7C1k*.913323-59535428%7C1k1%7C1l%7C1m,idMap:1k*,rmeas:1,rend:0,renddet:svg.us%7D&br=c
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.27.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-27-110.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:18 GMT
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 4E33 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=913323&asId=ed04b975-1387-be09-c711-eea4dfa77ae9&tv=%7Bc:1DPjvg,pingTime:-6,time:194,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:194,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.41.40,am:sp,cc:0.14.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B185~0%5D,as:%5B185~41.40%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sURrWeg+11%7C12%7C131%7C132%7C14%7C151%7C16%7C17%7C18%7C191%7C192%7C1a1%7C1a2%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1c3%7C1d1%7C1e11%7C1f1%7C1g1%7C1h11%7C1i11%7C1j1%7C1k*.913323-59535428%7C1k1%7C1l%7C1m,idMap:1k*,rmeas:1,rend:0,renddet:svg.us%7D&tpiLookup=ao:www.farfeshplus.online*&br=c
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.27.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-27-110.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:18 GMT
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3B5E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 17 Jan 2022 14:31:40 GMT
expires
Tue, 17 Jan 2023 14:31:40 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
69938
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enabler_01_247.js
s0.2mdn.net/879366/ Frame B183 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15669929445323564715/index.html?e=69&leftOffset=0&topOffset=0&c=gNPp4LbTL4&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15669929445323564715/index.html?e=69&leftOffset=0&topOffset=0&c=gNPp4LbTL4&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 20:53:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47038
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 18 Jan 2022 20:53:20 GMT
preloadjs_1.0.0_55e44727ad1a72cb590cb504b5394b25_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame B183 		64 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/preloadjs_1.0.0_55e44727ad1a72cb590cb504b5394b25_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15669929445323564715/index.html?e=69&leftOffset=0&topOffset=0&c=gNPp4LbTL4&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
659aba74af795768d9d8d2ed688e49cd5f47d9425d5a1630329a845759b4591d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15669929445323564715/index.html?e=69&leftOffset=0&topOffset=0&c=gNPp4LbTL4&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16579
x-xss-protection
0
last-modified
Mon, 12 Feb 2018 18:09:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 18 Jan 2022 09:57:18 GMT
tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame B183 		112 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15669929445323564715/index.html?e=69&leftOffset=0&topOffset=0&c=gNPp4LbTL4&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15669929445323564715/index.html?e=69&leftOffset=0&topOffset=0&c=gNPp4LbTL4&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38407
x-xss-protection
0
last-modified
Wed, 04 Oct 2017 18:33:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 18 Jan 2022 09:57:18 GMT
it_IT_polite.js
s0.2mdn.net/creatives/assets/2377528/ Frame B183 		88 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/2377528/it_IT_polite.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15669929445323564715/index.html?e=69&leftOffset=0&topOffset=0&c=gNPp4LbTL4&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5efb10b5be7a1a6dc3aed09b2816f3f3435dcda3b7d2d7a02f300c8a22b82a7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15669929445323564715/index.html?e=69&leftOffset=0&topOffset=0&c=gNPp4LbTL4&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:53:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
210
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28036
x-xss-protection
0
last-modified
Fri, 03 Dec 2021 14:37:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 18 Jan 2022 10:08:48 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame DF2A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 17 Jan 2022 14:31:40 GMT
expires
Tue, 17 Jan 2023 14:31:40 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
69938
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
DISP_160x600_ACQ_na_AQ_Multicard_2021.html
s0.2mdn.net/9080513/1640100692999/ Frame 95B6 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9080513/1640100692999/DISP_160x600_ACQ_na_AQ_Multicard_2021.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b52e43c691df209e7f701f4ea6437b2c373a6467726efed99791eb4ef5187af7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length
2341
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 18 Jan 2022 08:07:18 GMT
expires
Wed, 19 Jan 2022 08:07:18 GMT
cache-control
public, max-age=86400
age
6600
last-modified
Tue, 21 Dec 2021 15:31:33 GMT
content-type
text/html
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 4E33 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst3NJ_pChQA3fkb2Qr_8cgKcDNGiBYoYTjeKkH-Nu8W8VvnfE1uIa1Xdn_DzWcTZFo9dgbhl7wBY5enVt5HhxWZHpFkPMnufqCKc7tZeC8M5lA_-72tZEWgw5Kl3hbQrCnxT7AUc8BgtMHoMd8CSdSrlySW3jq8JBxXoSSr11UugRUmkDEhrPqpQ4DqDTOkq6Y5mETNDrPO44XXf0VDIQrx4unsG7e4FsTJqnqXjxOeV_pnyInW2gADIFHdqYp1fM2NyRgk5dMAhyw_q7QmCyO3pB53rIb6Ka9u6wQjyDjvT0JepcVrVUleF0P7VZx9e33tZpSl47suTI0ydpZ3O3i4Se4IrS44Bf1DgsQ4ZKzYbrdlhOOcSSen75p23VMDEhmqGlIxePvHCsjmtBY1jLZK0KmxxJo-syfXl23jKtRfaBDy_p_qt8a95zo3JXMvrRT0T_nGsP_b4-sxXmyAtGQnz6nRZET9MgYiDE2VPr38XTCmnw-KjTOJZFn5tXn5ohR_o6Bso9LASKmOmPz_4NnJxS6azAtq3t-FiSUO2Oh0Lsy5VRVFrFrmg3OEaEgrvXEA3j9xltn5_4_veOUjc-nehuvUbneNbUOVooiWRNvRjQj4nqKtNpPhArlZ94vbcusnnGymVXWBxyuxrLbt8O_pPVU2bzPc49BbkHN1W0ej1rFuLMpvC2QZ0tf4ZQzarnnVpzx4dAjhvkN-b0VPQ8rwAID-nMk5jn6Y8_T2IoP5PQqjWWpZmABKGrCFDcZt1I-Hz883G0FKw2CqgzUlVyC9XPuZ8dG7Nt4krq8q9NS3ywN2mBRVevOGXLMAj9SRVVdFnAw4i4C4eWJt8aehprRqbTQAj6VFIuJKxJxPo-wbx2VWU6EnMMWRpitYDf3zo6ANC4tCCE42eyoBhryVwvppkSPPtxVM9NB-xL4tWEWAu2JZMbNKBKIlTVz4Tmf0wCMDMp4VacrONmpDH6zNSaxeafSHm-FzDvCF4iHSlr_dLgvA6RqZB87RNchLeHh8obwO-9_a0T8rYzFb-kweTNtTPDDcQDptYjtMYqs_q2pcDLHdjFHg4jC5JDkKlINW4p-vZR2SqbiwSqTHHB9K1I86j-xHO7pcw3wW94UXRbVrW28ohM79IYYqrwau3mRgSCABQes2749EMsiOT6TZ8jxvU4Kw98jwwb7o4GkmOj0-e5lks-GDVYVDxKiNTringoPhlMDo6VrsSMyJoimYinAaSET96ZV6Y1Z01se-rdQuc6IeUWTBP-MZiSFXTsRCA9k2AsbS-yrOGsBslaTby0rd4-pUekUKZadGCPmhxv3n0FKQViqBkQ&sai=AMfl-YTaHV1uiOvulDzqXpYuJiMU-B4rwQcHX84ircdxwT5n3TPB1Ny7nCCBQECGAR5j-hDPbRpJ_rfY7qy19m_YCGrtPHhb7cIIuZ-jpK9eUbkQDHx4kiIZEci3bT04StV4P1w6MVEdndvzqWGlcPS8CQjKGl5RAA&sig=Cg0ArKJSzBWWJjNfW7LBEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=645&cbvp=1&cstd=644&cisv=r20220112.16844&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 18 Jan 2022 09:57:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
pagead2.googlesyndication.com/bg/ Frame DBD9 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb5358c6c980f19540bb6b15ccf641878aa3d8530e3e225df2e59eab005c3dd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:52:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
32716
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13653
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Jan 2023 00:52:02 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4556 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=280&slotname=9134183485&adk=3378407940&adf=4248194979&pi=t.ma~as.9134183485&w=336&lmt=1642499837&psa=0&format=336x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837268&bpp=5&bdt=728&idt=432&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90%2C728x90%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=3181&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=5&fsb=1&xpc=UYbEHJCse8&p=https%3A//www.farfeshplus.online&dtd=434
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 17 Jan 2022 13:26:12 GMT
expires
Tue, 18 Jan 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
73866
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame A688 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eda74f2a09e6a4c00d46c091ccf74ffcb7edea989be21f1216602941bceccfb4

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
skeleton.js
static.adsafeprotected.com/ Frame 0C38
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/919015/59742583/skeleton.js?ias_dspID=3&ias_campId=23268776&ias_pubId=pub-6266313190087173&ias_chanId=1&ias_placementId=14569750229&bidurl=https://www.farfeshp...
  • https://static.adsafeprotected.com/skeleton.js
17 B
465 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3388934107&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837157&bpp=1&bdt=618&idt=478&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=OQC0fQNSPT&p=https%3A//www.farfeshplus.online&dtd=482
Protocol
H2
Server
2600:9000:224a:200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 07 Jul 2021 08:35:57 GMT
via
1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
age
16852882
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control
max-age=315360000
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
9RnJKnaM_D0nAle379jz9yaBX9kDovwxIfDquX4p1VtHGbWzf48yCg==

Redirect headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:18 GMT
x-server-name
app03.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 2B59 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3388934107&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837157&bpp=1&bdt=618&idt=478&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=OQC0fQNSPT&p=https%3A//www.farfeshplus.online&dtd=482
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 10:01:19 GMT
content-encoding
gzip
age
4751760
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
DUS51-P1
content-type
application/javascript
x-amz-cf-id
2tjoopQtVDRVlf-m5uAutUiyE9HlyHJXIbVrm0lFzHiANfQKrexzRw==
dt
dt.adsafeprotected.com/ Frame 4E33 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=913323&asId=ed04b975-1387-be09-c711-eea4dfa77ae9&tv=%7Bc:1DPjxE,pingTime:-2,time:342,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:694,mdZ:794,beA:1105,beZ:1107,mfA:1109,cmA:1111,inA:1111,inZ:1117,prA:1117,prZ:1131,si:1138,poA:1140,poZ:1167,cmZ:1167,mfZ:1167,loA:1298,loZ:1302,ltA:1447,ltZ:1447%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:41,h:40,t:32%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:342,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.41.40,am:sp,cc:0.14.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B333~0%5D,as:%5B333~41.40%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sURrWeg+11%7C12%7C131%7C132%7C14%7C151%7C16%7C17%7C18%7C191%7C192%7C1a1%7C1a2%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1c3%7C1d1%7C1e11%7C1f1%7C1g1%7C1h11%7C1i11%7C1j1%7C1k*.913323-59535428%7C1k1%7C1l%7C1m,idMap:1k*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:svg.us,sinceFw:307,readyFired:false%7D&br=c
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.27.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-27-110.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:18 GMT
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5E7F 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 17 Jan 2022 14:31:40 GMT
expires
Tue, 17 Jan 2023 14:31:40 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
69938
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
track.adform.net/adfserve/ Frame 5F35 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=44454688;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CKMev_I7mYejfM7aS7_UP0pC00AGmuaK3Z7aZv_CpDfAuEAEglZvKIWD9gpGE6BGgAZnb4eACyAEJqQJVRqiZDyGzPqgDAaoEnQJP0ImlpyQOVXq8LHOmsnql3y-KCBFj3VGI_cGbPD7-9CLRMtzwKKeHjOs8mGSSJTiiTFNqm7HJXUU43Z3uhb7y3f944Nv38Q-AYeeztQ9jhjwvf6tTvddpwdvCC9xl-CcqYCS-L5fsfXFfuq5sdCvx76GS3dPd50rK3xUwWfbeANtcaQ_ftkZ9TZV-_s_YujG2LcbHQx9lkXcp5Fi9Xdq6q_omImJivMKybiT2KwCJUaqRVqxObr90o7YF3VRWtTrP0HDdZOwBA6SBT4DTRRpRtYIDQDhr90HE8fyz1MKcB_BNT58BsDE0kUBUGYCUnngdNgREuX4nuzpOUzG4oew6UiVDlGWFfyD__BqpE4GWrQpAFX2OSMEzrFwzkA7ABKeMgcHEA-AEA5AGAaAGTYAHz6SenwGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTU2MjAwNzA5OTAwNTcyODCACgOYCwHICwGADAGwE7ve-g3QEwDYEwPYFAHQFQGAFwE&ae=1&num=1&cid=CAASEuRoK5y8vqmBhiyh8dLAoQo3oQ&sig=AOD64_1ULGzkaA4dVj6IXinBfTIT7IIVbQ&client=ca-pub-3831894559014614&dbm_c=AKAmf-CHq3cBUU490OCNjvEnutiXubLG3ysIHp99HQMIsl1JRo-DrDsj_QcoPKFR-qNbH3OTUaJ66wZZn6L-KCxOcRxJJynOkCFthtoLvI7bvmPEyPWhMikgzMCh3_Sfne2gBEKH5POcUKz3oFAWKdzXGyoI9VRKAw&cry=1&dbm_d=AKAmf-CkIeplFgm1pkGouS8hEoLbx5nyvKl3q61i3t9pDkLYJO8YkUarhpdurFK0InREN541xMyzD2qrg8MsyWxOAvmKyr15Dh2kMTppmtVCQ_m8kA-Am2reUnlgmcW0ohTRDlWaaMU5u5Krq8jGf4cF3AutlLZTieefh2dOBz021VUtdaNQhb3Q3FkA0C3Lql_mK2i6WQBe0DNdUYzm1fhzY0RfXHCRwq-Tw5KJL34hGW6xxFO6TWxtkLE50jdSO4J7gRJoWwopBmwlpHXl2_Z7MrgLvsykpZeRpgTVpXksLD-Ir6WXOYUGUPFs2YWBVrX2ddjD6bmbZChhznGU2ezltj8VMyTSg90lk41RDRV9IaMqtb5gWCObkfxWDPLC3wcajycAKzocC0Wj_Ti4IcSuA-_7sadgDo3x6NS2Xb7twI8nDpo4SvzZU1oOONHIzvCX9qNKbWue1jNGzgjKdGPmtUc6ER9Fpg&adurl=;js=1;adfxid=1x;133;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fwww.farfeshplus.online
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
077a211d557875f05e0feee60851c43982d77859e8fb536744544f21c39a8b3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:18 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
3583
expires
-1
si
googleads.g.doubleclick.net/pagead/drt/ Frame 26E8
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1738279810&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1642499837&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837136&bpp=5&bdt=596&idt=476&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=utUxa3igyK&p=https%3A//www.farfeshplus.online&dtd=480
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 18 Jan 2022 09:57:18 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 18 Jan 2022 09:57:18 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 18 Jan 2022 09:57:18 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame E9D1
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 18 Jan 2022 09:57:18 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 18 Jan 2022 09:57:18 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 18 Jan 2022 09:57:18 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
pagead2.googlesyndication.com/bg/ Frame FD7F 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1738279810&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1642499837&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837136&bpp=5&bdt=596&idt=476&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=utUxa3igyK&p=https%3A//www.farfeshplus.online&dtd=480
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb5358c6c980f19540bb6b15ccf641878aa3d8530e3e225df2e59eab005c3dd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:52:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
32716
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13653
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Jan 2023 00:52:02 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 8458 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:31:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69940
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Jan 2023 14:31:38 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 77AB 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 17 Jan 2022 13:26:12 GMT
expires
Tue, 18 Jan 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
73866
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 8458 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4215971a33e7d7983cc8897a90a8cfa353fd54b9b71232957224ac1ae3253e4f

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4E33 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:31:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69940
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Jan 2023 14:31:38 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4D2D 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 17 Jan 2022 13:26:12 GMT
expires
Tue, 18 Jan 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
73866
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 4E33 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b5c74784e6184c900073e30be3e3b9bf7181be1b584e6940c4a02cff3fc356e

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame A688 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssY3dkrgqaFne1cd7yLd2mteU6edlvaINFU7o64lBqmW09rFSnQ0mySo83oj5DF4oeTNiik5M9trdGkSI1a4Z8gfWVzwQOZP1uMNHyyXkizOpDHkDo4tnfPxYOooxxrojnEhdKCC4ShNqoAcsnSMfG9d9FuBvE8B6YScqnYSQ-ieuKOKO-kfpV6luUeEgxzOVUQcWcT5yW-n6ZyMGV3SCAyjw5a_zsikr541qq3y5fGgyKE95Dop4QgTZx3RXn_zIx3LHBPk-Qvvj-cKxLk3wk2vZYFt_47Nzlh8ei9n-AYhYv2ZONF0l8u88JB5fKMGT962hs_xdMFCMMQn0IQuN_SV5zBPPdoLWT6NU1WNG_PqiUBeaBC28wvNs4CX_hdMVwU7loZKJUYy2ue5f1vNuotk02WFX1RSrnSGVDj5KXemBB70OTrsmEtKKMhlpjEinTSiMe-HwvCulrDHy-TFT9JkwhGrXOgps7cAOzpPS3Dlg33auEqOX1ZhvxFdLV1utwHgIeuFI7deKPcB7kRZzbhbNeK-DoVWYufOUkbOecrh9CviYf_F1qyM0fP7wq9rajXFuQLeGiH0wSg3aojJ6X47kQqGhVCMdWtr9W7pb3pLghhPatqeNghvicsxZ-mmRP_REv3ia6b2UBB6htJ2SH4rzYGccJofn-36_TyR82m5qy16OQorji0vRddvZK4sbcixHsGndytzy7r-aLyEATIT4VGRE8XEBKQGSkybS9mt8zPjb5pPg0viOy1v8kIDSWxsdhhnzTtRKfvrknxBlltIEJM2mG0kagdMduUPL8K1g2mPfrHplAXRSUd0im-iiyZXeBeO0-D9nlp17ddxICVPoL8KzU3M8_kvRohKKRSW-_3AjD1jtwlq5PdB22oM_W2g_wWxJ9vdUvNE1BO65aQtuv6CoD1uBVOMe_JdZ-j8FLBuX57ILLd20CS6_aHoJcAVy2aqRqaa9UyznVLDCm2eck1nLYXhzTcgL2Z-1DzFz3coprNvSoPq7JVAF_lssfRShMXHtu8aX3WoYhzMNvSA_x6b7QxqKUzBs-nLu8aPT5zS0dyX4dcJDg3Il3K0FYbCGLkx2HLi3xxyD5z5d4_e0c0G5ZtWeOVVCN-14KK_60Q1Aaoacogulqu_5OgwlLAeq-vU2wnbRjzJo51DZCLoRPESzQGptLExiTblpNSCPyk1pcHvAyYbcnkZSemGczpzu8rrHjdeKw3sKVMPx5DO3Yb_GMmC7QtKmADf2yCAeo2Q6rhdBTjSgrR7PMAdgy_PbE6wW1Umw&sai=AMfl-YR_dhvcb6jR2OpBWOU2J_uDxMuAzKDK-FbdPetIqHbW96JY7Lki-DfJsypbt81XI6tkL7syLND9Akv65yWfp-Ely_0RviP-7w061nGD4zJlUW_mBiFDvdviymFtK9rmxKm9mZcInwtGi1PHRHn9q4jHiurf_oc-XhytV5xcaNkt3Fw9esraRw&sig=Cg0ArKJSzGrlg29sJeyOEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=497&vt=11&dtpt=496&dett=2&cstd=0&cisv=r20220112.55649&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-De8XvCQ8b5l9wdyelAR59kGt25wg4o7XF3HVCUq2KZBgffsSKW0uaQOH3c8OH0_HsDIDPdvgHI0WFK7xvbIS0aOQMS8pbanXyz6Y5LObem7CqZ5l4ccpwSu-6qk4mPbhA9ypQHEQ76NVDK79Af5KKdsYEqYQ&dbm_d=AKAmf-CtCek3eTisLPE0VsAheFMkWVWnlZW3Ti74j_e_9H1nlsR-ISRJKf6oCmxq7xVIKzHHipywgg25yh4J6bQHaWs693g-wYeTolxsn-Yud9rT4WIbc9zsHzJZEXDV0Zqy_5dDtrmPXuLDgI0M5fTfmndnQFCQBZvSjuD4B8ImN2KEFs_r8dxnjRHT3xNw6fQRJPAiqDRSivghnet7uoJ-hENuQMcIHk0R1rzs6qy4T20fkPYYENYgm2evMZNKmdBrtAScFoag5DuQXeX2bBtnv0_wBYUJ8JX5tbLBTLKeO1WtdMGdBFAfYLD7DTA-sZrTVnlbprqFf35wVYhuxv9awJGJPuFnUP-aO13AI_WQdInUCRG_MhTnl9LBM373QdDFf-D4mJzamQ4Gl3Qu8JuNXyyWxEremzOnIWatMOO9rd7KmgYh7CiHFQpa0Sk4nB-jZLPwQEl5VWt8Jj98vzqoXWywNQLs4vvOmB9e2GdsDeJuAXYMDK4wCxYXsNeQ-x1tqUF2B0UUmPu9ThKwfXqLGYZnZsC9PRJXEt0KQpp185kjk9dRoMglcWxvpj7JSzcmsvE93taaFP-45Wc1V7WW8Gwg9rwmSsMphH3Ra52cS9BGRxI2arvp9kYm7vUJfOiKGxH0VZH55kEzN5nxICi90wS_-Y3gTbtL5jBynz6nH2S1SyQKowJ2rJXBWEvSHd5eyG4TF67c9C3kV9MStZoFhKbNh6tOQImhq77FtiRzh1HG-6zGvnvawT1di5cnHwBIR3W-5_wrg70kSa3WiCQsp8zMrlk9vJPjkvHspo6R6OsjnxTnixj71VHkvAraQ_ZWbCExLFP69vlxLX00XwMviLm0gemUxub3Vz2lVmFl6DZ2fU-vTibsMwjY-hBHINtf4TuEk0LYsUy1XJp0QPxOCp3WehQV40qbvOCLUcOLpogS7d3FuUYSiNYIAneBgghoS5Z120sqbJwg0pVI475Hlzjg_-RwNGEKWutyeZm9uIT_5CRnkolN7hGCU7EcFew_uA_6u4hjWu6GBzZrzekqXB1mbLvfdIDJAG861Ygd1q5-9BpkhkMGBVTDpbSVt9EDfT5IY3upJ7F__PFC0YSQbJYJjUbKyD2v2afUa3tb_rV8Md2KE2JVbr31l9OPwIivbPDxkLKyDGEgttV2LbxCCf3pZdeTdg4G5WQtcoxNcTPpruw88NA7aTOFZWoycmOOmNHCh1gbzaLNRqDb3TNzCziSNibW4-ShBDjbIkkBh-znaM36VcYC_tE25Fgrtd0FWB-MGhCv1zg_Unjtt7hzFsWqR1DbOu9qcuT1CXgZqwcfMgO9Ym9-23wI2TgXw6wnkag7h6UnMNNraTk_I79o6ZLODMfWK9C098JoBh09dZkWwV62jLLg9Fehk1fLIuwDsMwrIY__pWxeZK_vAGZwSqyIh9QF4wqKnRs8QjqBJMFE9s0XLxswNJ7_LAYZoJ5FRVwR3g9NG-v4KmG13b8-d3hbeQMVus1AgXhbD70JLgW4fC4HQjzRB6WT8b3IXYiHYX0ho9f00-r9oA8juQtffJpd6e_LYZJy549sT_8oufqdILLrTuoccDu-YJL4n3cRZnxGMH2PYDEZmg0-DMJDnunfk0PBFu8HYivrIC52lugW9DqtAx8TFh_QUnS7ZKd3m_zumKHtFEPSJoiNqvccJI0VrWP61hYN91It3ohKLbS6ZP1TMI_GPAr_SwMsceZeT-cGojG_MHN_W2cQ8FLJQeh04rzUCEtvCr-0J_lePlkwfR6_bcTx8xQeAhGL8bPVdFvFRMRnsM1ILusRgaj8u0K5OX91OrM0pbKcUaBZy7gnixRlrJhb0_50x1jmdQrd8u9yBWvvlFsOEZVYST8CjqFk19jnvf-oCwzAwrBrPcVL3d_IfSkGbIjfMTz1CJaEV3ieo392FjzlABB-KIcFohLRT4Rb3kieJMY6m9KJT35BUNBRzWP_WBDiF5iu_9sUXEQzU4keFrXkI_mwKMSFBoTK7ushDu5VqxFQdiozCjDdry8d4JniMz7DmMg37_sUmlIFeLJf6yhQbOMdvpPxRZek7VAYJ_YcLIBVdAQRQwV63de2yhVxWYJ1QCtT1upTayePQ5Gl9FgSGLyjEHFr04S6wQcDgNGK8ylFg88cOak6ATK9kmU8RDSmBZ4W2uUJjuokM5xOfJy_Fatjc4tSapUpZRlUbQxcKO_5EzapoUoC5eiCcEIa2L2cxRryp0UyZE9-UPHv-1eyjzyGfpcNwEfgoIv6oi8N0m0XBwONSbgpakBsinQyJoNW8lgKd0bUxyT1zKwAHStxlaNbjUVuv2_7HKthyt8ElL4MN45Wig5sA2LbbFmpFuqN3AQPwrOGDdCLOKPb2aiaPCzWOmeC8hB7dIE8qmZwIueAiXcHdaYtF6Pb6rnew7Lvy_tZp4Druya8e-pp9xpnm1uGbmMqlLtDskVCYUJ3IwTh7DbAyBIZ2t305F2kK7cGqYJSebHig1Zg0XEzVyel524lwt7NQZ8cwNJ0n2aVSWFkx4S60G2Lj5K7bDWMZZT8L0J0VKKoealM9SoNZ5ugdLwVTaPryJ1zXhIj_MTl3eYA_GJ1ybmfhX2LMLq-pFmUeeJDCtxaOxcOr89C2uNi4PQrK10yrMg8BDvyxRQTe5kVqT0oSbWfoh94dujTdke6MCS-mmyCH0D4yICuYILl3NUL8zif1GE9IZkee15iQhdzSP862AOh6xPocNMFcUm1wfkPnN4GQQXpTs-DmVQ4Y3oABqK7UlELdDRPc_-a5gpRV4-PLp0Voz3EmYhjBDnKXMHdBtYBBzd2aPMDrdJ1pSm-joZyMIJzzeyAk81SRePm7fG-wBbfwDjgF078SLQg83jJ0A56B0haXZUpBdHKn7NyW0vpwXAdYMse3ahfCkcU0SZlpJh8uhgNb93w7kwaGPpD3ZcA9wq9aGnJNb9Hbw1i4egCAiVC98j835Qh9k5q26q7R1j_gCfOsyZfJyJCq_1-0z1Zq7nntKuun5OtwNb5R_wp68NwhtwlzxEFqFMZ2QOP5xtO1ExCkoSdNTZKd2m7DL2VJHlm4FpDUDXo5uf8DlGYQgtQne9-GiV2XrOvuRf9_hJpTzifgNWXhbY83t52n4zB6jV2HMLPALz1nhT1TpRs_QhzHnSI8DaniRH2S3yk2MAH9sETEfQ&cid=CAASEuRoZnNEHxPsyAtDHH6oeLhxaQ&rfl=2%2Chttps%253A%252F%252Fwww.farfeshplus.online%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 18 Jan 2022 09:57:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dt
dt.adsafeprotected.com/ Frame 0C38 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=919015&asId=eaba1760-563e-c9d1-4df5-9123dc4ce96a&tv=%7Bc:1DPjAj,pingTime:-3,time:882,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:674%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:882,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:674,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B233~0%5D,as:%5B233~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sURrW8d+11%7C12%7C131%7C132%7C14%7C151%7C16%7C17%7C18%7C191%7C192%7C1a1%7C1a2%7C1a3%7C1b*.919015-59742583%7C1b1%7C1b2%7C1b3%7C1b4%7C1c1%7C1c2%7C1c3%7C1d1%7C1e11%7C1e12%7C1f11%7C1g1%7C1h11%7C1i11%7C1i12%7C1j1%7C1j2%7C1k1%7C1k2%7C1k3%7C1l%7C1m,idMap:1b*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3388934107&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837157&bpp=1&bdt=618&idt=478&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=OQC0fQNSPT&p=https%3A//www.farfeshplus.online&dtd=482
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.27.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-27-110.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:18 GMT
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 0C38 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=919015&asId=eaba1760-563e-c9d1-4df5-9123dc4ce96a&tv=%7Bc:1DPjAk,pingTime:-6,time:883,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:883,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:674,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B234~0%5D,as:%5B234~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sURrW8d+11%7C12%7C131%7C132%7C14%7C151%7C16%7C17%7C18%7C191%7C192%7C1a1%7C1a2%7C1a3%7C1b*.919015-59742583%7C1b1%7C1b2%7C1b3%7C1b4%7C1c1%7C1c2%7C1c3%7C1d1%7C1e11%7C1e12%7C1f11%7C1g1%7C1h11%7C1i11%7C1i12%7C1j1%7C1j2%7C1k1%7C1k2%7C1k3%7C1l%7C1m,idMap:1b*,rmeas:1,rend:0,renddet:na%7D&tpiLookup=ao:www.farfeshplus.online*&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3388934107&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837157&bpp=1&bdt=618&idt=478&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=OQC0fQNSPT&p=https%3A//www.farfeshplus.online&dtd=482
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.27.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-27-110.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:18 GMT
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
truncated
/ Frame 33A4 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
47f49c78eb66400d67991eae5c4487d4e65779cf9ccd04c0d12776773ca33f06

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
pagead2.googlesyndication.com/bg/ Frame A077 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb5358c6c980f19540bb6b15ccf641878aa3d8530e3e225df2e59eab005c3dd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:52:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
32716
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13653
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Jan 2023 00:52:02 GMT
initial.css
s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/assets/css/ Frame 3298 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/assets/css/initial.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/creative.html?e=69&leftOffset=0&topOffset=0&c=8FaVaRFRv5&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9961ff8ce61a82e625d8237184b98fed1f2717647e567fab38ea32a49cf42f6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/creative.html?e=69&leftOffset=0&topOffset=0&c=8FaVaRFRv5&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 11:18:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81502
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1029
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 10:10:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 18 Jan 2022 11:18:56 GMT
Enabler_01_246.js
s0.2mdn.net/879366/ Frame 3298 		116 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_246.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/creative.html?e=69&leftOffset=0&topOffset=0&c=8FaVaRFRv5&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/creative.html?e=69&leftOffset=0&topOffset=0&c=8FaVaRFRv5&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:32:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1502
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40237
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 19 Jan 2022 09:32:16 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ Frame 3298 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/creative.html?e=69&leftOffset=0&topOffset=0&c=8FaVaRFRv5&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 14:10:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
589630
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29671
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Jan 2023 14:10:08 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/ Frame 3298 		233 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/jquery-ui.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/creative.html?e=69&leftOffset=0&topOffset=0&c=8FaVaRFRv5&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e09639315704980552b92eaae21f66af00a6e8a371f757f76b0b12420c2ed2a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 17:51:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
576350
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63865
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Jan 2023 17:51:28 GMT
initial.js
s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/assets/js/ Frame 3298 		17 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/assets/js/initial.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/creative.html?e=69&leftOffset=0&topOffset=0&c=8FaVaRFRv5&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a87a1c72b2e889b01c62c7093236a5996d011ffef5a5db018a7e4ee78f04cf9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/creative.html?e=69&leftOffset=0&topOffset=0&c=8FaVaRFRv5&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 06:04:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13993
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3020
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 10:10:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 19 Jan 2022 06:04:05 GMT
logo.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/assets/images/ Frame 3298 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/assets/images/logo.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/creative.html?e=69&leftOffset=0&topOffset=0&c=8FaVaRFRv5&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
794d61e219331f90223f84b6f7806082dd2fb5388d3c74af6bab63ad2ce022bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/creative.html?e=69&leftOffset=0&topOffset=0&c=8FaVaRFRv5&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 06:00:53 GMT
x-content-type-options
nosniff
age
14186
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2754
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 10:10:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 19 Jan 2022 06:00:53 GMT
spinner.gif
s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/assets/images/ Frame 3298 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/assets/images/spinner.gif
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/creative.html?e=69&leftOffset=0&topOffset=0&c=8FaVaRFRv5&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bcc5de0f53784c98bf4b3345b43f7d95736bd096e7ce0b8132a0555624adc13a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/creative.html?e=69&leftOffset=0&topOffset=0&c=8FaVaRFRv5&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 06:15:30 GMT
x-content-type-options
nosniff
age
13309
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6841
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 10:10:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 19 Jan 2022 06:15:30 GMT
dpixel
cms.quantserve.com/ Frame 0C51 		35 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFJwGNYq7aWpLwt7qLNu36M&google_cver=1&google_push=AYg5qPIhIn6AYlzadedt9g6hD7xgSE1YrXyzZz6QU9thh0A_QhMoqWswHXySdf4zsKUlsYiVwhcCmfbc4HGDzE0lb__1VC-E
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3388934107&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837157&bpp=1&bdt=618&idt=478&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=OQC0fQNSPT&p=https%3A//www.farfeshplus.online&dtd=482
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:3175:5196:e3fd:8c1d , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0C51
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJPwDpQ5QjfrXh-4n6Zh43X3TXBW__yWD0f6GG...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWVhTy13QUFBRDlqZEEtZw&google_push=AYg5qPJPwDpQ5QjfrXh-4n6Zh43X3TXBW__yWD0f6GGFRWZaM5qJSGVLt0rENCgWorhkqBM_yAIJ-yDzQARxzIR44Ml-iOfAtQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWVhTy13QUFBRDlqZEEtZw&google_push=AYg5qPJPwDpQ5QjfrXh-4n6Zh43X3TXBW__yWD0f6GGFRWZaM5qJSGVLt0rENCgWorhkqBM_yAIJ-yDzQARxzIR44Ml-iOfAtQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3388934107&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837157&bpp=1&bdt=618&idt=478&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=OQC0fQNSPT&p=https%3A//www.farfeshplus.online&dtd=482
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWVhTy13QUFBRDlqZEEtZw&google_push=AYg5qPJPwDpQ5QjfrXh-4n6Zh43X3TXBW__yWD0f6GGFRWZaM5qJSGVLt0rENCgWorhkqBM_yAIJ-yDzQARxzIR44Ml-iOfAtQ
Date
Tue, 18 Jan 2022 09:57:19 GMT
Server
Apache
Connection
keep-alive
Content-Length
389
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame 0C51
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEMhLE4GC8O0Fn3h93KUd6CA&google_cver=1&google_push=AYg5qPIR0ffK0_EAUZEBlIXWJYUxKnoF7nrC0eaztXpLJxVJoHLMtbiyh_ur-CifF2GSXUjeypg3HaaM5RuiRm0LNgUvZJEiLA
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIR0ffK0_EAUZEBlIXWJYUxKnoF7nrC0eaztXpLJxVJoHLMtbiyh_ur-CifF2GSXUjeypg3HaaM5RuiRm0LNgUvZJEiLA&google_hm=Q0FFU0VNaExFNEdDOE8wRm4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIR0ffK0_EAUZEBlIXWJYUxKnoF7nrC0eaztXpLJxVJoHLMtbiyh_ur-CifF2GSXUjeypg3HaaM5RuiRm0LNgUvZJEiLA&google_hm=Q0FFU0VNaExFNEdDOE8wRm4zaDkzS1VkNkNB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3388934107&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837157&bpp=1&bdt=618&idt=478&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=OQC0fQNSPT&p=https%3A//www.farfeshplus.online&dtd=482
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 09:57:18 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIR0ffK0_EAUZEBlIXWJYUxKnoF7nrC0eaztXpLJxVJoHLMtbiyh_ur-CifF2GSXUjeypg3HaaM5RuiRm0LNgUvZJEiLA&google_hm=Q0FFU0VNaExFNEdDOE8wRm4zaDkzS1VkNkNB
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0C51
Redirect Chain
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPIhrod4BixJg26AemT_tDM8sMEghvk2EnC-mdr-uA4qSzNsbTQMSQSB4MBAVmJ_2mG_ItZyHID_9bdg7z2772WhcqbImQ&google_gid=CAESEKcdeDv_iDMCe4-C0GlP-Rs&googl...
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCP6dmo8GEgUI6AcQAEIASm5nb29nbGVfcHVzaD1BWWc1cVBJaHJvZDRCaXhKZzI2QWVtVF90RE04c01FZ2h2azJFbkMtbWRyLXVBNHFTek5zYlRRTVNRU0I0TUJBVm1KXzJtR19JdFp5SElEXzliZGc3ej...
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwMEpnSUUybld1M3M4Vm5GWWwwdkxiWFRtRGtPc1kxVDBFaW9kVHpDb0FRcw==&google_push
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwMEpnSUUybld1M3M4Vm5GWWwwdkxiWFRtRGtPc1kxVDBFaW9kVHpDb0FRcw==&google_push
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3388934107&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837157&bpp=1&bdt=618&idt=478&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=OQC0fQNSPT&p=https%3A//www.farfeshplus.online&dtd=482
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 18 Jan 2022 09:57:19 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwMEpnSUUybld1M3M4Vm5GWWwwdkxiWFRtRGtPc1kxVDBFaW9kVHpDb0FRcw==&google_push
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
dds
rtb.openx.net/sync/ Frame 0C51 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESENzEuiIm-dxqs61UlSTiP48&google_cver=1&google_push=AYg5qPINT4xDFxIwshfRaBUqhn3c5SU7qZ8s83el7ZpYRrQnNaFVqkw8s6sGTJtZRwNfZLlKKzybC-GXA-FIBaX5TASS4KE0tg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3388934107&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837157&bpp=1&bdt=618&idt=478&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=OQC0fQNSPT&p=https%3A//www.farfeshplus.online&dtd=482
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:18 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
hpupjenl16k52isumiekd1uve85rigvn
pixel
cm.g.doubleclick.net/ Frame 0C51
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPXOZfgzzdBQUxsDB253Ado&google_cver=1&google_push=AYg5qPIanvebw5UpX5bE0H9HfbKWgjP2xnAAhAF--sLo0eTfW_4Yr8AmLaZ0ejRkMFrvnDAm8Ct...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lKWFpVV0wtMVItTUZTNg==&google_push=AYg5qPIanvebw5UpX5bE0H9HfbKWgjP2xnAAhAF--sLo0eTfW_4Yr8AmLaZ0ejRkMFrvnDAm8CtjqSQoLzvzGbCWdSShVUOmpQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lKWFpVV0wtMVItTUZTNg==&google_push=AYg5qPIanvebw5UpX5bE0H9HfbKWgjP2xnAAhAF--sLo0eTfW_4Yr8AmLaZ0ejRkMFrvnDAm8CtjqSQoLzvzGbCWdSShVUOmpQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3388934107&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837157&bpp=1&bdt=618&idt=478&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=OQC0fQNSPT&p=https%3A//www.farfeshplus.online&dtd=482
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lKWFpVV0wtMVItTUZTNg==&google_push=AYg5qPIanvebw5UpX5bE0H9HfbKWgjP2xnAAhAF--sLo0eTfW_4Yr8AmLaZ0ejRkMFrvnDAm8CtjqSQoLzvzGbCWdSShVUOmpQ
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
pixel
cm.g.doubleclick.net/ Frame 0C51
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2X...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2X...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2X...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2X...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2X...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2X...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2X...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2X...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2X...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2X...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2X...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2X...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2X...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2X...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2X...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2X...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2X...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2X...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2X...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2X...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame 0C51 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LI4K0e77aZsXT1KxOgfScFrEWEltst5o7PxPNqezWXEPuSi_RQl0wzz-Amg3tO-LPCZ3KB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3388934107&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837157&bpp=1&bdt=618&idt=478&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=OQC0fQNSPT&p=https%3A//www.farfeshplus.online&dtd=482
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:18 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
dt
dt.adsafeprotected.com/ Frame 0C38 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=919015&asId=eaba1760-563e-c9d1-4df5-9123dc4ce96a&tv=%7Bc:1DPjCp,pingTime:-2,time:1012,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1430,beZ:1431,mfA:2073,cmA:2075,inA:2075,inZ:2080,prA:2080,prZ:2097,si:2105,poA:2107,poZ:2138,cmZ:2138,mfZ:2138,loA:2312,loZ:2315,ltA:2441,ltZ:2441%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:674%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1012,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:674,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B363~0%5D,as:%5B363~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sURrW8d+11%7C12%7C131%7C132%7C14%7C151%7C16%7C17%7C18%7C191%7C192%7C1a1%7C1a2%7C1a3%7C1b*.919015-59742583%7C1b1%7C1b2%7C1b3%7C1b4%7C1c1%7C1c2%7C1c3%7C1d1%7C1e11%7C1e12%7C1f11%7C1g1%7C1h11%7C1i11%7C1i12%7C1j1%7C1j2%7C1k.913323-59535428%7C1k1%7C1k2%7C1k3%7C1l%7C1m,idMap:1b*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,sinceFw:333,readyFired:true%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3388934107&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837157&bpp=1&bdt=618&idt=478&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=OQC0fQNSPT&p=https%3A//www.farfeshplus.online&dtd=482
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.27.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-27-110.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:18 GMT
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dpixel
cms.quantserve.com/ Frame 9E51 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPfI2Bd6Ku6BanvFeGzVUWI&google_cver=1&google_push=AYg5qPIwhCOxG_mK276VbjVE2wKnw2A-oNsTXmeKuO1BOiKIf45B6ZcCobHx80Ux6ERKxI3bIom0pI3o9O0rRAHyFLUMJH2R8qM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=194721897&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1642499837&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837225&bpp=4&bdt=685&idt=465&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=2416&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=MOK4ELxiBJ&p=https%3A//www.farfeshplus.online&dtd=467
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:3175:5196:e3fd:8c1d , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9E51
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEGMGWDDYIWtpsmz2CYgJzz0&google_cver=1&google_push=AYg5qPIAKRxf8fcrRaAi7hQwHcsjxTfvw8nB2OxiOLglC2FAMKs6-1BbYTL1pTHY3-mizvaqMdFhaZy37GIHgrooLk89T115Q3Y
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIAKRxf8fcrRaAi7hQwHcsjxTfvw8nB2OxiOLglC2FAMKs6-1BbYTL1pTHY3-mizvaqMdFhaZy37GIHgrooLk89T115Q3Y&google_hm=Q0FFU0VHTUdXRERZSVd0cH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIAKRxf8fcrRaAi7hQwHcsjxTfvw8nB2OxiOLglC2FAMKs6-1BbYTL1pTHY3-mizvaqMdFhaZy37GIHgrooLk89T115Q3Y&google_hm=Q0FFU0VHTUdXRERZSVd0cHNtejJDWWdKenow
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 09:57:18 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIAKRxf8fcrRaAi7hQwHcsjxTfvw8nB2OxiOLglC2FAMKs6-1BbYTL1pTHY3-mizvaqMdFhaZy37GIHgrooLk89T115Q3Y&google_hm=Q0FFU0VHTUdXRERZSVd0cHNtejJDWWdKenow
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame 9E51 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEJRiFKG0ou5rzJdO0Zo4WVw&google_push=AYg5qPJSjcZo-9TzglW7cULw9yoJRWPNM79oAmn0jiLwtXNrq7afpTXTR_4DJ2YUAUCNUmNh6IX0TImEs4qMvITbtCIy9gEInLfB&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=194721897&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1642499837&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837225&bpp=4&bdt=685&idt=465&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=2416&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=MOK4ELxiBJ&p=https%3A//www.farfeshplus.online&dtd=467
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:18 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 9E51 		43 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEKOKvL7KSd5SKtqHSrmkYXI&google_cver=1&google_push=AYg5qPJl51uewbjx9dAT5J57AViw3rCvCXu0lQaex7IAVeD6LDmeXKujYOdmHxBPfaqPvwJv6DIhNJajURL8T9g-yWUvrt1anfoI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=194721897&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1642499837&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837225&bpp=4&bdt=685&idt=465&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=2416&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=MOK4ELxiBJ&p=https%3A//www.farfeshplus.online&dtd=467
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:18 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
35egh5humg7c7s3v3au74jvkme7v9oo0
pixel
cm.g.doubleclick.net/ Frame 9E51
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TKQ6QbcZRXq3VR1HiADyDA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TKQ6QbcZRXq3VR1HiADyDA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLIzYyi3_TAzDox7NEiYtv25jk2v2_vYM7loFOyY5JhNUzs5s-Iif43KfzxrPxOQZ9E1H83IzvHhfIr31pzjOxhj8kJxphR
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TKQ6QbcZRXq3VR1HiADyDA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLIzYyi3_TAzDox7NEiYtv25jk2v2_vYM7loFOyY5JhNUzs5s-Iif43KfzxrPxOQZ9E1H83IzvHhfIr31pzjOxhj8kJxphR
date
Tue, 18 Jan 2022 09:57:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 9E51
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOEA0V3cFiqyV1gy2hORsjY&google_cver=1&google_push=AYg5qPJXinGZt1unjXkx7wJ9uQDv5wtUY8f8UkpYPz-Gv2WRoZiC96ZG3Bjh-h4sL1WxKWlugTX...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lKWFpVV0stTy1FTkpV&google_push=AYg5qPJXinGZt1unjXkx7wJ9uQDv5wtUY8f8UkpYPz-Gv2WRoZiC96ZG3Bjh-h4sL1WxKWlugTXnsGzRTo2iyXQ0iTVGHGT88x-0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lKWFpVV0stTy1FTkpV&google_push=AYg5qPJXinGZt1unjXkx7wJ9uQDv5wtUY8f8UkpYPz-Gv2WRoZiC96ZG3Bjh-h4sL1WxKWlugTXnsGzRTo2iyXQ0iTVGHGT88x-0
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lKWFpVV0stTy1FTkpV&google_push=AYg5qPJXinGZt1unjXkx7wJ9uQDv5wtUY8f8UkpYPz-Gv2WRoZiC96ZG3Bjh-h4sL1WxKWlugTXnsGzRTo2iyXQ0iTVGHGT88x-0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
pixel
cm.g.doubleclick.net/ Frame 9E51
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMb4L-SDRg6RMhw1cyFIVVU&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame 9E51 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L4ON347v8h5OpQ7TD2v6Nu-GLXykHK40IJYnK2Wq7NI-IYMUY5-yEHkzK9KyhbIS6SG7F7
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=194721897&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1642499837&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837225&bpp=4&bdt=685&idt=465&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=2416&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=MOK4ELxiBJ&p=https%3A//www.farfeshplus.online&dtd=467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:18 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E74D 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 17 Jan 2022 13:26:12 GMT
expires
Tue, 18 Jan 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
73866
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 5F35 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6d860e4284f8f00d3566fbc2a83a2071fd144196c8f72583389e662c101e450f

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E444 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 17 Jan 2022 14:31:40 GMT
expires
Tue, 17 Jan 2023 14:31:40 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
69939
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
img1.jpg
s0.2mdn.net/8247523/1641901381889/ Frame 0D51 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/8247523/1641901381889/img1.jpg?1641299485358
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3388934107&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837157&bpp=1&bdt=618&idt=478&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=OQC0fQNSPT&p=https%3A//www.farfeshplus.online&dtd=482
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6bd8267aa81f385d77710551f3cee1dc443d4123353c01e978788711221bddc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://s0.2mdn.net/8247523/1641901381889/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 18:50:37 GMT
x-content-type-options
nosniff
age
54402
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38935
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 11:43:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 18 Jan 2022 18:50:37 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0C38 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsskswBOfWDy0tYsblQQCNmbIlpZJVzkzdRq1vI_rfiTB1JpqIb61RHX81PYbT0Am-g-Gpy96HEEzPopOlxDU6p1d9VIwOXu65dmInG_hMMxr7Zw2Ls5UAKUVP5riW0T58D3Aby4gAlDtOA72lVkKoES-CyZN8o66Covib8QEXlQj1VXji8qM7MJKsuMQf5QMJclDxIWWcOdj6hnk9If-K-Rh-fL_vzJsw8WWwfpurGRbM-doW8K9P1pA5kbGTR5FKCbj2MFOKLamL-e0Nrgb5fD8xxmVe8kKuExm2FtA5Pmg36lOZkamSHYpXkZCCHXQc0u_IjVZpnT61ciBJaYb_EFI2wD7ChZRnMMy6QBcgs1lSpH1sckQPlBQRxNkr0dm2mFoTDmmQGJpCKMFq3xJ9P5OBxkSZBZxPDIEqTWIC0jlS0JQQJ1eM13eeXG8ZjptSnRU5YY0HRJYl8e-y7iJVpWiHX6p-lQXSWOZlEaeAi_l-C7h_uzD6FDGp0kUCA-0u_Y06aYVyZxGY7Mn872VNwVsqtM7mlUHPlRfV5YYdAgNCeQdQnNDHkQmUsyDqVr7Nt1hZ652ve4XoXwDCUeUZ3ac0FipdGz-p-cPTSFGHe-lntHyYQVmThgmeIQRcF77nIe5_xQHA-s7ErYEzGkVYwQLtqLljmRId5yStykwWNOCIy2uChvQotIZI7fEDi8mCk_3Ay8YhMqzUoTqGsWW17laB02BgIHWexuV_egwKjG-8O7GiWHm5QNboi0qNM9JHt-W6_GdCdFKz8xzdcBztQ8U4FyG_wV1cUDyokuHJvKC6G5ltVGIkNZNqTQf8otKQAjnBCYxN3HpWIrZBNMKNSOfHlYDe1fBEUjzRinpJgS8Y5a6kZVcC2-0pocbq3TD3HdX0sbj2OvHksUGh2GNFCECca92lQq5a3qhERH4BBOt9T842cXAflscnawLMMafmD09MpxesRR2347JPbrdCrpAhuVSm_tzK3u-36PLD-BBQ1nGZFQ2jIjm9JxwhC_TmUEERNZW42u3pXdwF_cDJhAz6fUr-RGxcjROodVK4qTo98Z4S0nIyahT-TuCRhbl6ZhRjQg2gVjY1mhLGq_FJNs6dAPilCGXdM3HWERvforoka3esIPsjOMsVaDhXkoRJVWX0M0wH2oP1qwQmihSriqtpwRXFO6F09N34mP9jUNisjwhBE2C0yPYpawPVT8FC-TCfMU0wVmV7yoSjQro0UXXAVXP6HGZgBge5sYnuh3j5BKM4erXQ&sai=AMfl-YRvpMMiGQYr3d4Gpz4Uqkz7OsnB64jabUQfJApi_nnqjqqfJCOBw6qJ6sLkwc9OKovCl_8J-wjrqH2O1acrqVtNUlc25qfoD_cTZvRoC3PJi7Z2m8333Cq_ijXRSSiQpmktAAZPY0TMuh4C4G0RV7UmZI8BxA&sig=Cg0ArKJSzKXHE8Vfe89nEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1685&vt=11&dtpt=1076&dett=3&cstd=606&cisv=r20220112.86796&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 18 Jan 2022 09:57:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame B159 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c292d53af686283619f5e0a2397f38b21bc9991460bf0ef77dbed460fed14b70

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
sca.17.5.12.js
static.adsafeprotected.com/ Frame 6776 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=2889027078&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837175&bpp=1&bdt=636&idt=488&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1482&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=QKk4MsTAEe&p=https%3A//www.farfeshplus.online&dtd=490
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 10:01:19 GMT
content-encoding
gzip
age
4751761
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
DUS51-P1
content-type
application/javascript
x-amz-cf-id
26imp540FbIiMqe0yeY67IzVwrwVCxNUhnAvqPjjQlr2oybtYMSv2A==
mon
pixel.adsafeprotected.com/ Frame FBA2 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=925113&advId=818662947&campId=15562801328&pubId=1&placementId=396633038&adsafe_par&bundleId=&dealId=&bidurl=https://www.farfeshplus.online/FP45.asp&adsafe_url=https%3A%2F%2Fwww.farfeshplus.online%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6266313190087173%26output%3Dhtml%26h%3D90%26slotname%3D5788561387%26adk%3D2966895748%26adf%3D2889027078%26pi%3Dt.ma~as.5788561387%26w%3D728%26lmt%3D1642499837%26psa%3D0%26format%3D728x90%26url%3Dhttps%253A%252F%252Fwww.farfeshplus.online%252FFP45.asp%26flash%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%26dt%3D1642499837175%26bpp%3D1%26bdt%3D636%26idt%3D488%26shv%3Dr20220112%26mjsv%3Dm202201100101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C300x250%252C120x600%252C300x250%252C120x600%252C160x600%252C300x600%252C760x280%252C728x90%26nras%3D1%26correlator%3D3444761792216%26frm%3D20%26pv%3D1%26ga_vid%3D321309147.1642499837%26ga_sid%3D1642499837%26ga_hid%3D2103662247%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D436%26ady%3D1482%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44753740%252C31064017%252C31064124%26oid%3D2%26pvsid%3D1708355280932279%26pem%3D806%26tmod%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D8%26uci%3Da!8%26btvi%3D3%26fsb%3D1%26xpc%3DQKk4MsTAEe%26p%3Dhttps%253A%2F%2Fwww.farfeshplus.online%26dtd%3D490&adsafe_type=d&adsafe_jsinfo=,id:53543019-a909-13b6-d172-c01f8fb4bbdc,c:1DPjEJ,sl:outOfView,em:true,fr:false,thd:1,mn:app20ie,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:873,fm:sURrWcy+11%7C12%7C131%7C132%7C14%7C151%7C16%7C17%7C18%7C191%7C192%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c*.925113%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1e11%7C1e12%7C1e13%7C1f11%7C1g1%7C1h11%7C1i11%7C1i12%7C1i13%7C1j1%7C1j2%7C1j3%7C1k1%7C1k2%7C1k3%7C1k4%7C1l%7C1m,idMap:1c*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:887,oid:04f7604a-7845-11ec-bf54-02467abe7cd0,v:19.8.280,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=2889027078&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837175&bpp=1&bdt=636&idt=488&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1482&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=QKk4MsTAEe&p=https%3A//www.farfeshplus.online&dtd=490
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.91.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-91-250.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
x-server-name
app24.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame B159 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 09:49:59 GMT
x-content-type-options
nosniff
age
518840
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20900
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 22:53:16 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 12 Jan 2023 09:49:59 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 95B6 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9080513/1640100692999/DISP_160x600_ACQ_na_AQ_Multicard_2021.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://s0.2mdn.net/9080513/1640100692999/DISP_160x600_ACQ_na_AQ_Multicard_2021.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 18 Jan 2022 09:57:19 GMT
DISP_160x600_ACQ_na_AQ_Multicard_2021.js
s0.2mdn.net/9080513/1640100692999/ Frame 95B6 		125 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9080513/1640100692999/DISP_160x600_ACQ_na_AQ_Multicard_2021.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9080513/1640100692999/DISP_160x600_ACQ_na_AQ_Multicard_2021.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5e241c05ef97504f1e6d36729038b053b55e3ff79306ad72d9e65cfa9e25082
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://s0.2mdn.net/9080513/1640100692999/DISP_160x600_ACQ_na_AQ_Multicard_2021.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 08:07:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6601
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17473
x-xss-protection
0
last-modified
Tue, 21 Dec 2021 15:31:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 19 Jan 2022 08:07:18 GMT
dpixel
cms.quantserve.com/ Frame 4830 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECy_OXOFT914ei5ZX8sM9uk&google_cver=1&google_push=AYg5qPL2PZoLSln75aIyJYAzt6EF0RFkJYd4XhDzSCHx2Ta_HSzCdPTJ461dAuBXEycedFSkaQJ8mnLf-0D8hK6zv4Gh47qolkfS
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=2889027078&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837175&bpp=1&bdt=636&idt=488&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1482&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=QKk4MsTAEe&p=https%3A//www.farfeshplus.online&dtd=490
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:3175:5196:e3fd:8c1d , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4830
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEF04IK3CDrKmUI72RrHj6i0&google_cver=1&google_push=AYg5qPIycBGmrHK6XjlHmmN8dkjhrVaoXkdQMjBajjn63Lk9QPk76nOWO7AEnZz81t4YFWeZcIBpi-UQqIN9_fKxzPLvPrhA8Zez
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIycBGmrHK6XjlHmmN8dkjhrVaoXkdQMjBajjn63Lk9QPk76nOWO7AEnZz81t4YFWeZcIBpi-UQqIN9_fKxzPLvPrhA8Zez&google_hm=Q0FFU0VGMDRJSzNDRHJLb...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIycBGmrHK6XjlHmmN8dkjhrVaoXkdQMjBajjn63Lk9QPk76nOWO7AEnZz81t4YFWeZcIBpi-UQqIN9_fKxzPLvPrhA8Zez&google_hm=Q0FFU0VGMDRJSzNDRHJLbVVJNzJSckhqNmkw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=2889027078&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837175&bpp=1&bdt=636&idt=488&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1482&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=QKk4MsTAEe&p=https%3A//www.farfeshplus.online&dtd=490
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 09:57:18 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIycBGmrHK6XjlHmmN8dkjhrVaoXkdQMjBajjn63Lk9QPk76nOWO7AEnZz81t4YFWeZcIBpi-UQqIN9_fKxzPLvPrhA8Zez&google_hm=Q0FFU0VGMDRJSzNDRHJLbVVJNzJSckhqNmkw
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 4830 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEFEzmGSYxdMck9kC7HKdDJw&google_cver=1&google_push=AYg5qPLJTuDl_VWHQxBO2Exv1TklRyB4nlAND6OR2JlMwOi5Xe7ACfr-BuaC0q_yr8I08kMyrrd4ejp4WJgDR3hdC8Su5psUnBo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=2889027078&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837175&bpp=1&bdt=636&idt=488&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1482&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=QKk4MsTAEe&p=https%3A//www.farfeshplus.online&dtd=490
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:18 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
3cdsse1qj53epgcbnnurpgi3up6di206
pixel
cm.g.doubleclick.net/ Frame 4830
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TKQ6QbcZRXq3VR1HiADyDA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TKQ6QbcZRXq3VR1HiADyDA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJue-T27qt9z43oQcx04WgI8ZWlUcTsS4aNHsdhgwAFEW7JxLWIuvyNomDcLv0xW3dWoV-tGDv7CY3T0EZ7SDVzLjGuczQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=2889027078&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837175&bpp=1&bdt=636&idt=488&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1482&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=QKk4MsTAEe&p=https%3A//www.farfeshplus.online&dtd=490
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TKQ6QbcZRXq3VR1HiADyDA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJue-T27qt9z43oQcx04WgI8ZWlUcTsS4aNHsdhgwAFEW7JxLWIuvyNomDcLv0xW3dWoV-tGDv7CY3T0EZ7SDVzLjGuczQ
date
Tue, 18 Jan 2022 09:57:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 4830
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBS2DJUlXnDrrbAAtsRlCn8&google_cver=1&google_push=AYg5qPI4fiGN1KTm13N4JvCsbUYkl-uz2dSiIepsmjGmaUtguKGV_3_a5gh1EPNwmE2UxMonI6a...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lKWFpWMjYtVi03SDVM&google_push=AYg5qPI4fiGN1KTm13N4JvCsbUYkl-uz2dSiIepsmjGmaUtguKGV_3_a5gh1EPNwmE2UxMonI6acDUgPD-S9HQPJmxg4UzZ22vw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lKWFpWMjYtVi03SDVM&google_push=AYg5qPI4fiGN1KTm13N4JvCsbUYkl-uz2dSiIepsmjGmaUtguKGV_3_a5gh1EPNwmE2UxMonI6acDUgPD-S9HQPJmxg4UzZ22vw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=2889027078&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837175&bpp=1&bdt=636&idt=488&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1482&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=QKk4MsTAEe&p=https%3A//www.farfeshplus.online&dtd=490
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lKWFpWMjYtVi03SDVM&google_push=AYg5qPI4fiGN1KTm13N4JvCsbUYkl-uz2dSiIepsmjGmaUtguKGV_3_a5gh1EPNwmE2UxMonI6acDUgPD-S9HQPJmxg4UzZ22vw
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
pixel
cm.g.doubleclick.net/ Frame 4830
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDKDrsbuClS9rb1mUetD314&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ2...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ2...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ2...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ2...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ2...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ2...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ2...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ2...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ2...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ2...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ2...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ2...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ2...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ2...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ2...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ2...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ2...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ2...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ2...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ2...
0
0
pixel
cm.g.doubleclick.net/ Frame 4830
Redirect Chain
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEAIJRYzqh6H9ko34NgbrPvM&google_cver=1&google_push=AYg5qPIfisGlhmFw66ii80EY...
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPIfisGlhmFw66ii80EYtFDJduZAbGyZd2AxL3hxqwZLKfgsxhrV_W2CY_OkUbsogsQookflzRFtN-au_uD60QbTc49MJw2NhQ&google_hm=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPIfisGlhmFw66ii80EYtFDJduZAbGyZd2AxL3hxqwZLKfgsxhrV_W2CY_OkUbsogsQookflzRFtN-au_uD60QbTc49MJw2NhQ&google_hm=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=2889027078&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837175&bpp=1&bdt=636&idt=488&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1482&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=QKk4MsTAEe&p=https%3A//www.farfeshplus.online&dtd=490
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPIfisGlhmFw66ii80EYtFDJduZAbGyZd2AxL3hxqwZLKfgsxhrV_W2CY_OkUbsogsQookflzRFtN-au_uD60QbTc49MJw2NhQ&google_hm=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Mon, 17 Jan 2022 09:57:19 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 4830 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KjLO_3KUGhlvIt6iRcFsrsmtk_Tp3DidnAcJHTHzfMfb_0d_Pc_aRRhop0pQ1O4uMkcrY0GA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=2889027078&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837175&bpp=1&bdt=636&idt=488&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1482&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=QKk4MsTAEe&p=https%3A//www.farfeshplus.online&dtd=490
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:19 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
pagead2.googlesyndication.com/bg/ Frame E375 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=194721897&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1642499837&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837225&bpp=4&bdt=685&idt=465&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=2416&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=MOK4ELxiBJ&p=https%3A//www.farfeshplus.online&dtd=467
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb5358c6c980f19540bb6b15ccf641878aa3d8530e3e225df2e59eab005c3dd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:52:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
32717
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13653
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Jan 2023 00:52:02 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame AB58 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 17 Jan 2022 14:31:40 GMT
expires
Tue, 17 Jan 2023 14:31:40 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
69939
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
activeview
pagead2.googlesyndication.com/pcs/ Frame 2975 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv89lEog-Jg__9glb8QI6bxRjlk9URT8gQc8ZGeiPFGdj1V-3vDu2BYyvSSZNE3LROWGUp6qQ7kcflHinyuY4LYJfMiHiYjwYjypaDSWwJMMmBrqHMWUg&sai=AMfl-YTL-0kXHyyRUr5YlxCNzpDriJUonAEq5PbIYGIane1C8AkT-wh8y33HVZxJEy1QgBBL2A1wfSsxSUaI_1TAS6veWb_zjgTC8C0&sig=Cg0ArKJSzPHxDYOFuwM2EAE&cid=CAASF-Ro5zFrXfOrEKCB6yB5I4ePnB2KPfGK&id=lidar2&mcvt=1254&p=0,0,280,760&mtos=1254,1254,1254,1254,1254&tos=1254,0,0,0,0&v=20220112&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=21&adk=1067503192&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1642499837616&rpt=1475&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8A8C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 17 Jan 2022 14:31:40 GMT
expires
Tue, 17 Jan 2023 14:31:40 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
69939
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dt
dt.adsafeprotected.com/ Frame FBA2 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=53543019-a909-13b6-d172-c01f8fb4bbdc&tv=%7Bc:1DPjI4,pingTime:-3,time:1094,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:887%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1094,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:887,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B220~0%5D,as:%5B220~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:sURrWcy+11%7C12%7C131%7C132%7C14%7C151%7C16%7C17%7C18%7C191%7C192%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c*.925113%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1e11%7C1e12%7C1e13%7C1f11%7C1g1%7C1h11%7C1i11%7C1i12%7C1i13%7C1j1%7C1j2%7C1j3%7C1k1%7C1k2%7C1k3%7C1k4%7C1l%7C1m,idMap:1c*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=2889027078&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837175&bpp=1&bdt=636&idt=488&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1482&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=QKk4MsTAEe&p=https%3A//www.farfeshplus.online&dtd=490
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.27.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-27-110.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame FBA2 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=53543019-a909-13b6-d172-c01f8fb4bbdc&tv=%7Bc:1DPjI5,pingTime:-6,time:1095,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1095,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:887,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B221~0%5D,as:%5B221~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:sURrWcy+11%7C12%7C131%7C132%7C14%7C151%7C16%7C17%7C18%7C191%7C192%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c*.925113%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1e11%7C1e12%7C1e13%7C1f11%7C1g1%7C1h11%7C1i11%7C1i12%7C1i13%7C1j1%7C1j2%7C1j3%7C1k1%7C1k2%7C1k3%7C1k4%7C1l%7C1m,idMap:1c*,rmeas:1,rend:0,renddet:na%7D&tpiLookup=ao:www.farfeshplus.online*&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=2889027078&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837175&bpp=1&bdt=636&idt=488&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1482&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=QKk4MsTAEe&p=https%3A//www.farfeshplus.online&dtd=490
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.27.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-27-110.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.215/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 5F35 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.215/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8f19d8e2c2eec8941e3fb606ef52ad505d1de3b9681dd9c2ddc3d73abf4ef1b5

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:19 GMT
content-encoding
gzip
last-modified
Wed, 05 Jan 2022 15:01:11 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 19 Jan 2022 13:23:24 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame FBA2 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu1kVqhwWxXamwTQV9LrKne1rRTe1QuE14SKDLO_KaWDg2C6DDNZHjuZoXOop_8afak4t8VWqAsHOPGvOuL2iD5ZyvZTCVpU2FgqBqcbXZYp0C966d_AVxW5tCyuckoriXmSggXUqq2QF7HTb23F9PFSEvz3i4MNm-Hlwf79q58qceZB5FrnSu_f6HwUSoE3ZUsUa8bct84Hz9PAF05dVm7xGqUvjymLBu-CZOIhuqbSe0_SalgFXljI1PKFWeQL2GWKS_CKayoMe4V6gQ2sGbzTeQYlLxvmEA_zTvnn4gAt2cxtGYl8mbLNE8yzrQijZko74yd8SPhPZks-xlUKH7W2ZVr-R0rUNBVbCVPMoH0XlZDT0Iqf06MXnF-pplk1SWj5IFGEpMCkA7Xnc2nUF-kgJU4V7q1q0tjuRE8q-RLrDJcNWZyXaV8Y0b0tUriFdDVhK6jR0TaGSLFhXThkXyTSz5Mg3A4MZNNevhHXw1RELT8vaK8OM0i9GhHIY04sihw9TDeQELs1Jz7OKppyClHPMinrsDsg_grtcJJxXFiVZslNfbWXaTUP6gbwURrARMSmlK4GSs75B4Bu_fhYcWsd1Qk2MHhhch9Os2IpgRFJEC0dOj82RA9Tf_htbQp0ftSfx5QFkFbndqmeKM-MTD6hzLCLUaNdRgIuzcgQW4gPpEenkrKFEqnIRwKjbsSUmLfY4IU2Kh_2Oeo163m6dmT9s7OhAfQFNLdDLlilRCFOsIo9NxCSyEDjuckPn7aRk3UouD-wo93UUz8Ea9oJwo06hb8KaPS342omifkBrPpBF6dHJB7sDoaGpYJNF7GmA8IOJaKkFVWJUb9iJOWWQBy8wMBO5hc1Km8WMKn0IwUYs1rd7MYBFgX-sfQ9fy9sG0xpdF0vXovq8vStSWqQ7j3CgLCg695BnQkA7gMmIuUG1z36qYVbRRGc9VbHGA4tUwpqOCcmdSQkIv6YQWADUOLmOorUWhRBmETlhkd9Z4hMTcDKVVV7zrtwzPrrV5wjFMnCgQ3nGyUEemCXNZBOzEb8LEyKClN5q9X8Infacx2Kr6Gl80FcgNtQ983kEWTLuCEfgraPU9mrQAb_B0FI4_CyolyoeXaQ917hLlOIVWHXkSZOklamzPQ_PDT1HwbsE0qq7ySOEHviMCxhDSOh567a_qVoL0_auGHyfgEU-Jvboivw4_Jn_BH8wzVbExvjA0kVqBkEMPsoPcbZ-XPWwML-UUanyAfliys5y_sJOVpXf13yBnVTLo2z50aoiw5lxZcZ3IKSvhI3yb0Z3dGEKPTTiNX&sai=AMfl-YQCZGJjxp_kxq1-vyToNUnCrYImrAFYe-s9DvuNOwKGQHATrqd2BPRbcHjNgwwX0Bfp20W5_OpCMD_pwBWpiJZHQ73OunARvEVp33rgUURseLAIN9JccUJ6JiIhIFCmygVxtYzIYFaG2sxyPgG95rB6XGG9pA&sig=Cg0ArKJSzJj7U9OTJajSEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1919&vt=11&dtpt=1306&dett=3&cstd=605&cisv=r20220112.93337&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 18 Jan 2022 09:57:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
img2.jpg
s0.2mdn.net/8247523/1641901381889/ Frame 0D51 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/8247523/1641901381889/img2.jpg?1641299485358
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=3388934107&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837157&bpp=1&bdt=618&idt=478&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=OQC0fQNSPT&p=https%3A//www.farfeshplus.online&dtd=482
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e4f18dd88edfd7bc0c5f57778cffec1c70edf8c67976cb9ad0c0f66119d87cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://s0.2mdn.net/8247523/1641901381889/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 18:50:42 GMT
x-content-type-options
nosniff
age
54397
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26694
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 11:43:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 18 Jan 2022 18:50:42 GMT
dt
dt.adsafeprotected.com/ Frame FBA2 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=53543019-a909-13b6-d172-c01f8fb4bbdc&tv=%7Bc:1DPjJM,pingTime:-2,time:1200,type:a,im:%7Bsf:0,pci:%7Btdr:255%7D,pom:1,prf:%7BbeA:1672,beZ:1674,mfA:2545,cmA:2546,inA:2546,inZ:2547,prA:2547,prZ:2556,si:2559,poA:2559,poZ:2567,cmZ:2567,mfZ:2567,loA:2766,loZ:2768,ltA:2872,ltZ:2872,idA:2568,idZ:2617%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:887%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1200,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:887,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B326~0%5D,as:%5B326~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:sURrW8d+11%7C12%7C131%7C132%7C14%7C151%7C16%7C17%7C18%7C191%7C192%7C1a1%7C1a2%7C1a3%7C1b.919015-59742583%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c*.925113%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1e11%7C1e12%7C1e13%7C1f11%7C1g1%7C1h11%7C1i11%7C1i12%7C1i13%7C1j1%7C1j2%7C1j3%7C1k.913323-59535428%7C1k1%7C1k2%7C1k3%7C1k4%7C1l%7C1m,idMap:1c*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,sinceFw:312,readyFired:true%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6266313190087173&output=html&h=90&slotname=5788561387&adk=2966895748&adf=2889027078&pi=t.ma~as.5788561387&w=728&lmt=1642499837&psa=0&format=728x90&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837175&bpp=1&bdt=636&idt=488&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1482&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=QKk4MsTAEe&p=https%3A//www.farfeshplus.online&dtd=490
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.27.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-27-110.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 4E33 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=913323&asId=ed04b975-1387-be09-c711-eea4dfa77ae9&tv=%7Bc:1DPjK3,pingTime:-10,time:1111,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ny4wLjQ2OTIuNzEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1642499840554%7C%7C92487a8c2ba98ccc5829a419bac3b0bb%7C%7C8866308252d63f9bf74b74e606896148%7C%7Cea36767fb15989856dae6c8b0852999b%7C%7C9e03e36e9db26170f8a2c9332c022613%7C%7Cb9f35a6123c654a2fdf6771b02acd49a%7C%7Cc51f12ba64ae908d5d20fb25a833dcb5%7C%7Ce27ad9732738840bdb82d016b9309050%7C%7C1629390669,im:%7Bimprf:%7Bttecl:1114,ecd:34,tsecr:467%7D%7D%7D
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.27.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-27-110.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sodar
pagead2.googlesyndication.com/getconfig/ Frame B183 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/it_IT_polite.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d2296921744bce34e43e8755508824d0aa2a3962b560df75d92368181707300d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 Jan 2022 09:57:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4411
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 4556
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHY7Q-eGeheyTJMz2geYsCA&google_cver=1&google_push=AYg5qPLZ4LE12N7YTLK-rlDfWiNc0os6hIIslw6lnklrWRDRmGWBgywBq_...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLZ4LE12N7YTLK-rlDfWiNc0os6hIIslw6lnklrWRDRmGWBgywBq_9_moOf68G2PQmwaonlLFhc8HqoBwQuoF2PSFWWNo60vw&google_hm=vz0N...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLZ4LE12N7YTLK-rlDfWiNc0os6hIIslw6lnklrWRDRmGWBgywBq_9_moOf68G2PQmwaonlLFhc8HqoBwQuoF2PSFWWNo60vw&google_hm=vz0NOQkH9cOOtIwTvAWwRA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=280&slotname=9134183485&adk=3378407940&adf=4248194979&pi=t.ma~as.9134183485&w=336&lmt=1642499837&psa=0&format=336x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837268&bpp=5&bdt=728&idt=432&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90%2C728x90%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=3181&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=5&fsb=1&xpc=UYbEHJCse8&p=https%3A//www.farfeshplus.online&dtd=434
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLZ4LE12N7YTLK-rlDfWiNc0os6hIIslw6lnklrWRDRmGWBgywBq_9_moOf68G2PQmwaonlLFhc8HqoBwQuoF2PSFWWNo60vw&google_hm=vz0NOQkH9cOOtIwTvAWwRA
pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4556
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIfB2zMb0NLLegX1o2nAKgL9fexNtByU-oN_uC...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWVhTy13QUFCUlozb1Q3VQ&google_push=AYg5qPIfB2zMb0NLLegX1o2nAKgL9fexNtByU-oN_uCaKea4qNJrhDeDBpZhH8kjIk4SDKjVvm-ZM6ZIDmuHigizywoUuBIUMI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWVhTy13QUFCUlozb1Q3VQ&google_push=AYg5qPIfB2zMb0NLLegX1o2nAKgL9fexNtByU-oN_uCaKea4qNJrhDeDBpZhH8kjIk4SDKjVvm-ZM6ZIDmuHigizywoUuBIUMIetmw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=280&slotname=9134183485&adk=3378407940&adf=4248194979&pi=t.ma~as.9134183485&w=336&lmt=1642499837&psa=0&format=336x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837268&bpp=5&bdt=728&idt=432&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90%2C728x90%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=3181&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=5&fsb=1&xpc=UYbEHJCse8&p=https%3A//www.farfeshplus.online&dtd=434
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWVhTy13QUFCUlozb1Q3VQ&google_push=AYg5qPIfB2zMb0NLLegX1o2nAKgL9fexNtByU-oN_uCaKea4qNJrhDeDBpZhH8kjIk4SDKjVvm-ZM6ZIDmuHigizywoUuBIUMIetmw
Date
Tue, 18 Jan 2022 09:57:19 GMT
Server
Apache
Connection
keep-alive
Content-Length
393
Content-Type
text/html; charset=iso-8859-1
dds
rtb.openx.net/sync/ Frame 4556 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEMEGsI6TPYCCY5Q9Doda3_8&google_cver=1&google_push=AYg5qPIiIp8c32_gCu6NroEWMmsUVfb2c9tQzYxs7sTSyt4bBc00WJTuyUa-ZPsuhPBXmLDIxeAbhfD_F2eiU_BSKWD-q2hy1yaZ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=280&slotname=9134183485&adk=3378407940&adf=4248194979&pi=t.ma~as.9134183485&w=336&lmt=1642499837&psa=0&format=336x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837268&bpp=5&bdt=728&idt=432&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90%2C728x90%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=3181&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=5&fsb=1&xpc=UYbEHJCse8&p=https%3A//www.farfeshplus.online&dtd=434
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:18 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
mmf3qo3agh4d09gae0cuj3sdsk7kklgn
pixel
cm.g.doubleclick.net/ Frame 4556
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TKQ6QbcZRXq3VR1HiADyDA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TKQ6QbcZRXq3VR1HiADyDA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJOjulOFyT_aRXdVzsPjpePjtdx6i4vQzTb7jkTES98M30rgwkljAguXjzs9SZwv8N6FreEkf-NRoRj6EpUFdQB-oDwi7OyjA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=280&slotname=9134183485&adk=3378407940&adf=4248194979&pi=t.ma~as.9134183485&w=336&lmt=1642499837&psa=0&format=336x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837268&bpp=5&bdt=728&idt=432&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90%2C728x90%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=3181&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=5&fsb=1&xpc=UYbEHJCse8&p=https%3A//www.farfeshplus.online&dtd=434
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TKQ6QbcZRXq3VR1HiADyDA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJOjulOFyT_aRXdVzsPjpePjtdx6i4vQzTb7jkTES98M30rgwkljAguXjzs9SZwv8N6FreEkf-NRoRj6EpUFdQB-oDwi7OyjA
date
Tue, 18 Jan 2022 09:57:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 4556
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA7hHeEAlxdgZ-umOkYiQrA&google_cver=1&google_push=AYg5qPIX3c0f_6-Cm1wKdJBG9Kd5rapTPDYLRMPhnaFzPpqAJwMGpYtcAq7uuGPPtf5pAv5Nqj2...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lKWFpWOUwtMTctNzA5Ng==&google_push=AYg5qPIX3c0f_6-Cm1wKdJBG9Kd5rapTPDYLRMPhnaFzPpqAJwMGpYtcAq7uuGPPtf5pAv5Nqj2_n3duyL39X-jFGLK-4dZqLZpL4A
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lKWFpWOUwtMTctNzA5Ng==&google_push=AYg5qPIX3c0f_6-Cm1wKdJBG9Kd5rapTPDYLRMPhnaFzPpqAJwMGpYtcAq7uuGPPtf5pAv5Nqj2_n3duyL39X-jFGLK-4dZqLZpL4A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=280&slotname=9134183485&adk=3378407940&adf=4248194979&pi=t.ma~as.9134183485&w=336&lmt=1642499837&psa=0&format=336x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837268&bpp=5&bdt=728&idt=432&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90%2C728x90%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=3181&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=5&fsb=1&xpc=UYbEHJCse8&p=https%3A//www.farfeshplus.online&dtd=434
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lKWFpWOUwtMTctNzA5Ng==&google_push=AYg5qPIX3c0f_6-Cm1wKdJBG9Kd5rapTPDYLRMPhnaFzPpqAJwMGpYtcAq7uuGPPtf5pAv5Nqj2_n3duyL39X-jFGLK-4dZqLZpL4A
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
pixel
cm.g.doubleclick.net/ Frame 4556
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq...
0
0
trk
ag.innovid.com/ Frame 4556 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEP4bpBmCQLQ5yF9Cf4IrMGc&google_cver=1&google_push=AYg5qPJ7drmz8LZ5odwyNN8f_HWj7rwMpzuM9myd2xSaFtimLgFTiW1XXtzmr0NKNDMe2X3dr2aSQLVlLc4NW0k0Kufgm4tzovWelA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=280&slotname=9134183485&adk=3378407940&adf=4248194979&pi=t.ma~as.9134183485&w=336&lmt=1642499837&psa=0&format=336x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837268&bpp=5&bdt=728&idt=432&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90%2C728x90%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=3181&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=5&fsb=1&xpc=UYbEHJCse8&p=https%3A//www.farfeshplus.online&dtd=434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8102:6f46:d53f:d0c7:668b London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 4556 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IqC16A36kaqHF036AmA7S3KEj3PntMIxw25BO16vrvC1JsNcIYUNGCJf4xj25XLNzC2Zwm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1231661633440980&output=html&h=280&slotname=9134183485&adk=3378407940&adf=4248194979&pi=t.ma~as.9134183485&w=336&lmt=1642499837&psa=0&format=336x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837268&bpp=5&bdt=728&idt=432&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600%2C760x280%2C728x90%2C728x90%2C760x280&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=551&ady=3181&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=10&uci=a!a&btvi=5&fsb=1&xpc=UYbEHJCse8&p=https%3A//www.farfeshplus.online&dtd=434
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:19 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
pagead2.googlesyndication.com/bg/ Frame 3B5E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb5358c6c980f19540bb6b15ccf641878aa3d8530e3e225df2e59eab005c3dd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:52:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
32717
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13653
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Jan 2023 00:52:02 GMT
pixel
cm.g.doubleclick.net/ Frame 77AB
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEKCyVs2VfyLnNvzQnngbAEc&google_cver=1&google_push=AYg5qPLFi6aNTtqBytXSto-mrWg3X3yTRrBOiplgaxhqgsXUKmCTVAIuzdGFsn3PMnMQQ01xseuc2WnOSXIxfQzyqumfHjUSQsx1tA
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FD9A76CC83284410BC4C128ABD676C35&google_push=AYg5qPLFi6aNTtqBytXSto-mrWg3X3yTRrBOiplgaxhqgsXUKmCTVAIuzdGFsn3PMnMQQ01xseuc2WnOSXIxfQz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FD9A76CC83284410BC4C128ABD676C35&google_push=AYg5qPLFi6aNTtqBytXSto-mrWg3X3yTRrBOiplgaxhqgsXUKmCTVAIuzdGFsn3PMnMQQ01xseuc2WnOSXIxfQzyqumfHjUSQsx1tA
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 18 Jan 2022 09:57:19 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FD9A76CC83284410BC4C128ABD676C35&google_push=AYg5qPLFi6aNTtqBytXSto-mrWg3X3yTRrBOiplgaxhqgsXUKmCTVAIuzdGFsn3PMnMQQ01xseuc2WnOSXIxfQzyqumfHjUSQsx1tA
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Mon, 17 Jan 2022 09:57:19 GMT
pixel
cm.g.doubleclick.net/ Frame 77AB
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEPac-oTqOA9OWjDpXlcKlbU&google_cver=1&google_push=AYg5qPKdrUB_COMsV4btMWMjykM3bs9kZTpANbkD7ZIOJ_i7fAPnq4hwyE9ymta6373VwXsCbX-dV0HzLjw...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPKdrUB_COMsV4btMWMjykM3bs9kZTpANbkD7ZIOJ_i7fAPnq4hwyE9ymta6373VwXsCbX-dV0HzLjwaFfabSJCf4kGPFVpNvQ&google_hm=F3z88ayDRO6CNP3tVM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPKdrUB_COMsV4btMWMjykM3bs9kZTpANbkD7ZIOJ_i7fAPnq4hwyE9ymta6373VwXsCbX-dV0HzLjwaFfabSJCf4kGPFVpNvQ&google_hm=F3z88ayDRO6CNP3tVMos9tk
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:18 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPKdrUB_COMsV4btMWMjykM3bs9kZTpANbkD7ZIOJ_i7fAPnq4hwyE9ymta6373VwXsCbX-dV0HzLjwaFfabSJCf4kGPFVpNvQ&google_hm=F3z88ayDRO6CNP3tVMos9tk
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 77AB 		0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEOlIXbhgobOluUPu6W2r144&google_cver=1&google_push=AYg5qPKKfQAzWEi-tvlVzw0mRNMvXARb1EGeClY-X6VuY6zpwOnkZOzOeFM24CDJY6OgJYNbrMdjbmUGwWM8k-SoBG4kDxmvRodcJg
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:19 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 77AB
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEN2nSgxuR1l_NOuj4JGpSAs&google_cver=1&google_push=AYg5qPLn5mI3VSWk6Iel_JAawQaSYUjV4smeXTa7C4YnPAOaEKX5HRZwZo5DDy0zSX6BNYzFNWzSCK2zeIaFln7DUdGId29Kuvx-
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OTgwREVGNzVDRkM5N0UzMw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OTgwREVGNzVDRkM5N0UzMw==
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OTgwREVGNzVDRkM5N0UzMw==
date
Tue, 18 Jan 2022 09:57:19 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
dds
rtb.openx.net/sync/ Frame 77AB 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEGnlOvjvICXabC96-DQ_vXg&google_cver=1&google_push=AYg5qPKCU6AnWCY07mX8M2_QermI3yQ9hqd-R5Wsn7bVKg23lQZ4nGP1RoDJ0MZZJzg5q32zZKTOUxrDPOXxWqXaHLyqeVUYYOfw
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
rtlics1c7pomfl31p5rbc6f1270au86e
pixel
cm.g.doubleclick.net/ Frame 77AB
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELdTBbwprFf9WRGIFkCRo58&google_cver=1&google_push=AYg5qPK7D72UNreNMAQV4S6V8rRPuuy8myfHrMk08FYBYwU343VsW7Wvp8_pE2AZkXeiUS5YUpquvJTIajFJI8IL0LRe_-EQyy...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPK7D72UNreNMAQV4S6V8rRPuuy8myfHrMk08FYBYwU343VsW7Wvp8_pE2AZkXeiUS5YUpquvJTIajFJI8IL0LRe_-EQyyQTcQ&go...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM3ODg1Njg0ODMzMDcxMjcwNjA%3D&google_push=AYg5qPK7D72UNreNMAQV4S6V8rRPuuy8myfHrMk08FYBYwU343VsW7Wvp8_pE2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM3ODg1Njg0ODMzMDcxMjcwNjA%3D&google_push=AYg5qPK7D72UNreNMAQV4S6V8rRPuuy8myfHrMk08FYBYwU343VsW7Wvp8_pE2AZkXeiUS5YUpquvJTIajFJI8IL0LRe_-EQyyQTcQ
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM3ODg1Njg0ODMzMDcxMjcwNjA%3D&google_push=AYg5qPK7D72UNreNMAQV4S6V8rRPuuy8myfHrMk08FYBYwU343VsW7Wvp8_pE2AZkXeiUS5YUpquvJTIajFJI8IL0LRe_-EQyyQTcQ
date
Tue, 18 Jan 2022 09:57:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ssbsync.smartadserver.com/api/ Frame 77AB 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEC1ExCv1nNJzipqjV6UQ1QU&google_cver=1&google_push=AYg5qPJJ3FQd9qzrM98GWS683jTmtMRAshsnQMGe7LV37yZiCkozXN9JjYkIda_jkCWGmmt3Kkfm85f5gDoeNraKzkMVD-9j2TIz
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:19 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 77AB 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IhuQJk54Riy3F09MAPMcWFlNyAQet2w-Dm9oYnMEHTS5q0zctlGpWteQPEPGOe4o_xHk3N
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:19 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 4D2D
Redirect Chain
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESEEi1DZAa0JZSaVbsGOSYk48&google_cver=1&google_push=AYg5qPIo2Yo9UP6iqR55R78JMSZ7TW4T76CKLAQzJXvWNP5YO8Yh5l7enBV8KaUkc_MrNY54qXWsT36Xya0kDJge6262hADtK6gT
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESEEi1DZAa0JZSaVbsGOSYk48&google_cver=1&google_push=AYg5qPIo2Yo9UP6iqR55R78JMSZ7TW4T76CKLAQzJXvWNP5YO8Yh5l7enBV8KaUkc_MrNY54qXWsT36Xya0kDJge6262hADtK6gT&...
  • https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPIo2Yo9UP6iqR55R78JMSZ7TW4T76CKLAQzJXvWNP5YO8Yh5l7enBV8KaUkc_MrNY54qXWsT36Xya0kDJge6262hADtK6gT&google_hm=ipZ1FWbN950AAikABlF-bJ6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPIo2Yo9UP6iqR55R78JMSZ7TW4T76CKLAQzJXvWNP5YO8Yh5l7enBV8KaUkc_MrNY54qXWsT36Xya0kDJge6262hADtK6gT&google_hm=ipZ1FWbN950AAikABlF-bJ6XiA%3D%3D
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f3-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPIo2Yo9UP6iqR55R78JMSZ7TW4T76CKLAQzJXvWNP5YO8Yh5l7enBV8KaUkc_MrNY54qXWsT36Xya0kDJge6262hADtK6gT&google_hm=ipZ1FWbN950AAikABlF-bJ6XiA%3D%3D
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4D2D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDnVHg04u2Eih7tfARpDVeY&google_cver=1&google_push=AYg5qPK3wowc710JFd6UxaBcjnDCW_9-VPP9-csZeknDKWA1AGjgLqzJsoENOmfmkyFo5ZF0hALp9nHmlthDHs0wd0Ie...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDnVHg04u2Eih7tfARpDVeY&google_cver=1&google_push=AYg5qPK3wowc710JFd6UxaBcjnDCW_9-VPP9-csZeknDKWA1AGjgLqzJsoENOmfmkyFo5ZF0hALp9nHmlthDHs...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPK3wowc710JFd6UxaBcjnDCW_9-VPP9-csZeknDKWA1AGjgLqzJsoENOmfmkyFo5ZF0hALp9nHmlthDHs0wd0IejSzBeBN8&google_hm=266Q4sywQayXHbL154Cn0w==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPK3wowc710JFd6UxaBcjnDCW_9-VPP9-csZeknDKWA1AGjgLqzJsoENOmfmkyFo5ZF0hALp9nHmlthDHs0wd0IejSzBeBN8&google_hm=266Q4sywQayXHbL154Cn0w==
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPK3wowc710JFd6UxaBcjnDCW_9-VPP9-csZeknDKWA1AGjgLqzJsoENOmfmkyFo5ZF0hALp9nHmlthDHs0wd0IejSzBeBN8&google_hm=266Q4sywQayXHbL154Cn0w==
Date
Tue, 18 Jan 2022 09:57:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 4D2D
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMzzI7Nb2ttxJ4BvV7IUbNo&google_cver=1&google_push=AYg5qPJDevgYudWUlt2-zFVlpqzAeuxQTWFTsMesYu6WQkU51NpCfBCFMqeqoms7J54efy6cGQuYEk-lWktXO47WlYUpkxH...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJDevgYudWUlt2-zFVlpqzAeuxQTWFTsMesYu6WQkU51NpCfBCFMqeqoms7J54efy6cGQuYEk-lWktXO47WlYUpkxHIsaPN&google_hm=OTE5NjU2NDI1NzE3MzExNT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJDevgYudWUlt2-zFVlpqzAeuxQTWFTsMesYu6WQkU51NpCfBCFMqeqoms7J54efy6cGQuYEk-lWktXO47WlYUpkxHIsaPN&google_hm=OTE5NjU2NDI1NzE3MzExNTA1Ng%3D%3D
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 18 Jan 2022 09:57:19 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJDevgYudWUlt2-zFVlpqzAeuxQTWFTsMesYu6WQkU51NpCfBCFMqeqoms7J54efy6cGQuYEk-lWktXO47WlYUpkxHIsaPN&google_hm=OTE5NjU2NDI1NzE3MzExNTA1Ng%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
us
sync.go.sonobi.com/ Frame 4D2D 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPJ3qIJrLe-4cZv8djx24thQwisoZxLLvqSvID2ge3WzOcPQcqkCcRGdcCHupFaZA_We4HfCEJ3U7uqfouaB_EnTi3hIRcpQ%26google_hm%3D%5BUID%5D&google_gid=CAESEMDk0mmjZK9jI6YZ3EUdhmM&google_cver=1
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 09:57:19 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4D2D
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEJWg8-oOUsM9SIZOStfj-d8&google_cver=1&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0X0sI9GV...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEJWg8-oOUsM9SIZOStfj-d8&google_cver=1&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0X...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=N41tSatMStam4SBWwOMwKw&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=N41tSatMStam4SBWwOMwKw&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=N41tSatMStam4SBWwOMwKw&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=N41tSatMStam4SBWwOMwKw&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=N41tSatMStam4SBWwOMwKw&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=N41tSatMStam4SBWwOMwKw&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=N41tSatMStam4SBWwOMwKw&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=N41tSatMStam4SBWwOMwKw&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=N41tSatMStam4SBWwOMwKw&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=N41tSatMStam4SBWwOMwKw&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=N41tSatMStam4SBWwOMwKw&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=N41tSatMStam4SBWwOMwKw&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=N41tSatMStam4SBWwOMwKw&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=N41tSatMStam4SBWwOMwKw&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=N41tSatMStam4SBWwOMwKw&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=N41tSatMStam4SBWwOMwKw&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=N41tSatMStam4SBWwOMwKw&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=N41tSatMStam4SBWwOMwKw&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=N41tSatMStam4SBWwOMwKw&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0...
0
0
pixel
cm.g.doubleclick.net/ Frame 4D2D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESED1Czl0HWlq8nqbw8TeY-Jw&google_cver=1&google_push=AYg5qPICHY0-Il4WhiWbYyD0-Kgw1gd7ZV7r2n6_ng-_GX9Bpv7X69uYwex1YvF1UeG1FFWkrP...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS00UDVOY0ZSRTJ1R2FBZ3JuVjk3WU0uREFQb0t0NlNqa35B&google_push=AYg5qPICHY0-Il4WhiWbYyD0-Kgw1gd7ZV7r2n6_ng-_GX9Bpv7X69uYw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS00UDVOY0ZSRTJ1R2FBZ3JuVjk3WU0uREFQb0t0NlNqa35B&google_push=AYg5qPICHY0-Il4WhiWbYyD0-Kgw1gd7ZV7r2n6_ng-_GX9Bpv7X69uYwex1YvF1UeG1FFWkrPYbJDgPvcuifplL95sb_5XQmW5YRg
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS00UDVOY0ZSRTJ1R2FBZ3JuVjk3WU0uREFQb0t0NlNqa35B&google_push=AYg5qPICHY0-Il4WhiWbYyD0-Kgw1gd7ZV7r2n6_ng-_GX9Bpv7X69uYwex1YvF1UeG1FFWkrPYbJDgPvcuifplL95sb_5XQmW5YRg
date
Tue, 18 Jan 2022 09:57:19 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 4D2D
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESENdXQCeySo5dj-cwetr6ONc&google_cver=1&google_push=AYg5qPItjg_h9NbHmqU_UjQt5RX_gWUVd5VnJ73CVThCzFjfIfbYrX98USfdHEyWACfkttM5_6_Bru367beycW_kN...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=YWJlZjdhNmQtZjEyOS00MjJmLTk5NjgtYjYyNjNkNWJiNWU4&google_push=AYg5qPItjg_h9NbHmqU_UjQt5RX_gWUVd5VnJ73CVThCzFjfIfbYrX98USfdHEyW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=YWJlZjdhNmQtZjEyOS00MjJmLTk5NjgtYjYyNjNkNWJiNWU4&google_push=AYg5qPItjg_h9NbHmqU_UjQt5RX_gWUVd5VnJ73CVThCzFjfIfbYrX98USfdHEyWACfkttM5_6_Bru367beycW_kNE0250pzqNYY
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=YWJlZjdhNmQtZjEyOS00MjJmLTk5NjgtYjYyNjNkNWJiNWU4&google_push=AYg5qPItjg_h9NbHmqU_UjQt5RX_gWUVd5VnJ73CVThCzFjfIfbYrX98USfdHEyWACfkttM5_6_Bru367beycW_kNE0250pzqNYY
date
Tue, 18 Jan 2022 09:57:19 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 4D2D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J3yIMagXA3dOUxdVlu8xPILb1WNmtqvHetHNxJmHxdgI_fmi7J_tgaumAHBXYgB555w5G7Yfs
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:19 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
pagead2.googlesyndication.com/bg/ Frame DF2A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb5358c6c980f19540bb6b15ccf641878aa3d8530e3e225df2e59eab005c3dd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:52:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
32717
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13653
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Jan 2023 00:52:02 GMT
bg.jpg
s0.2mdn.net/9080513/1640100692999/images/ Frame 95B6 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9080513/1640100692999/images/bg.jpg?1639503853250
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f48e4f636180b9124424ff286073e8508e11594ff65141aa3e454e457052e436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://s0.2mdn.net/9080513/1640100692999/DISP_160x600_ACQ_na_AQ_Multicard_2021.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 08:03:14 GMT
x-content-type-options
nosniff
age
6845
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25610
x-xss-protection
0
last-modified
Tue, 21 Dec 2021 15:31:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 19 Jan 2022 08:03:14 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4E33 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst3NJ_pChQA3fkb2Qr_8cgKcDNGiBYoYTjeKkH-Nu8W8VvnfE1uIa1Xdn_DzWcTZFo9dgbhl7wBY5enVt5HhxWZHpFkPMnufqCKc7tZeC8M5lA_-72tZEWgw5Kl3hbQrCnxT7AUc8BgtMHoMd8CSdSrlySW3jq8JBxXoSSr11UugRUmkDEhrPqpQ4DqDTOkq6Y5mETNDrPO44XXf0VDIQrx4unsG7e4FsTJqnqXjxOeV_pnyInW2gADIFHdqYp1fM2NyRgk5dMAhyw_q7QmCyO3pB53rIb6Ka9u6wQjyDjvT0JepcVrVUleF0P7VZx9e33tZpSl47suTI0ydpZ3O3i4Se4IrS44Bf1DgsQ4ZKzYbrdlhOOcSSen75p23VMDEhmqGlIxePvHCsjmtBY1jLZK0KmxxJo-syfXl23jKtRfaBDy_p_qt8a95zo3JXMvrRT0T_nGsP_b4-sxXmyAtGQnz6nRZET9MgYiDE2VPr38XTCmnw-KjTOJZFn5tXn5ohR_o6Bso9LASKmOmPz_4NnJxS6azAtq3t-FiSUO2Oh0Lsy5VRVFrFrmg3OEaEgrvXEA3j9xltn5_4_veOUjc-nehuvUbneNbUOVooiWRNvRjQj4nqKtNpPhArlZ94vbcusnnGymVXWBxyuxrLbt8O_pPVU2bzPc49BbkHN1W0ej1rFuLMpvC2QZ0tf4ZQzarnnVpzx4dAjhvkN-b0VPQ8rwAID-nMk5jn6Y8_T2IoP5PQqjWWpZmABKGrCFDcZt1I-Hz883G0FKw2CqgzUlVyC9XPuZ8dG7Nt4krq8q9NS3ywN2mBRVevOGXLMAj9SRVVdFnAw4i4C4eWJt8aehprRqbTQAj6VFIuJKxJxPo-wbx2VWU6EnMMWRpitYDf3zo6ANC4tCCE42eyoBhryVwvppkSPPtxVM9NB-xL4tWEWAu2JZMbNKBKIlTVz4Tmf0wCMDMp4VacrONmpDH6zNSaxeafSHm-FzDvCF4iHSlr_dLgvA6RqZB87RNchLeHh8obwO-9_a0T8rYzFb-kweTNtTPDDcQDptYjtMYqs_q2pcDLHdjFHg4jC5JDkKlINW4p-vZR2SqbiwSqTHHB9K1I86j-xHO7pcw3wW94UXRbVrW28ohM79IYYqrwau3mRgSCABQes2749EMsiOT6TZ8jxvU4Kw98jwwb7o4GkmOj0-e5lks-GDVYVDxKiNTringoPhlMDo6VrsSMyJoimYinAaSET96ZV6Y1Z01se-rdQuc6IeUWTBP-MZiSFXTsRCA9k2AsbS-yrOGsBslaTby0rd4-pUekUKZadGCPmhxv3n0FKQViqBkQ&sai=AMfl-YTaHV1uiOvulDzqXpYuJiMU-B4rwQcHX84ircdxwT5n3TPB1Ny7nCCBQECGAR5j-hDPbRpJ_rfY7qy19m_YCGrtPHhb7cIIuZ-jpK9eUbkQDHx4kiIZEci3bT04StV4P1w6MVEdndvzqWGlcPS8CQjKGl5RAA&sig=Cg0ArKJSzBWWJjNfW7LBEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1769&vt=11&dtpt=1124&dett=3&cstd=644&cisv=r20220112.16844&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 18 Jan 2022 09:57:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
/
track.adform.net/csimpr/ Frame 5F35 		35 B
493 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=44454688&csi=SWlOF3pAVb6ln4wC2SKw7cwTSeMfHHkWeo6_77kDymjrygPkIxxfk3eVl6hLcT5VIVgrS0tuVj6DaWJyW2yB8N6vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
50769040.gif
s1.adform.net/Banners/50769040/ Frame 5F35 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/50769040/50769040.gif?bv=2
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
2477982826e457fcb72cc64fe53fa2eb9f014278af1493bf0f5aea3b62a37cdc
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:19 GMT
last-modified
Fri, 07 Jan 2022 09:22:26 GMT
server
nginx
etag
"61d80652-80ca"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/gif
content-length
32970
u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
pagead2.googlesyndication.com/bg/ Frame 5E7F 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb5358c6c980f19540bb6b15ccf641878aa3d8530e3e225df2e59eab005c3dd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:52:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
32717
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13653
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Jan 2023 00:52:02 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 8458 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu-cu_3XhVmhK4vscuzWxKam63Ddkw7rBc6bmjtXdG7keLLMzg5Kruhhitb80HojwrtTEdRF0XSJidAgzR1WtcNy3nZA7tn2tSJnriaJDD66-AitdsrUKc5cP1x55HsI0ZCJPlzGlAULX7PxAOd3JaB9LyDpRxjDfCHbQbnNCzAqeDSHtB2Mr1UQOAkpEQLoPvhdVHehDmOR30DPjG_2an6cYe4lIT3_bY5fWsHhNCJgwnYhr7NMXrJqXPqavA2q86egjayjP7ZiFOeiv5RQYZLnXE290HvHkHOS9hEd5fSQ6V8f63YqydOfVEEeJWErLUyUwR46Z74ICXcHVadPTtKyVM7yTtLYJkE7L7tvDQOHCL94rt1RzzWm7-yeTSgGtQOvqonEnClX6uvIEmXsaNIZhqg4FOUxn11VPx5hRyHfYHsne5pPY0ppocYcIpuUymPtva8BFBVm8ydA-tPbVABwkgDHQyQnxAzc1mpMgpd7t23NmOFTeaImbpr9DZ7BSW3JZCgs7b_EbAIsiNW1xtxcp_sDkxUwiIjRCvqkamQt_-sG92yShLS6kqsTucVodIcI9mI4cd4jPT2lw1GuQVpvJmOa6p3eHOKYqFWudo2z2kkgUVXmDu9t_HObEpUNcJYya5-VQN_h4IwQyj78DXREujJYRGuMV18ND_TptSb8v3MOTynrSeKNiZ0ZPo4IUg_PobtiYz1KqcHNcU9Pk-wqVSX1Pv8N7XOdDNvlA5FAynNB-xgy1qYBpQ_LDydJd6bl55V8YP9whlNhZMLtjaTnF9noWtR2DHjO1C63gxBBeBo4FSxuQqLZhfD1xWLBwoT-b_3mUt9cQ8-tLsX3sEdo5wkiNbZrztSH1d8z33FEo913lirhilloDBcB4CWII4SBf2NXlChh3uyeU5czGzh7iIn_BfZSDVkhkxWVUBoFh_xfxk7XUbQeQbZT4U-QWt8IRpXZ5YsVuoBpAPee_qXO7uI92Coxv0Zh-I0GFHe915poIWfNdL4Y_dE4Zoi7rzTjyTnrKZXKE9E9sPeglGA9PBBEEqND1ZARDTZtWzhxyROnN0lcPOFenVy4KRUWwS3u5VO5ja3iqW1ECkxq4uCFmMoKTi7Qodz6EjbQpw4Ka-PR_Kx08ahpK1J0Usz0M71bdir4myILiD3shrHXDqqcqeIoZ2QbUBxC3gcMehfMd6Uhi1Fu-_wx1r7HtdzsCUlmujlNaeqYhI3OX6Nzim0GyPm3Xif9oHPOXtkhkNUnpwtKf0Pk0oTYw0exYHGNyB0whTVFFR7LKx0rXAH8ytrj9qP08vYz2qM8VpzP28&sai=AMfl-YRAhXlJtlx63_CVuMKv8QMkWBWwCD-7Z4wUTpeArYwCvX26VZedtNsUW2BjitTcF2A6Nn_pfxGUf6ZuzBKB-aA2QI0RjHFhD4_m2gpQawNKsokidkU5hdjY3lOvhGSrNt4Rvf3SBiclq7o9nOPisIHLY78FFg&sig=Cg0ArKJSzDlQP8L8-KRQEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1797&vt=11&dtpt=1287&dett=3&cstd=505&cisv=r20220112.01781&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 18 Jan 2022 09:57:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3298 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_246&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f21f8f605aaa3aed08a3e4123e1056db63b4a41f4f98adc6a2f253d81c71e11c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 Jan 2022 09:57:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4390
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B183 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 18 Jan 2022 09:57:19 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0C38 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuE70B3qkjY7NkkYVK0jQ9xgdODdK0zgYxIfUO2g6etf9q3e68yD7sZzENg0EAUGVAG96mr9PKQmCgPLFc0r-74nLQAvJ9YheXJcplImcOYrkVfVGJ7IQ&sai=AMfl-YSIzJRGKleb9y8l8UAi-j-mg-Cu-6oc4UgnucNG5vuHSVe15woL1aczfZmc6fIXoHF9aqDTeUO0jwAiVWcdOBDgDD4uAgi1dR8&sig=Cg0ArKJSzGNlvk14Ey6DEAE&cid=CAASEuRoMtrCfz06edh5zWfBI085Kw&id=lidar2&mcvt=1076&p=0,0,90,728&mtos=1076,1076,1076,1076,1076&tos=1076,0,0,0,0&v=20220112&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2966895748&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1642499837640&rpt=1977&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame E74D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESECO-s5wdmKhUQbM-ol-j7XE&google_cver=1&google_push=AYg5qPK5RslyA9_s6CDsemwtlw5U1OFGdX-Q46oK3surqEYSN5GyPs368VAQhlqgfuwcfYd7its5bipzdSPhGsz_5i4TiuTh1w
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjY2NTg1OTQ3ODE2NTkxNzQwNg==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECJlBhvfb75r00HEf74XFi0&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECJlBhvfb75r00HEf74XFi0&google_cver=1
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECJlBhvfb75r00HEf74XFi0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E74D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMX2V2olY8OhgCDjsssqN6M&google_cver=1&google_push=AYg5qPKIh_gr-2sKxqGPMOlfeORLw5zlxvwCcZ8UFd1k9JCU0fuccegpwKPY8vZdY0UYBSGdVs2T72AgXuCEzau5...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKIh_gr-2sKxqGPMOlfeORLw5zlxvwCcZ8UFd1k9JCU0fuccegpwKPY8vZdY0UYBSGdVs2T72AgXuCEzau5xVVvxc2dwdk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKIh_gr-2sKxqGPMOlfeORLw5zlxvwCcZ8UFd1k9JCU0fuccegpwKPY8vZdY0UYBSGdVs2T72AgXuCEzau5xVVvxc2dwdk
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 18 Jan 2022 09:57:19 GMT
Server
MT3 4133 baa842e master zrh-pixel-x12 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKIh_gr-2sKxqGPMOlfeORLw5zlxvwCcZ8UFd1k9JCU0fuccegpwKPY8vZdY0UYBSGdVs2T72AgXuCEzau5xVVvxc2dwdk
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 18 Jan 2022 09:57:18 GMT
pixel
cm.g.doubleclick.net/ Frame E74D
Redirect Chain
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESEEi1DZAa0JZSaVbsGOSYk48&google_cver=1&google_push=AYg5qPJTiVt0imEx0Kdr6O7PPkcVY7PpMInEtrEqTQGawgjNEHwRYm_RtQVtA1ilt1GGuzCSNUHGKzp6HUilZX2GtYJ6itdK0A
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESEEi1DZAa0JZSaVbsGOSYk48&google_cver=1&google_push=AYg5qPJTiVt0imEx0Kdr6O7PPkcVY7PpMInEtrEqTQGawgjNEHwRYm_RtQVtA1ilt1GGuzCSNUHGKzp6HUilZX2GtYJ6itdK0A&bo...
  • https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPJTiVt0imEx0Kdr6O7PPkcVY7PpMInEtrEqTQGawgjNEHwRYm_RtQVtA1ilt1GGuzCSNUHGKzp6HUilZX2GtYJ6itdK0A&google_hm=ipZ1FWbN950AAikABlF-bJ6Xi...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPJTiVt0imEx0Kdr6O7PPkcVY7PpMInEtrEqTQGawgjNEHwRYm_RtQVtA1ilt1GGuzCSNUHGKzp6HUilZX2GtYJ6itdK0A&google_hm=ipZ1FWbN950AAikABlF-bJ6XiA%3D%3D
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f3-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPJTiVt0imEx0Kdr6O7PPkcVY7PpMInEtrEqTQGawgjNEHwRYm_RtQVtA1ilt1GGuzCSNUHGKzp6HUilZX2GtYJ6itdK0A&google_hm=ipZ1FWbN950AAikABlF-bJ6XiA%3D%3D
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E74D
Redirect Chain
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEBS4s_lKgtwcmhYp10ayZZY&google_cver=1&google_push=AYg5qPI5WRhtZ04WQ0Nc0hWQR8_EMlX1yJgGApUP50xGB-6utGp4_E0cCFMmxQifQCPnS...
  • https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPI5WRhtZ04WQ0Nc0hWQR8_EMlX1yJgGApUP50xGB-6utGp4_E0cCFMmxQifQCPnS9nk3i5lC1TGTBQnthDoVsWw6LMcGQ&google_hm=QV9CTlZ5UmUwV0JvaWZQYjJHY2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPI5WRhtZ04WQ0Nc0hWQR8_EMlX1yJgGApUP50xGB-6utGp4_E0cCFMmxQifQCPnS9nk3i5lC1TGTBQnthDoVsWw6LMcGQ&google_hm=QV9CTlZ5UmUwV0JvaWZQYjJHY2c3dmc=
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPI5WRhtZ04WQ0Nc0hWQR8_EMlX1yJgGApUP50xGB-6utGp4_E0cCFMmxQifQCPnS9nk3i5lC1TGTBQnthDoVsWw6LMcGQ&google_hm=QV9CTlZ5UmUwV0JvaWZQYjJHY2c3dmc=
Date
Tue, 18 Jan 2022 09:57:20 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
pixel
cm.g.doubleclick.net/ Frame E74D
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEL...
  • https://sync.targeting.unrulymedia.com/csync/RX-f3ff4f30-b29a-42b2-b2eb-415d4d5ec4c7-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPIJDEoaX5aj6TbCtp_OD...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIJDEoaX5aj6TbCtp_ODS69wJED0aAqTxpUn-yJSXNjQtnkkM1j5_-_wzyrWHVN7HzopyPjF6SPcdc5qvO857JN-L0XZc8&google_hm=A_P_TzCymkKysutBXU1exMc
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIJDEoaX5aj6TbCtp_ODS69wJED0aAqTxpUn-yJSXNjQtnkkM1j5_-_wzyrWHVN7HzopyPjF6SPcdc5qvO857JN-L0XZc8&google_hm=A_P_TzCymkKysutBXU1exMc
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIJDEoaX5aj6TbCtp_ODS69wJED0aAqTxpUn-yJSXNjQtnkkM1j5_-_wzyrWHVN7HzopyPjF6SPcdc5qvO857JN-L0XZc8&google_hm=A_P_TzCymkKysutBXU1exMc
date
Tue, 18 Jan 2022 09:57:20 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXf3ff4f30b29a42b2b2eb415d4d5ec4c7003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame E74D
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEGkTsNV0JDC1-KpBjpFwzac&google_cver=1&google_push=AYg5qPJxCn5Hcnt5xTsMBXH-HgY7qmNYgvIWnZrb2fWDRtBPQLJMWCbS5eGpUxHMqKgdNW-b16Wr7aPnShvLWtkgCC_RkhktLA
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg1NTAxNDM5NjA5MjE1MzAwMFYxMA%3d%3d&mn_hm=Mjg1NTAxNDM5NjA5MjE1MzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPJxCn5Hcnt5xTsMBXH-HgY7qmN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg1NTAxNDM5NjA5MjE1MzAwMFYxMA%3d%3d&mn_hm=Mjg1NTAxNDM5NjA5MjE1MzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPJxCn5Hcnt5xTsMBXH-HgY7qmNYgvIWnZrb2fWDRtBPQLJMWCbS5eGpUxHMqKgdNW-b16Wr7aPnShvLWtkgCC_RkhktLA&gdpr=&gdpr_consent=
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 09:57:19 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjg1NTAxNDM5NjA5MjE1MzAwMFYxMA%3d%3d&mn_hm=Mjg1NTAxNDM5NjA5MjE1MzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPJxCn5Hcnt5xTsMBXH-HgY7qmNYgvIWnZrb2fWDRtBPQLJMWCbS5eGpUxHMqKgdNW-b16Wr7aPnShvLWtkgCC_RkhktLA&gdpr=&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html
Content-Length
154
X-MNET-HL2
E
Expires
Tue, 18 Jan 2022 09:57:19 GMT
/
cc.adingo.jp/adx/push/ Frame E74D 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEApzEhlFJIn-K_V6-254Cd4&google_cver=1&google_push=AYg5qPKis4SaMyXk0T7g8-UEN0d-DkvQ2lKRf_sunPs-lcWIogWesHVJ_USHfwcdtdOBQSibPX2QjtXwVvqiuO6mTk7pwsf7hIo
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.73.165.177 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-73-165-177.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:20 GMT
server
awselb/2.0
attr
cm.g.doubleclick.net/pixel/ Frame E74D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jvfns7hvOW3-xPhvQCgEMmk6Kqt-zrd22rCJXZ3QSsRcVUOgWxyR7bA29KYevNhztNjD1y
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:19 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
728x90_D_WD_Interest-Fashion.jpg
s0.2mdn.net/creatives/assets/2373736/ Frame B183 		15 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/2373736/728x90_D_WD_Interest-Fashion.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/it_IT_polite.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
809555be35c4964c0f7cd249d9d7cd6d435cba5a3a96f38efb73582f9fa25a3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/15669929445323564715/index.html?e=69&leftOffset=0&topOffset=0&c=gNPp4LbTL4&t=1&renderingType=2
X-Requested-With
XMLHttpRequest
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:53:07 GMT
x-content-type-options
nosniff
age
252
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15083
x-xss-protection
0
last-modified
Tue, 08 Oct 2019 09:25:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 18 Jan 2022 10:08:07 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3298 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 18 Jan 2022 09:57:19 GMT
blu.png
s0.2mdn.net/9080513/1640100692999/images/ Frame 95B6 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9080513/1640100692999/images/blu.png?1639503853250
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68515faff3ba3010c5e3f5e384fbcfddbdea453f9702afd289ee2d700a42599a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://s0.2mdn.net/9080513/1640100692999/DISP_160x600_ACQ_na_AQ_Multicard_2021.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 08:42:49 GMT
x-content-type-options
nosniff
age
4470
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6468
x-xss-protection
0
last-modified
Tue, 21 Dec 2021 15:31:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 19 Jan 2022 08:42:49 GMT
u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
pagead2.googlesyndication.com/bg/ Frame E444 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb5358c6c980f19540bb6b15ccf641878aa3d8530e3e225df2e59eab005c3dd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:52:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
32717
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13653
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Jan 2023 00:52:02 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220112&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online&bust=31064017
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71d1e8fb8ca448a380401b306f451d64efd8d4318d0204ffc5ca6db3c22fa611
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 Jan 2022 09:57:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8787
x-xss-protection
0
like.php
www.facebook.com/plugins/ Frame B496 		48 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?action=like&app_id=382287608570983&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfbeff7d93ff9d%26domain%3Dwww.farfeshplus.online%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.farfeshplus.online%252Ff378b3b32a76e08%26relation%3Dparent.parent&container_width=100&href=https%3A%2F%2Fwww.farfeshplus.online%2F&layout=button&locale=en_US&sdk=joey&share=true&show_faces=false&size=small&width=50
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=0acc037d259e860421290c8fdd480610
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ce969297349c7fcfcaf16fb5e8596ce2043baa3ff29d72067b1e2ab41eaffe53
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
document-policy
force-load-at-top
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
0pUcvgXJGqQNjaB+UN8eMYHt1bJOWfNs1ZsgWLfkDWUeb+cmh71QAoSU0fnduCsrH/KjDNgsblBQnHTIXd6nyw==
date
Tue, 18 Jan 2022 09:57:19 GMT
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
pagead2.googlesyndication.com/bg/ Frame AB58 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb5358c6c980f19540bb6b15ccf641878aa3d8530e3e225df2e59eab005c3dd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:52:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
32717
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13653
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Jan 2023 00:52:02 GMT
style.css
s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/assets/css/ Frame 3298 		21 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/assets/css/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/assets/js/initial.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66efedac4b5a4bbb9912fe11037164b0f975f444263aab6f7e6fe89ca75819e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/creative.html?e=69&leftOffset=0&topOffset=0&c=8FaVaRFRv5&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 06:59:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10640
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2338
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 10:10:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 19 Jan 2022 06:59:59 GMT
jquery.textfit.min.js
s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/assets/js/ Frame 3298 		1 KB
686 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/assets/js/jquery.textfit.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/assets/js/initial.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2c5aae989ebecc48aa3e455d9e066b4f90add7ecafef55cef8fce5a5823a735
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/creative.html?e=69&leftOffset=0&topOffset=0&c=8FaVaRFRv5&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 16:18:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63547
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
648
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 10:10:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 18 Jan 2022 16:18:12 GMT
nhdynamic.js
s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/assets/js/ Frame 3298 		35 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/assets/js/nhdynamic.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/assets/js/initial.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d74bee7fd7f696f1d12267064500896b813520e0eba8b058c9895e9f13d12130
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/creative.html?e=69&leftOffset=0&topOffset=0&c=8FaVaRFRv5&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 06:04:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13993
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5589
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 10:10:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 19 Jan 2022 06:04:06 GMT
youtubeApi.js
s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/assets/js/ Frame 3298 		1 KB
484 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/assets/js/youtubeApi.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/assets/js/initial.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
590c9c8a499bf5bd52784c2bbbe0c69bc4f2f8c2ed0cc0e44c3cdaa62e1d672b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/creative.html?e=69&leftOffset=0&topOffset=0&c=8FaVaRFRv5&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 06:10:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13595
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
445
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 10:10:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 19 Jan 2022 06:10:44 GMT
u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
pagead2.googlesyndication.com/bg/ Frame 8A8C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb5358c6c980f19540bb6b15ccf641878aa3d8530e3e225df2e59eab005c3dd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:52:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
32717
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13653
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Jan 2023 00:52:02 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8458 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstTtXSsg2iqfW2g53gAsq5HaZKb0nf0990WWXYUy8FhPLxZiXqL9Zt8Xsnb_EnbtCyX0V_DXn8tyfQgzMmXXOX81vRjgCaDo8WUIdWPyoDCdBsoyh0ZTw&sai=AMfl-YRfn_t45WgGmzkbGv6NwpntuUNMdo8dmMe-jrw1xgAfYAf7U8CcB6EW-7jmguwTrlEM36I2698bns7pkETF6fFYl9dEWzGztvj8kGGAWbfE0ZoE2kicD87-smEi&sig=Cg0ArKJSzEbvgF6Oq2bfEAE&cid=CAASEuRok8HxHJbsjTN3xH9sYp1rAg&id=lidar2&mcvt=1094&p=1110,436,1200,1164&mtos=1094,1094,1094,1094,1094&tos=1094,0,0,0,0&v=20220112&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1254606430&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1642499838292&rpt=1527&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4E33 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsstEn6qUttwmVKDU8NGm_0el8t-U-d3013P1_e2VyymQL2NdAC2L0LPY0Bho7uMdXRqO5bBI3iAdJ8TfBe8KxKfjS0PyW4dAF3KZQy9dqeUzg-SCp-GxQ&sai=AMfl-YTJfDfxuYP5zN2kgh_mRaswQW5LfGr3LBbvQvaC6ZmWeD19u4cyx5_kFhSzlRIV0ryG2wEmyjCk1eoIWYRc0C7dC3AoXi7B9_GT3tjDQOM2Z0hDrCBxCLzwvOA6&sig=Cg0ArKJSzB2fw59NhkmVEAE&cid=CAASEuRofA9oR6PyfG0gLAEWClJN8w&id=lidar2&mcvt=1095&p=300,1440,900,1600&mtos=1095,1095,1095,1095,1095&tos=1095,0,0,0,0&v=20220112&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3124540693&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1642499838339&rpt=1506&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
pagead2.googlesyndication.com/bg/ Frame F1B5 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb5358c6c980f19540bb6b15ccf641878aa3d8530e3e225df2e59eab005c3dd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:52:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
32717
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13653
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Jan 2023 00:52:02 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1231661633440980&plah=www.farfeshplus.online&bust=31064017
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 18 Jan 2022 09:57:20 GMT
dt
dt.adsafeprotected.com/ Frame 0C38 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=919015&asId=eaba1760-563e-c9d1-4df5-9123dc4ce96a&tv=%7Bc:1DPjSx,pingTime:-10,time:2012,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ny4wLjQ2OTIuNzEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1642499840554%7C%7C92487a8c2ba98ccc5829a419bac3b0bb%7C%7C8866308252d63f9bf74b74e606896148%7C%7Cea36767fb15989856dae6c8b0852999b%7C%7C9e03e36e9db26170f8a2c9332c022613%7C%7Cb9f35a6123c654a2fdf6771b02acd49a%7C%7Cc51f12ba64ae908d5d20fb25a833dcb5%7C%7Ce27ad9732738840bdb82d016b9309050%7C%7C1629390669,im:%7Bpci:%7Btdr:451%7D%7D,sca:%7Bspg:ed04b975-1387-be09-c711-eea4dfa77ae9%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.27.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-27-110.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:19 GMT
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
gold.png
s0.2mdn.net/9080513/1640100692999/images/ Frame 95B6 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9080513/1640100692999/images/gold.png?1639503853250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
58de3f552e2f8fc2ebb95bab95acf0e5c01752069b82bb3e0d5117f8ea426061
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://s0.2mdn.net/9080513/1640100692999/DISP_160x600_ACQ_na_AQ_Multicard_2021.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 08:42:49 GMT
x-content-type-options
nosniff
age
4470
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8991
x-xss-protection
0
last-modified
Tue, 21 Dec 2021 15:31:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 19 Jan 2022 08:42:49 GMT
d7d33dec-5913-40a7-a805-287f480b8d04
https://s0.2mdn.net/ Frame B183 		15 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://s0.2mdn.net/d7d33dec-5913-40a7-a805-287f480b8d04
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
809555be35c4964c0f7cd249d9d7cd6d435cba5a3a96f38efb73582f9fa25a3c

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length
15083
Content-Type
image/jpeg
u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
pagead2.googlesyndication.com/bg/ Frame FA2B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb5358c6c980f19540bb6b15ccf641878aa3d8530e3e225df2e59eab005c3dd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:52:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
32717
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13653
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Jan 2023 00:52:02 GMT
v4_323303_12961.json
player.adtelligent.com/prebidlink/2737499/ 		11 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/2737499/v4_323303_12961.json?cb=www.farfeshplus.online
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/456249/wrapper_hb_323303_12961.es6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
c6e96965ed77b26547d2629ba2fee0898d31b4f2dac33ea90004f37f32ac1c25

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:20 GMT
content-encoding
gzip
last-modified
Tue, 18 Jan 2022 09:16:50 GMT
server
nginx
etag
W/"61e68582-2d63"
content-type
application/json
access-control-allow-origin
https://www.farfeshplus.online
expires
Tue, 18 Jan 2022 10:57:20 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
it_IT_imageanimation_D_WD_Interest-Fashion_728x90.js
s0.2mdn.net/creatives/assets/2980226/ Frame B183 		39 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/2980226/it_IT_imageanimation_D_WD_Interest-Fashion_728x90.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/it_IT_polite.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28548f5be0493acd11bb3e08ad171effd70e8cbd4a5584c72302b40f11bb22ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/15669929445323564715/index.html?e=69&leftOffset=0&topOffset=0&c=gNPp4LbTL4&t=1&renderingType=2
X-Requested-With
XMLHttpRequest
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22019
x-xss-protection
0
last-modified
Tue, 19 Jan 2021 11:14:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 18 Jan 2022 10:12:20 GMT
green.png
s0.2mdn.net/9080513/1640100692999/images/ Frame 95B6 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9080513/1640100692999/images/green.png?1639503853250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc9403a1bb6d0f6543447bd56c6ac2bab81b6207d2c460f7727cf42c697da790
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://s0.2mdn.net/9080513/1640100692999/DISP_160x600_ACQ_na_AQ_Multicard_2021.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 08:42:49 GMT
x-content-type-options
nosniff
age
4471
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9060
x-xss-protection
0
last-modified
Tue, 21 Dec 2021 15:31:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 19 Jan 2022 08:42:49 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D251 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstO56OFZydjkx1VPuy_PmqWyClPliZ8np_RIJWwzbmwp7dPsdzlY74lL0lkA5ybgjphvOdaGX9iopwexUzukzf_0hXLM35yQZM5Sec1AYgxRgfqJMNDkWo5ZIi36jhColoEgyahczyglB8Q4Ntz75gyzfXecR5G31wum2nFk6qzTA&sai=AMfl-YRRAsltExjDGzoMqd0lcjNLezl7A1iM8EHorbRlIYcBxFL6H5TEigWWDLVjI08lU6XoIZvZgo-YtKAE&sig=Cg0ArKJSzF183J90N9VwEAE&id=lidar2&mcvt=1078&p=0,0,600,300&mtos=1078,1078,1078,1078,1078&tos=1078,0,0,0,0&v=20220112&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1530395088&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1642499837599&rpt=2570&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame FBA2 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=53543019-a909-13b6-d172-c01f8fb4bbdc&tv=%7Bc:1DPjWU,pingTime:-10,time:2014,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ny4wLjQ2OTIuNzEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1642499840554%7C%7C92487a8c2ba98ccc5829a419bac3b0bb%7C%7C8866308252d63f9bf74b74e606896148%7C%7Cea36767fb15989856dae6c8b0852999b%7C%7C9e03e36e9db26170f8a2c9332c022613%7C%7Cb9f35a6123c654a2fdf6771b02acd49a%7C%7Cc51f12ba64ae908d5d20fb25a833dcb5%7C%7Ce27ad9732738840bdb82d016b9309050%7C%7C1629390669,sca:%7Bspg:ed04b975-1387-be09-c711-eea4dfa77ae9%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.27.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-27-110.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:20 GMT
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
iframe_api
www.youtube.com/ Frame 3298 		980 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/assets/js/youtubeApi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f44fc673df1581cce8e297b59ef738336d5abc66c0f9c269db42da0cb69afc65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=it for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
expires
Tue, 18 Jan 2022 09:57:20 GMT
63009_20211126073605682_background_728x90_1.jpg
s0.2mdn.net/ads/richmedia/studio/63009/ Frame 3298 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/63009/63009_20211126073605682_background_728x90_1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63f765390b644643c89da0c07b382b3a0897ff2a33dcae4da86bff0bf9cfbd81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/creative.html?e=69&leftOffset=0&topOffset=0&c=8FaVaRFRv5&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:01:32 GMT
x-content-type-options
nosniff
age
35748
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24363
x-xss-protection
0
last-modified
Fri, 26 Nov 2021 15:36:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 19 Jan 2022 00:01:32 GMT
63009_20211126073608842_background_728x90_2.jpg
s0.2mdn.net/ads/richmedia/studio/63009/ Frame 3298 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/63009/63009_20211126073608842_background_728x90_2.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63f765390b644643c89da0c07b382b3a0897ff2a33dcae4da86bff0bf9cfbd81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/creative.html?e=69&leftOffset=0&topOffset=0&c=8FaVaRFRv5&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:01:32 GMT
x-content-type-options
nosniff
age
35748
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24363
x-xss-protection
0
last-modified
Fri, 26 Nov 2021 15:36:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 19 Jan 2022 00:01:32 GMT
63009_20211126073612940_background_728x90_3.jpg
s0.2mdn.net/ads/richmedia/studio/63009/ Frame 3298 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/63009/63009_20211126073612940_background_728x90_3.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63f765390b644643c89da0c07b382b3a0897ff2a33dcae4da86bff0bf9cfbd81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/creative.html?e=69&leftOffset=0&topOffset=0&c=8FaVaRFRv5&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:01:32 GMT
x-content-type-options
nosniff
age
35748
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24363
x-xss-protection
0
last-modified
Fri, 26 Nov 2021 15:36:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 19 Jan 2022 00:01:32 GMT
GothamNarrow-Bold.woff
s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/assets/fonts/ Frame 3298 		80 KB
80 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/assets/fonts/GothamNarrow-Bold.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a7b3c6dd66c88e7db6eeb6ca64342e2256a61bcd96889b2f6337aca61a0237a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/assets/css/style.css
Origin
https://s0.2mdn.net
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 11:23:45 GMT
x-content-type-options
nosniff
age
81215
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
81884
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 10:10:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 18 Jan 2022 11:23:45 GMT
GothamNarrow-Medium.woff
s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/assets/fonts/ Frame 3298 		81 KB
81 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/assets/fonts/GothamNarrow-Medium.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5d958be76e970124b20b9d17b84962fae1ad78a436652cf10194ac5fb3ab27f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/assets/css/style.css
Origin
https://s0.2mdn.net
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 18:31:02 GMT
x-content-type-options
nosniff
age
55578
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
82744
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 10:10:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 18 Jan 2022 18:31:02 GMT
flecha.png
s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/assets/images/ Frame 3298 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/assets/images/flecha.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
316c626585650b118dc2ca02a311b72962a5d160f89a3b686a942548cea022d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/44032289/20210816031001656/creative.html?e=69&leftOffset=0&topOffset=0&c=8FaVaRFRv5&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 06:00:53 GMT
x-content-type-options
nosniff
age
14187
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1035
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 10:10:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 19 Jan 2022 06:00:53 GMT
OqOE21UvWe3.png
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame B496 		400 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/OqOE21UvWe3.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?action=like&app_id=382287608570983&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfbeff7d93ff9d%26domain%3Dwww.farfeshplus.online%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.farfeshplus.online%252Ff378b3b32a76e08%26relation%3Dparent.parent&container_width=100&href=https%3A%2F%2Fwww.farfeshplus.online%2F&layout=button&locale=en_US&sdk=joey&share=true&show_faces=false&size=small&width=50
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:20 GMT
x-content-type-options
nosniff
content-md5
uF0RL4E+h23ClLQmPOTTMw==
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
400
x-fb-rlafr
0
x-fb-debug
sWWhEBACuJOMV8udP5+R2bvmJQDW0XunWg1ysVpDEdekjCdE+WVsvhgXD4zSD4ULsqr4k2SgBXmCSIq2GBXWuA==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 11 Jan 2023 12:45:16 GMT
js-animation_it_IT_imageanimation.js
s0.2mdn.net/creatives/assets/3389262/ Frame B183 		75 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3389262/js-animation_it_IT_imageanimation.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/it_IT_polite.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
438daab5377de93d93617bb1149793ab1b804b7871b32e9b36e89b2baa43bcbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/15669929445323564715/index.html?e=69&leftOffset=0&topOffset=0&c=gNPp4LbTL4&t=1&renderingType=2
X-Requested-With
XMLHttpRequest
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:45:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
710
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20098
x-xss-protection
0
last-modified
Fri, 22 Oct 2021 10:19:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 18 Jan 2022 10:00:30 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A077 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bhl7D_I7mYePGHf-BiM0Pw5eV0AQAAAAAOAHgBAI&bg=!YGOlYyfNAAaocxMpqHM7ACkAdvg8WukbEavvEUVnDX4YeH1yLIhMSF6dZJkZOnUL3tJs_-KyeytppwIAAAMVUgAAAAVoAQeZAwiKde9KAmq7DKS96E3gvpZhMTcgTUpOXcdQlCi2x6s_DQFc8ZYjjyuyer7697xEvOwYVOgpV_Qno50W_3FY-ETDU2Obd7-hp_SuWkFzdKo9tXAlyIa0WGK3O0jcKOlSajQdfDEPRD9-NAhcITBWljLWWz9K74FPYKm1_Q7i0U6bQou0jASteUIplNZqXDOjKh9GjrlTcWl6Iy-zNu5jgxilFOZI3PtDkKeNSGdA-98XggMsyRHxeyjxOfHa7eGqmU1d1HcpXJKzguDSaHfrCyE68PCvxcs9gLIwBHwG_4FnIF4HAe2HGgG1o6Vq_OpniCv9mK-uM8Wpq5uJ4Rjd2pYq60YVGlaZpKEANyGbTzHtTL-qUc8uvruwFL24MU-Wnl9oXCHqJMypEx1r34crW2VzV21O50SkDWlJkP4oG6Nc6UVJ9HoVCcv6lo8bfiXnJ4Fvwf6JhbYOILuAhPc82KPzZYKyOezmNlZfmKSwkw387pbuZHt7Vtfdiv8QEakfowMJy9ecR9fjzPx9wxnu3wsn7XhjuFPjAHQdEH6RJ4BTtlxlhZ1ydNqAhgXs5vCTQZk42UGdTaT-Ox5kjHc9ooq2XqrlSBV5jFbjM4lUsUBQQxHzxjlIU_VIe4S49qIEjaf5bgJ6d6Jt84QjUXnwTS0B9VtFwSa1sXWNAyH39h4KL5xQnuzY0y-AKPsxuqdsrVcRvtlcweBXnnmXEA_XxUdXryBjtIy8SYZq_7RUfWFXXj5SOUA_2NdLXfRgZ-P7g2g2BdQed0F7JblCK4IuUmLIgHHIETW9EpHjGooA81m6aXwD3xDk5C57FRe6-BEiqI7tCsQi-BHeTByzRwUqEQql8wQASt02SAQM6KgLJwhHB6q3OB43gbdswZpoGJqXDB7TPZpYLArZasLmqWG7amg9khj5zt_tadLSjKNGo6nLsAQgIBX3tJcBCORyrqVXqvvMUiFa7j7aZuRn2MqhO1Pyk1eBFzygIvKRuql2nCX-SEoXhw-UA6vFrQJhuLJgvbm1F3XBfCft9Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame B183 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
19ff70e284646d02fc1e21d6fc9f1bb2586cf2153807480af67b46b389c76ed6

Request headers

Referer
Origin
https://s0.2mdn.net
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
yeDV_yBDjcV.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yc/l/en_US/ Frame B496 		518 KB
135 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yc/l/en_US/yeDV_yBDjcV.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?action=like&app_id=382287608570983&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfbeff7d93ff9d%26domain%3Dwww.farfeshplus.online%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.farfeshplus.online%252Ff378b3b32a76e08%26relation%3Dparent.parent&container_width=100&href=https%3A%2F%2Fwww.farfeshplus.online%2F&layout=button&locale=en_US&sdk=joey&share=true&show_faces=false&size=small&width=50
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
50e73b9f587cd1bf6fbe917157bdce177fb178ceaba7231ed433394a8e2bffbf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:20 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
dVkFVvKRO2+iaAFL3ep6NQ==
document-policy
force-load-at-top
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
138557
x-fb-rlafr
0
x-fb-debug
s43zUBG00gZ6vEHPP1EcfFnKElrvlKxOgxsSkIH6qhmr6ZRJOaYQuhhkymAR3pcgNrUYgo++8iupQuOJ69uMTw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 12 Jan 2023 18:57:08 GMT
logo.png
s0.2mdn.net/9080513/1640100692999/images/ Frame 95B6 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9080513/1640100692999/images/logo.png?1639503853250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d96e62d2100dbc3307dfc120ccae358500c4f2075315684fd703e35838e24d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://s0.2mdn.net/9080513/1640100692999/DISP_160x600_ACQ_na_AQ_Multicard_2021.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 08:42:49 GMT
x-content-type-options
nosniff
age
4471
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1281
x-xss-protection
0
last-modified
Tue, 21 Dec 2021 15:31:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 19 Jan 2022 08:42:49 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9649 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 18 Jan 2022 09:51:14 GMT
expires
Wed, 18 Jan 2023 09:51:14 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
366
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame A4BA 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ba1b0d40f6d45aafed9707d8dbc41c7b13307fbc7675cfeabcf03d3b61f1bf17
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FyonQA17rGSUdoZYCfM7JA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 18 Jan 2022 09:57:20 GMT
date
Tue, 18 Jan 2022 09:57:20 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-FyonQA17rGSUdoZYCfM7JA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cdb
bidder.criteo.com/ 		18 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.7.0-pre&cb=98568525569
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19010/hb_323303_12961.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.farfeshplus.online/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 18 Jan 2022 09:57:20 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.farfeshplus.online
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
c
prebid.a-mo.net/a/ 		0
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19010/hb_323303_12961.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.farfeshplus.online/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.farfeshplus.online
date
Tue, 18 Jan 2022 09:57:20 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
8
vary
origin, Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ 		19 B
863 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19010/hb_323303_12961.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.farfeshplus.online/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 09:57:20 GMT
X-Proxy-Origin
192.145.127.217; 192.145.127.217; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
cd72793f-4908-465e-8476-a9e76ef3b40e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.farfeshplus.online
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adjson
ads.betweendigital.com/ 		2 B
918 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19010/hb_323303_12961.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.farfeshplus.online/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.farfeshplus.online
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
prebid-request
onetag-sys.com/ 		15 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19010/hb_323303_12961.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.farfeshplus.online/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.farfeshplus.online
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
184 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19010/hb_323303_12961.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.farfeshplus.online/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.farfeshplus.online
date
Tue, 18 Jan 2022 09:57:20 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
ROS
pbjs.e-planning.net/hb/1/2e43c/1/www.farfeshplus.online/
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/2e43c/1/www.farfeshplus.online/ROS?rnd=0.532819559271738&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&pbv=6.7.0-pre&ncb=1&vs=F&crs=win...
  • https://pbjs.e-planning.net/hb/1/2e43c/1/www.farfeshplus.online/ROS?ct=1&r=pbjs&rnd=0.532819559271738&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&pbv=6.7.0-pre&ncb=1&vs...
516 B
936 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/hb/1/2e43c/1/www.farfeshplus.online/ROS?ct=1&r=pbjs&rnd=0.532819559271738&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&pbv=6.7.0-pre&ncb=1&vs=F&crs=windows-1256&fr=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&e_pubcid=21af23e7-1873-4ee7-99d9-83f365bb03dd
Protocol
H2
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
d6407d8034c3640f0287e815a40ff888cf9f8018650b48685db12f7c18221579

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:20 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.farfeshplus.online
expires
Tue, 18 Jan 2022 09:57:20 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
516
x-sid
AMS-743

Redirect headers

date
Tue, 18 Jan 2022 09:57:20 GMT
server
openresty
access-control-allow-origin
https://www.farfeshplus.online
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2e43c/1/www.farfeshplus.online/ROS?ct=1&r=pbjs&rnd=0.532819559271738&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&pbv=6.7.0-pre&ncb=1&vs=F&crs=windows-1256&fr=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&e_pubcid=21af23e7-1873-4ee7-99d9-83f365bb03dd
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
AMS-743
arj
adtelligent-d.openx.net/w/1.0/ 		73 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&ch=windows-1256&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e844b0db-4125-4419-ad1c-20d0fb1a0d00&nocache=1642499841693&pubcid=21af23e7-1873-4ee7-99d9-83f365bb03dd&aus=300x250&divids=div-gpt-ad-1642499841544-0&aucs=&auid=541177132
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19010/hb_323303_12961.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
9cfc03182741e04ceb03550259f7a8fe11705b541be29f199523b64b886a49fa

Request headers

Referer
https://www.farfeshplus.online/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:20 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.farfeshplus.online
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
hb
ssc.33across.com/api/v1/ 		60 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bX9srg4dmr64KsaKjGFx_2
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19010/hb_323303_12961.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
ccbf3d6c0e7f14cb9db065aa01fa77191af473859bc389040fe3d9321342c726

Request headers

Referer
https://www.farfeshplus.online/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 18 Jan 2022 09:57:20 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.farfeshplus.online
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
prebid-request
onetag-sys.com/ 		15 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19010/hb_323303_12961.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.farfeshplus.online/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.farfeshplus.online
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
/
ghb.adtelligent.com/v2/auction/ 		425 B
597 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19010/hb_323303_12961.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
cc821cb54ae0f13f9a67b5775abe0c0dbdc56acad4cdc0b4d9c91d45c7cbb7e1

Request headers

Referer
https://www.farfeshplus.online/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 18 Jan 2022 09:57:20 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.farfeshplus.online
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
300
cdb
bidder.criteo.com/ 		18 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.7.0-pre&cb=4842785209
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19010/hb_323303_12961.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.farfeshplus.online/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 18 Jan 2022 09:57:20 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.farfeshplus.online
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
bid
ap.lijit.com/rtb/ 		24 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.7.0-pre
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19010/hb_323303_12961.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e14487be0d0baa80ccbf25b0bf11eefba6b6f7bb9e66198e144f9f70e6ad65e4

Request headers

Referer
https://www.farfeshplus.online/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 18 Jan 2022 09:57:20 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.farfeshplus.online
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
c
prebid.a-mo.net/a/ 		0
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19010/hb_323303_12961.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.farfeshplus.online/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.farfeshplus.online
date
Tue, 18 Jan 2022 09:57:20 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
1
vary
origin, Accept-Encoding
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=15&eid_pubcid.org=21af23e7-1873-4ee7-99d9-83f365bb03dd%5E1&rf=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=e844b0db-4125-4419-ad1c-20d0fb1a0d00&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6936200122092047
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19010/hb_323303_12961.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
70e62c171d4a01b1c49ebdd59fc85b5700e2c2fe37b6ec27c67affb6a2eb2277

Request headers

Referer
https://www.farfeshplus.online/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 18 Jan 2022 09:57:20 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.farfeshplus.online
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19010/hb_323303_12961.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.farfeshplus.online/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.farfeshplus.online
date
Tue, 18 Jan 2022 09:57:19 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
visual.jpg
s0.2mdn.net/9080513/1640100692999/images/ Frame 95B6 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9080513/1640100692999/images/visual.jpg?1639503853250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
665a3b745b738f0485d71bbda25733c5f762d1405acb1851b3f7ea65e4689a8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://s0.2mdn.net/9080513/1640100692999/DISP_160x600_ACQ_na_AQ_Multicard_2021.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 08:42:49 GMT
x-content-type-options
nosniff
age
4471
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13093
x-xss-protection
0
last-modified
Tue, 21 Dec 2021 15:31:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 19 Jan 2022 08:42:49 GMT
D_WD_Interest-Fashion;strtype=2
ad.doubleclick.net/activity;src=10960539;pid=322830967;aid=515298652;ko=0;cid=162732086;rid=163172942;rv=1;stragg=1;&timestamp=1642499841751;str=LH/NULL/326/amadeusBestPrice/ Frame FBA2 		42 B
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;src=10960539;pid=322830967;aid=515298652;ko=0;cid=162732086;rid=163172942;rv=1;stragg=1;&timestamp=1642499841751;str=LH/NULL/326/amadeusBestPrice/D_WD_Interest-Fashion;strtype=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-widgetapi.js
www.youtube.com/s/player/18da33ed/www-widgetapi.vflset/ Frame 3298 		149 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/18da33ed/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62f2796e6b6d08fe158da147e14d704783027bafe912d9d30dd28b3480380a9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:38:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
1113
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49396
x-xss-protection
0
last-modified
Thu, 13 Jan 2022 01:19:38 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 18 Jan 2023 09:38:47 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DF2A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BlkeC_Y7mYY3SG9HogAf4oayICAAAAAA4AeAEAg&bg=!6Oul66_NAAaocxMpqHM7ACkAdvg8WoZwITlSokwmznnpIsS0pAw076_Jyd4ovFFrxKsdWsq5Fwn4PgIAAANzUgAAAANoAQeZA2JVffJzlTRVDhTQBGkYivqvQmpjl1V2pHhfgI1TELu3E9lBWrO3KX1VJFK2hfpnEJBaoANZFGM7f2guH8zYJExvrqkF0S6Ei1jagh9-wRirNhCbIWcoZRxQlRS0nhJ7ARdVHDNdmMw0RYVQHlWA-ISFbMFuK7LEAno54icBwgwCOdeqLCRMYgDLjpy1uTkuCFEH4dNLqVfpH7w-IXigJUfGdIPV9D1sb-urE1Hz6qX99Bmr8u8mE6rqNEaQX5PiTLXDCPNygK_FmtTbmZTLaMPZAfDycnk6MUgI3KxtL4SuYzUi7essj4SKQzCrAxH3flPXOKzKHf5xGDJJRJVuPsVWfuZx3kikP_mbpjRI2U9JXYnq0B2iBTlljpTYbAsZ9b_L4p5TNzoUF_9waFPqcvxM_9q-uwCV_yx6qhNpUndNtyR7GzSMISICeABoPBxmZO8V_-4DS6pTqWvN686AJ7m-80Yh6KVxTRTYWASICNUoFLHqtKs2W6FaGHuD73G1E3KC_TQRr06HR8TECSRvQRtwiI5_pQAJZbjWn3NsyM1CrOl1KUXAQuIzOYVvqxhwfGUHBrLn4VmDZNpFdZ4VhdBGxrwFHQtugeZBhZItLxUGL1fRstHyeGkreQWDjnnZFHRnJRL5tPUbDW9Iha7qlwEaLU0GbtaBjt3sTFkfdHwoMgGBNec39dLQRKNDEqv4AmEF2W-3epJSLmSd6kWUYKCZevSIKhoW5zEyzGkBMxGa2pDmVH3xFFcJGYNiqzmH_mJQU2AUNivTQApuSV1raV9Mmc5IAlQBytNccoT5IRu-Q4hIEHniABz51zIru8mkxt8ECsBTnoX_q3siDksZzTCgOmeIl50lYlDE6RunFVWGOu_t3UiGJY2jSBEx8SljBogAADGzDWCH3dvRXt-8J2B_0o2cmWOG3nt4_2IH9WIHuimrzwJiWWswlg2cTj5sfvq_OH6ZbPOwllA90depjK85PnplELjt5RHo05WWOw1yjZjVM6atOpE-n4zmQefTuiAh_WjBDXcZXJxrqSN37IvlYy0LbSudH2v6AGx2apKBxOxEOaVKp0PGd0evFD160aSWG3g1JM_Yfg7xnoeUsDBBqNmmymfoZazHvo5-seZ1lI8j47isyg-c0X4ShuDTO62JMw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3B5E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BPg1f_Y7mYcfgCIXk7gPq05y4AwAAAAA4AeAEAg&bg=!qaqlqu7NAAaocxMpqHM7ACkAdvg8WgVHpec1Lo0VNNHOq3Q6SS6qRWLpp_eHzamP-xq8sG2LBo5XIwIAAAOpUgAAAARoAQcKAGB3OFhdT_whMeVWUabyDuCfFzTtjF_v2fonZczDUkkBZLzuqfv0JuF3wADD8XIGQW2ptHBl_o6SPW6MT_So7UUmpBpobf1ngQNfH1Gk9Dss8xb-dqxIeM1o8wtGHgTzGliZAwDfn3Om_LAlvpyU7JehlVSxFgmPhVzMlZUvDbQt-EtMFnghpY4m20_0NfZ0s9w2NiGgkY64zRj4S1aqM_pfoWs49s7nuuqWygkqUhdzSJ5Zg0seN9wYca4DjonCNHzThcst-y0QkBaNoHPhsgMmYfNs9uM6zryUZNQ74HW_2DHVCisiZl69tmnBflksPZLY6BtcbiT2p51u0CiTDhUlHiM7hkVYZn3x6RWq16WaERlhJrCWFqiq_wcIk9N2hIzV0KPY_CbYkMyG6FdlvF0-nFXnBOJev9eMzyjb6Usm1yEWz9T1xWFgQyo767aEyXjlaI2BXj-o_lNzKYJx-Tw50bw1oTV9aaJhrtekQZDLP6e2JwJTNCirnufag2H_TKHn_wPgiLW5T5Wyj9xUXA-luHRDGt23tax096PE3N76JlIAuZ63X-PpFtyo2xIB_7jJl6_ZCrMxWwu5eWaapUFr-gYu-eBojyDcBP3LcNkgceZbCPcgigNmkdLLHjFdXd-mHTdg0a4aq3wAUWlFnWQpMgeJP5QIvJFONDoY19Y6Z27Mkw-ht6answkshvA7DjmvqS-9jYQRE51yMUfQ-1CmYh0UiBTXnFMbxvXwAsS4lIVbSoTkvybCRdFm-Iql__ik-giPX7N8QKEsPUkP5-EcawYFWwXX8S5ECI9K49ZQvSYyw5WCyBgS5Fq4rAoBwF4F0VfUm3Z0nuDXdSZG6xBhTAUbrroL37CXX9r5KDKTvxMUj1rf9Wr8xZhZuJRiWkjcpLWsMrVN8whQwtZnlTY3YxQ4ZArVTczrpi9JVQ6dykUZEmVuyhq7SWBcDyXPaZEmboRAZ7zWpHn-j8xOPpuRCJV7ux70TTf68PDLWD6CzlA1P5gjwKx5a_XMUfeibqi2BOMcc3TeVcaTRSydOtN0Uf9xSu47vtRUwQryuAKr4WbGDtHWc22yf16BS3qLofbgrAZvTPHwzXCufB5HKOf_WpSZ6YuGFgp6do4UpVl5YhgEmRIynMtnR4rVfF-T9_zRzZ8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A4BA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220112&jk=1708355280932279&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
dt
dt.adsafeprotected.com/ Frame 4E33 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=913323&asId=ed04b975-1387-be09-c711-eea4dfa77ae9&tv=%7Bc:1DPk8e,time:2610,type:e,env:%7Bnr_p:1%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:2610,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.41.40,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2601~0%5D,as:%5B2601~41.40%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:310,fm:sURrW8d+11%7C12%7C131%7C132%7C14%7C151%7C16%7C17%7C18%7C191%7C192%7C1a1%7C1a2%7C1b.919015-59742583%7C1b1%7C1b2%7C1b3%7C1c.925113%7C1c1%7C1c2%7C1c3%7C1d1%7C1e11%7C1f1%7C1g1%7C1h11%7C1i11%7C1j1%7C1k*.913323-59535428%7C1k1%7C1l%7C1m,idMap:1k*,rmeas:1,rend:0,renddet:svg.us%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.27.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-27-110.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:20 GMT
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ Frame E444 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bl4SG_Y7mYYyKOY-33wPl9b6oBwAAAAA4AeAEAg&bg=!r6ylrOjNAAaocxMpqHM7ACkAdvg8WhpekFyusn5QpWaL8THiI-EJRGtB6u-hyulTVfGeXhiwalj0wwIAAANZUgAAAANoAQcKAAXkASKJg5kDAhUNx3nzhBWch2PKRdpkXbm5feZPGquYpvlUB8tc8uk7CmjKKN1ViQgt68bW2wj5WcnuoZwhvb79tl8QtvFf0SlOwKimXWOP3iQe1DPGfJfHai6U78tGhiURZ57gjwGxhLuoZwtCFKTD-qPaGjyvvN3Ov7M6o4FgAJrBtG1byUxv1pc0kv83iKuKCCXHNw7Zi_lh2RfYV5p4X8vLa9SEKYI5gfeCNaRODuPy7_UNVQRkikE-XEQDJ1Q50wI7e2JiczkwSn-Alr1caUrwcT4I7oSgxPJg0EBI6XuiSb0O1DYj15maM-I4oL8gGQHBbyjBIq4GejpfulUldSAkoQlIRLCMofwGxldCMLRv2i0cD39378GRQAPR6YqRqQ9GnVMAGEBAbYIcSOBHBtUrQwStCHqajQ1-r507_4p2CRLGgrZmikkdks5OhaMqCM1C-XB9ExZxxWNqMnYxfUNIebWyGKnKD1q-K-BoMyE7kVAjyHY8_MOyOR240CHx3aF6alprqipCKJi52A9Ah0SEI_ChP7WFB8kCALBlJchG0nxxhVnjQwcnmzSg_fXd26CWhR8E4qZ9cK4f2F3gHZ22docXin_dK0w6Uh8_xjLsD2IyxvkfILBI02MbqUTMwD8EdchwKRXWJMCrxsRV9zv9IUaqQ9LcGpWn1PwgzkFyvr0CnPEFVIZqAFNK4RU5pKtxZlCGaU-NMhIKIu9rFM8ktGW9b0JQZUPQng6ACuvgEYTVN-htAgDqfearB3Fq7oI2uIjkPFMkYTON4tS6n3kwtj7nXJhHthd6GLwco2TesHSdz9ZUXEUlanSY48UA5DelLkYPUGOaZIQ-1-egVliDw-wLuBBlOwXNHoBRQExSOxTEZcOXt62zKh-7YaqMfliJofV5gsSrRVKmHF_TKjq7APhqCbhUoL2gWMNtPqA7_P0ASJ0lCFkwfZULZLgn7WwNlYkdVNWQUJwXRAdL4czL-AdY7AfJ9W8mjxPyT-OydTg3rYVuXKrBgHtf7tkI3fgvjUVrdCsE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AB58 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BVD91_Y7mYcCAHceK7gOv5oP4BgAAAAA4AeAEAg&bg=!OTqlOn7NAAaocxMpqHM7ACkAdvg8WjXfcfSn7tZLAqFRrCKNWtmxmkwT64PVcelPpitdhjL-vG2GigIAAAMRUgAAAANoAQeZAxAOHrOeEgDkCkezfOrJJay32uTS1vjs1FwzDFnou20OPqCWrjmIYEETHM4M5rLtN9K8I7LYE7pCg1LkJiYqAit3Bh8E3Ud0D4C4OcTvUrtKQAa-SmBJslFg8Rji6m39SrvhOrJsg5bb-Dflk3ugDonlcSPGtK91HeRC3VjvitNzg9sE0SJ0HZeRpbkFpVTq_irVrvjS97fGrU_8hPbO5mLclABN-zy6O7rceIKVTKYrOpemB0NtQ6c2TgUhA8tSFTdR6jassY2YPKMnN2EIZcmVukAA7xiDozksaIjBVG3rLvT-mIpBbkancTC6BY2hsNSETtgLNqdFneC2_KJEiLWc4qBlJdE_S6vOM64Cho3jwkp0Wvi2oZwt2OvefvS5pqso-idpYLW5q2ZeudLZ7WszPzoQZb51RBbaiItvj5moHhGIFO2SiWuicObGWSuBhZcaSRtHFVOpuQhKvLGmi9IfX8-3oxCwe4lQQ34GGkNHMgjLPI_RMkHz9P2_0cUICIa_OEZKNhWmAvIN4HrtS6hYlae8t_3S1UzbYLfY_qjnFCHPm5K3r8oKWwbBvkJQRGz-LzWE8F5RW4yW9kPu5H_U3Wq2vs_pgt0z1v6W9hl5NI0Tqz2uiing7MT6Jpa3_oLHCMgY10dKuKQPx6MtEPigfEzQ0o4Xo4iTWXphSulf8BAoiEEFi-LsS2DKkGQKvjOm3df3nIFZhmD71dxTdq-QDyG00RB6muVO1LBai8YDpwMh-kY0L9gYhUd2ZwhElz2_GWJc3KFaO_81xPJZuO1LjLRhQE8p2oRKgEZ-ZsT436YDeEqBJK7zCXVbham5IEa0GZmyZdXV6QdBKvj-j1QyH0MqccvQvrHYzdyYIIpbito3lVH6_fwEr1iA2mHa7mfkYM2TRHai9e3qx16VqT0IKs9jaY0XpNdfVrA6jhSYrfPnXDzSZpk-OLAy3dchZBQ8l7ov5m4Lb5XeNaDA-fM9gbYOTHbDRhFgF-vmxQ74KYRN8hwXLFS02ZbKTVJ0oP4XZdqnTmrmmNnUv4u2v6Fw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.it/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.it/adsid/integrator.js?domain=www.farfeshplus.online
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 Jan 2022 09:57:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.farfeshplus.online
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 18 Jan 2022 09:57:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		19 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1708355280932279&correlator=1734301378591779&output=ldjh&impl=fifs&eid=31061814%2C31063820%2C31063871&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220118&iu_parts=21939239661%3A22477364305%2Capl%2Cfarfeshapl%2Cdisplay%2Cdynamic&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&prev_scp=refresh%3Dtrue%26test%3Devent%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cookie=ID%3D87207523970a3bf9-225674b222cd0017%3AT%3D1642499836%3AS%3DALNI_MbPpoiGKgvy5q5_729NZjN8SBomFg&bc=31&abxe=1&lmt=1642499842&dt=1642499842106&dlt=1642499836540&idt=970&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=1219&adks=270484219&ucis=x&ifi=48&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&vis=1&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=true&fws=516&ohw=300&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
2608fa4b646b29b649bc0672de6f53580f22b8b52daadbd5a4a5bc1f5d0a3d18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9541
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.farfeshplus.online
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5E7F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BBYTC_Y7mYc2hDNb4gQf7h5LIBwAAAAA4AeAEAg&bg=!Tk2lTQnNAAaocxMpqHM7ACkAdvg8Wj8KA8XvKHcaUn84YiNvCWrG7Wz-7kyOPlueEas7Ymz9hES6yAIAAAQ1UgAAAANoAQcKAHcHPWL9xEyURxRZkyvOa8rE7i1Y9TTTuCofHJaz3DqmgJcAXLx8KprMR3QxUuMbSLFBnJ0g_aZAr0Xdq_X3Fh8Pjz7jEhN4WrEz9N00v6fDQXbMwGh2XmNQTnchYDvLtk96-PSVsfMB-fOUMHNiHpphmhHQg3Bir5kC9ww5mcqUXhev0x0symnvLODnPJtGcVItmeAol_qVCTpQoSGS3oQtHhuakdbQYN_ZtaL12h2YTqTg0am1GvmE2vQbcYE0kdADwz2BgXlqF2ts9TcPYxqocgdTbBTSqfJafkTkpvOphM5JBJa-zukwQt88lHx1xKhtX8O6g9H5QmMhoRZY1CUs52WOCdTmisTbg3Dl8wsStf5ijxI7eiygbfNkLkbNG8mubnrU2sWzt2FBqBkita5rpHwssrsbKJCwMCWgd4jpkdc613u2iA9E22JhhHVBpRUf9Y55hHVLS3KGADMPduyBhXyowGFTCz_5WYxIHVRm9ejfnlK9BoYyWN_wsQaVIByCVFpdJ7wDaJvMj63Y7vSknINzluuSRIavogzKLkbJvVNtk-s9Rzpir-vT24FiaW5iYkZWEt0BHGuFKy0mFq_eux-w4MyGAdlRpK3Y6WIRWvt-bV1SCvQcxZdiqiQrT_rhtCQb7KNONLtvfp-jnB3y3nY9FPj8DfYhtIXdVGVChGn2C92MO-mjjE7BHpKF0goTjvV2qVnVyn6ZT88Wnfqbn7pTLo5EfBo8u2q8HqeQS6E8wGwc1zDCx_w7cne9bVL0w0BdFKap_pPeTWWrFTeH0V24cHUTVWyhDq1i5cAD_7yHrtoB-qd3cSzvRNdlv_N7zB9ivbj-1Ld3WKu2HBhP1zbS5Fw0WVRxO3450DuQdRfQegenebogWss1adUl-oN12hEsOqlmV-EUSTBcBwmDaPKfYSXXZ_SPdVGTZdKG1ArKGDHFuCBUY4neWAehlNquF9nNJ-Ffnozlaud3CRh5Pr7_Qx5obsOCWfToulbYHtPculjLNo7-n8BMweWI0eYRNQ-YsIR27VLCYnlU01IfyWsba6WYk-QjadoSJ_JMxq1GreHFY_LpozrAA6euvUWZ_aHoN-jFqoza_-r5GrnnrZptjLmcU3bPiyEifqY1fzb7bWqOBSsaXvh-Tr-Qo0bm6L9t9J5cRKPF3gMEGbAgnA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
pagead2.googlesyndication.com/bg/ Frame 9649 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb5358c6c980f19540bb6b15ccf641878aa3d8530e3e225df2e59eab005c3dd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:52:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
32718
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13653
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Jan 2023 00:52:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A8C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=By5Kg_Y7mYYDyHd2ux_AP6M22-AEAAAAAOAHgBAI&bg=!ammlaS3NAAaocxMpqHM7ACkAdvg8WlRQHTDo7gP4MNNe4OvrzeYK6C6q2O77BBo_rnGf2tV8WeKJ_gIAAAM9UgAAAARoAQcKAAEomQNBEvtT8HkN9hi19QE6UAu0nFagIzJD4v0N4tMoM5VuLk_PiMBJB0RxoIuWyyS_urCy9CEnFean1CrPN72_OUWrBDYatHXDcc2N-D9ghiEm1hjvWICnOSkGNKGxaWXSkyTraYFUnDjIJ_HPN3ycYXNMDVSW9thvH_Ap8pjHFKQ43oLxB3W1V8VIqPADAdvUgMrUU7WOHKHT1rlHNRVgUuGC4WRVNg2aGV_Z0jYzaWcHDVlLA_pdNN1TrOa2hqGBi6vumXnPcSMKFJ-Ih4hrCQPHX0MjqpTszJ1bLUC4DyMF7K1k5ARgTgA6kNcOw_kAXFSRxFK0XhmGPweRCS1I4hp7Ovo0bM06oUKcPm5RwB31lKTz_NPAEN2DPGM6yNFhuGArJy-xpxbvZPAWrjvNrEQlSQM-Gj1RK5_i9RCN04KuODmxXAogSeNMztrkiK7d7iyIGJRTPc2LhKLRYiVUroH_FK0eZMm-pcSONu2hKLZMIfS_wUykdMM35xMV6TXkQYlhANIFeNvYdMt2mSaNELra7FOX6NrHGCuHrKlVgNTrjHhOZWDTTJJvGx6MMVWOgANN54ZVKPZx90sM62ntwKNUMn7dD_IGPwiyZ-k8YuqESriA7JECGaDXgyExHvfrXe2uub4L-ofKX87lndH4JdHJmoF_zC-uRUWiuAtFdLB7JuBB_fvKdb-IQEEkn6n1cEu0BZ3xZeQxaKq-DpnyQZd7XJ5KUPRlt5vhTjSRvnh6hYrxuRC0jMnizfhw2Po_i30GtRrADU_euor7_1fMoWm-Rbhb94WDa3xgMz-rWF6rmt-5_ZnVgx-MBT6oQmuaB5aoAKr80HdAnd1Z1CdRzDyFIfZslYhOLZEDZBEL7SHLvhweEmElbJ8CLfFiwBFi8MnwS6P8Majey9yINIL03oWSImJtY-JSFdr5HPp9sIq1_gScVg_M04EynbfLD3-5OhUp7A0xleJQvzAbLZqfPfWAek5T-nGidi6jb5jhgCXg05A3d2MWN3KXPLEydRhjD95G9sPn7AFWiqqz0AoLJbvK9lhS1LeC8TvEOR-UPU-AyoDPNYHSbX7cQlJmm4XGMfGpsDIY28128ecPpRzHTojWkps
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 0C38 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=919015&asId=eaba1760-563e-c9d1-4df5-9123dc4ce96a&tv=%7Bc:1DPk9r,pingTime:1,time:3060,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:674%7D,%7Bpiv:100,vs:i,r:,t:2054%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1006,o:2054,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:674,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1405~0,0~100%5D,as:%5B1405~728.90%5D%7D%7D,%7Bsl:i,t:2054,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1006~100%5D,as:%5B1006~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:284,fm:sURrW8d+11%7C12%7C131%7C132%7C14%7C151%7C16%7C17%7C18%7C191%7C192%7C1a1%7C1a2%7C1a3%7C1b*.919015-59742583%7C1b1%7C1b2%7C1b3%7C1b4%7C1c.925113%7C1c1%7C1c2%7C1c3%7C1d1%7C1e11%7C1e12%7C1f11%7C1g1%7C1h11%7C1i11%7C1i12%7C1j1%7C1j2%7C1k.913323-59535428%7C1k1%7C1k2%7C1k3%7C1l%7C1m,idMap:1b*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.27.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-27-110.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:21 GMT
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 0C38 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=919015&asId=eaba1760-563e-c9d1-4df5-9123dc4ce96a&tv=%7Bc:1DPk9r,pingTime:1,time:3060,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:674%7D,%7Bpiv:100,vs:i,r:,t:2054%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1006,o:2054,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:674,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1405~0,0~100%5D,as:%5B1405~728.90%5D%7D%7D,%7Bsl:i,t:2054,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1006~100%5D,as:%5B1006~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:284,fm:sURrW8d+11%7C12%7C131%7C132%7C14%7C151%7C16%7C17%7C18%7C191%7C192%7C1a1%7C1a2%7C1a3%7C1b*.919015-59742583%7C1b1%7C1b2%7C1b3%7C1b4%7C1c.925113%7C1c1%7C1c2%7C1c3%7C1d1%7C1e11%7C1e12%7C1f11%7C1g1%7C1h11%7C1i11%7C1i12%7C1j1%7C1j2%7C1k.913323-59535428%7C1k1%7C1k2%7C1k3%7C1l%7C1m,idMap:1b*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.27.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-27-110.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:21 GMT
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
generate_204
tpc.googlesyndication.com/ Frame 9649 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ig_YBw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220112&jk=1708355280932279&bg=!5uWl5aHNAAaocxMpqHM7ACkAdvg8WlSvCi_jBlnm6p3ZEUVrKcdcOlxWbKCblvseWWitM9LOXgbOigIAAABtUgAAAANoAQcKACWOLVeD9I-V7b69bj6f5OeCduWeya6-aCjQGznNKOXfAxzWF7kcmQLRNgV3VvI10exK2LsHJAoj24Z1iq0LjbGsF26mooz7k46bFt29NJQnQm2igE_veQNVrbpjuaIW8e_z6x2v-FBtVr5SVPDAnr3VLuCgUVdloM8T6J-xpJEMF028MwyuUqMEQ8v-SW4cIO_nXD2S6hai-zc6G_rJxQm_UvVJUAKTwQyz_wd6iR79zmopt0VqPrLvKm9v7l1x_GjK3KFRBYpI_UHsFLQoQd3R2DuTodKF6qititgsejWo1xFj_p1rfcTn4IYEnID0dmUfj7-hydaoQB-rracxQbhTV7c6rKKnjkudJfAMr-8YgtNnSLC0USK-NjdpwSF-qz--AN88iBeZYMWYZ3PXfjWsYzH_RMZncV2LdAMqB3vJM5Do1nXW4RHknssUvVG2W78WER0tsp42YkpXlnt2IIJzNa7WaPIK5ZQ_4yF-v2gLiZSRRnusjXtefcre-miorVXj2TOYP5YaCYqnRMaZHP-CVNOFHOCRDVWU3eYIz8_EZZTilygivQ-VqAQQ9IzOuXzkqNEgGNfi1dv3hl7EFnn9MVZ5-WVkmA3XsSyFgxMdRYmmPWfTT9-krnMt2YF1QoEgbvDXlRF8KALmVhk6VCi_UYisEpzV8svl8m4sfKpsu84Mk3OJPMhh7cz9whPXnjF9Qw5WXMqNGxcfvsEVJ3WqRvWQd5RgxojGp0HE35pEKOuDJrAdgrt0RMlMxBt3wDHmwO63azqsUvG1_gDT9jfZpEeUPq6xnArGr7_fKHzH4puKQIEk4isxUdOSCqTTTxFY5kY4n0D2kYUJjqF5QWqdgF__jlX-7re2efTY3iRUoKQm9kOB_BxVY6_D8RN9XgxGBTliWkRoOnbKTx0OjeT03uYeRlkOOQFkLszWt07XsH-Z8zxqsjPaoE414JwnXeoUnPLwRBb5nNk3fSqHtYRTl--wJZts8sUrwpixsqmXw-22fzNVoPqwHg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B77C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 18 Jan 2022 09:57:16 GMT
expires
Wed, 18 Jan 2023 09:57:16 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9DA0 		398 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIPUjgIQw9WUAhj3kYabATAB&v=APEucNVgYndRprl2QAFUf1Yx8JSbQpzqsux3U7W92uvQ5DRo9Iz-Wz_AOaFyKGIdLr5pYQ8tZ8Ct5XayrvvRKXsRvTYxxaU5B3US9DmKZKBmi5VBcTdqVwtcOTN7-ra8KYax5ZAn_ekzaNV5ytBFihh96F4jleAT3GCSx8YWR6pWKMC9yDj657o
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 18 Jan 2022 09:57:21 GMT
server
cafe
cache-control
private
content-length
258
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame B77C 		25 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bjaek5PV3x2Csrnk-dRBbj02jroLVFuUkjqddHKew7LMVIpH53XkYtz4DdXMupQC6pus-JiLoFDK_UfZODppgyia03QP0hB0tKWYFWV9Pyj7ee-w1mGNIN1XUvpBZvt828PcOac2BxUts8l44eal6Ekn5YHQ&cry=1&dbm_d=AKAmf-AvLwxw7pHj-EWKIRikRMZbqIYQZopsypFufQF2f4grqmKLO3QW4dM4sAmy-ReCGQLnSgbJbo2l9YbvaUJHw3vsMcucIbD0gvmx27cePA9nObTB5rGmCyxHw3D9X6Im869Uhvkrs9wX2gV-iZdV9ZEtVOn3PxW9vH887v0TZNfhX0JUxTFVhH-p3P2fCEk9CEBgpiDUrD4AIrzjy42V4E5yKvcIqZUxuVlfEBulKqNY0ais-xo-bWuQ9WQuLX_RW6oE39prD1pO8u1VagdhltBtnmu-iY7YMtkyn8I7nXmnSapxTMMz9pYd_xukcdBbzi9bqIslxjF4WkEiLFleZZO_3QbwigBzkK2qongR9YWchff5NBanvBKS3CGFnN8TXAxFvy1m9mcWFldv2AAjWO_0tO-lOpfTVl4auwOgcRwK-nfRGkWbC8BsqBpgS3701_GClR7Sgpw520Vfbf6S2QfhiApzdWbuLjAkHgscR7_VInSMwHaTxEPZWgeb6Bqj9I9Z4X1mx2nOtAvxXU7ymEqtYKntfu8dTMAufTv79kMR0mtN-Uhs2YLS9SfPpEPLRxYSS0qn7utLM9jm9s4nmfwu_jvGBS43kYhubgTeFJOpEzgGjMa1M-NJzTRfEG5oX5ogNVdsQwt08XiKhPBzOpFvJaPWSbFba_UKSqYUao0bCQmfQsCa-shRlvBPVeET2dY3f8jSlECj-Z4hYj6CDvsoaFtWpe5olfEJIYL2P93QDFYIOMtJWaLkhEsI6FAZsq6fvAgtwLgMnEQSyH5pVcb8B_bpQNv08FQobNDefA9QlEF9PRX_XhLF8aDWFvdyGvMtrhny0v8d526mYgo3LTBAOGSOOCsJCg5vkfARmWlEm09uV90p9mFmgwO5PC8UH8to-k340SYJae6SkpFnYehzPmIhGTmHYBAhbfuMceCXeyRNx9xDhWGlf1hU7G8T6Upm3EarWR7t-h4NNw5Epwy4qr2tP9MhkM63N8OQbzYrNFCvYDOkdJYXxO7NHDf9fdljYqWqToJ3eznj4iRnV0Dc2wmDaJw2KLpKoUvku25Ct2c0Wzol08_PNv7D7FT8yL_xsuHbdwMIk-6S-QIPYAHpTMlW_Ob9dpf6HrMB7WRxFLm4ySh8EbbTcqazKnylcIC0Z0c814ddLLlSOa8mSmrNYd046jf5BYNSSPQ1K5eiPZIRj584eubVnccc4SRAxyVNgH0Sk3Ojd2SlbXEU80W53iP94bi2UKNHqXcsFCuCwjH7kmDoduy4iUuMUabFy1sFB82AzDRwRhPKkgCs5Q0lC8InR-BTHtSBFIENp33LKUmnfmuXi6kszJUZMCk1BFvhwXVdEBntz3_8bpitp6miwGQ2XIv4ZYiHNr-Chdo1kAnMno8X910QHA271pdpFG2MsG2dqTaBDCxyBe6WMastQqaEBCJd4eXTczTzhhAkM93ZqpD-kYMK1buW8cc8Uxf7G4RJSDPldZt_25hYpwSoUr3LjTcxYVncMQnng1nE4A_b5scw600J6yjDKh5sfgHMEjQfFvf5u9zIlB2E8sPjAk-BFC6Ea1SkqAFFjJ8Ecb8c5x54W4hHfP_GyxBOgFTHn9lNvt9P_3M5JV1W9wbnA5kMfotftkZbNlKxMHsoj6jJMsTNLccDrvs0-8J9ITFfabaLbKbNcJc5TjDeAH7HXCSc17CI3m9OtLWsIwlwjprNbWDkBT3RfmjPHR-gblcH-_2mfIsVHPPLrjLDXjTaN2vcL4ezX-lT5VhqDI5rYIqmgKkDgpbR43RNswoJx6grFBGucl1cMfgZWtqBEQ9dxyzoRRASJfDMLeHCdiIZKNAGfHtn8Ewtd_MJtJZ6pij0P7PiCgBfh8d_K6tDu2rNP1NAKXkAhiuv709-TC8k2CCK1P3SD4YUM6iJGtMq3Bj_ilaMOC2Goo16BfthzyDCjCtgrUKpPzySRuyJAHdnhFoFYo7SvtGeUxzQicOd4hySJ-ez2F1pjBQy8IJaBA2D3Tk3R-HHPAfCfynhAgYzYmHVKJcV5iL5UnoWUlVsLWjcdALTjktVotJalNLWAWZRZSYlDNqg6mpRkJfaPN5aWAyyca2Tj2cZHjLI5SBfKlOSgEaXIB_xGyUCDyPSXA0_OIDffqMMoBnC5ZrMsXiP24g7ORS2oEQHkfNTHwvrOXspL9R5j3Imil5sgt2azTPfu7uvGPIO9XtT8vgAuhRCgjYCX_nDkrkNUu9fms4V3Zu0OViV9YnFGLedCDJkUp324taPl1PFvj38zAEdCMlGfKo3hesvbkdBbRfCXLHZsFjB8z_gSCo4BVERNZnd0GWC-o09pYxSCD0psYZEan_ruNdmwMg_VITYl3aYpHSmBD5Dxdjg2A7FmQzFElkTtm7iMxTGz0O7V8SLWB-zRDK3jUBWGC3o4anXRH5572JKghO_DKRGpDUQIUnnj402jcGiwKm6wc1ddtnVTZycrAAHxRKN5qodc07PLui6Bq048d01LFmAhKpQXtZjj9cq0FnKXqaLthOe_T-STgIp26UW8uzhtR8G7LzMcTAJmTFpMz8FRv5ZolOeszFIR2UX191f26J91uoKE8nyiGul-sGW2DaRjR7Cn21Orozsa58ZFLPROOYlO32gtYtNYix7ujtHp4_tAP-UZQwt4QoPUitwJuaTcKNPF4KB7bpQlZuz9SyaFvIkJCchHJxdr19_lHNstN1eH1b_98b-OuiuBlXve4oLfB33r9AI-SOV_AibFZn7zrgrc3zCKExGWSGXLr0IZG2NPsjSZSp5ri-fPsVy5ZnlG_hQpeHogA1xF6jirn5z_PQPdIeX11GwGunvLcmbksFiftvLSBA7klZ3mRnsagUQdivbojU3H1NJSwqHvfzlKU3SddIV3TM7rQwaA3I14Ypl_724ceECPk1HO_6H3hQN5aG1QpMWSm8jex_h9b6Ie6r-huX7zRrzS_bnWY2oNGJfctAi9dnKxDprOpgdr8vryI7qDIr2RMsa--mWitMlI1UzpT0sDibkNgbskkHc0Je1HYGO6FE1O1qvFnOFoIJie1nHhRErnB9-a3uCOojzyUHmI6QBz_jNyK2HeTmIe8etCzOdFMFSXbWQrzqkWCAyc7pqohQIONsUavuDAqxo5Hw5-ySEbWpCrOiZTSnCd5iuzO0DapUSH91ybhfjWg6lOKy5nuyhrKyr77QD8iKNwOMn-acBgGjdI8FP3mZg8PD4LnnEA-CCNRQTZtDeSGUhwtaOTLK3RsayqjsWqIG9hDeocHY1y31f6hiqYRgHSyL2uS9hZOJlLPnpPUR_YGyzqRo8I7RW_dfnHsPa4yd3qx3zBxeY9S9h7stRfKS5hF0uAs3p2Oeh2TeGi1ys4Q3Dx6uEFO659xExnudBrTJqBkBxnm-0KZYWI_nDpuSsCETPVPA3TxxbJBdn5hqHjawhP_fdyBK3nvyrkLVljl7_k0_CQ6Mo8T8Y7PoEJaO79c3iS5akQhzrimx5Ao5bnUxQ_4i4y5AazvsKWZnrzFYzcjpDm4zK9xhHc1UjG_PS7D9bv6S9fgJgsfzUZWbecD0hKcPPbAI32iyHrfJISfWet3Fu&cid=CAASEuRoSbuWAMRYKB3oUVvgRxn5SQ&rfl=1%2Chttps%253A%252F%252Fwww.farfeshplus.online%252F%240
Requested by
Host: www.farfeshplus.online
URL: https://www.farfeshplus.online/FP45.asp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a39b3b2a8430a65a37ce70a72039526532d0f1afd977d0b65daa4607ccd0680
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14521
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B77C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DkR5FcAgx8AlHp8VUzGUPHkbSRCXJzeslzpfh76leEec-r25C7Nb2vAPW8wU1shLUOLZXZmo6RjnQnT9p7Xc1hwIS3cl4CrdTpz7mvDUnoNuf47S8
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/adfscript/ Frame B77C 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=43265175;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=Cq5-GAY_mYdYo2IDv9Q-xnKFApfPwt2fdr_L0iA23wLSykiUQASCosoV8YP2CkYToEaABmdvh4ALIAQmpAmWHOrSMHrM-qAMBqgSbAk_Q2H4CFSny47EsDMDCGNOPHM0OBq7GMZhy4kUsle0tzdzz6GVBGrgrPTpdecR6f4e8ukVDO_q-soHvkU0VE8e59FIJtCCIhL_yKvtRumxolfded1gzJD4F0dsWZZZe1hjujnSflpSs6g6HwaavLhZNzfxN2XWOz0uMLjm84hO3CSEmh3DNn3qebaOVHTsrL68M5dAzkmgKIjSefKxrbYZnaDBwDC3PKIvNtsxKPYX4RGJqlwLmsoDM0sBa0sR0ICGxD1RpqeF6OphP-AHDd9SIo-qfSDYyIgNHitYeaD_L_KZn-MyiuqjYcomt0L78Le-eVB7bvXS46U4umdmlMcvJ6-5lj9TqbxBbhYpMAciQD028bDKe5FuG-UvABMfTjpatA-AEA5AGAaAGTYAHz6SenwGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTUxNDY5OTkzNTIzNzk0NjeACgOYCwHICwGADAGwE-rI9g3QEwDYEwPYFAHQFQGAFwE&ae=1&num=1&cid=CAASEuRoSbuWAMRYKB3oUVvgRxn5SQ&sig=AOD64_1ZYPAUaZhPCRHiweR1SanLpPEj1w&client=ca-pub-2930805104418204&dbm_c=AKAmf-CTKWGd17uXItK0C-hvhiVOwUUT6SnyBP9P1wMf6FUQKYtfzuHDDaukIWuvZYzVWrBwQXq3dxaNCdQqxpuIZrOp8G1VJnnHZKLYSdvGObwI5ZD69qUyjLWdxpl99lZxk9Lf99Q9SqBoQjxiktAsNq1FrJVifQ&cry=1&dbm_d=AKAmf-Ah-csJZLXPNXx5ZayZTCwR0Rndyb0NVXTeGd-mNKs2xf6CWKLUPWj-BiPbfmr3tROEzTzYXe3hu3_aurFllA3K25qsFIlsrDhMlPJ2ku790FD3AtMoAll6pU9rJACoomVJAXWoZMTp3d-SfvG8z9KNie2K0rGa25p4voxOcvtQ5MBx8QVRtJUPfaHIJ5IgXpxSO6ffcW8ma6kaVkUf3eY8YdrZbaokpvLQAQdixoWQzdOyhebo1xLCJLgUv-DM1w9DOL0dXeY4UgSBS26QRNNHH1hZmF0WGADexmczQl8WdNJDcxor8Gs9FwnxK1JGSaX8PezEkIcZZt8FUexP1OWGzhICCSwyDjhSHzRfnmB1JwReW8yg6XTeeE6Z6-OxWQaO7BkM6wbCUM6z4DFt0ocIdxxPVYDP28JisXqUzsBki7cLzxtVEC1y0DQEl-rBIuGkVvy2CRgk3cPDsDzZrUu1gSA5rA&adurl=
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
a34e85e5de50f707ed9b55b8c7752fa7e964b3e169dca41b90bc2075ff7d0555
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:21 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2163
expires
-1
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame B77C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:54:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:54:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B77C 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 18 Jan 2022 09:57:21 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame B77C 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1076
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:39:25 GMT
l
www.google.com/ads/measurement/ Frame B77C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS359y41aIu2uTyNGwv2MufevhhM-RcO1n4WXWALunqY6vjEuGpBfqb7gTjrG6yEaI_unkiONj0KvalOzNUKdF36yjD1g
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
/
rtb-csync.smartadserver.com/redir/ Frame 9DA0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESENZuzbXMw6bgYEbh0bB4QWo&google_cver=1
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESENZuzbXMw6bgYEbh0bB4QWo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIPUjgIQw9WUAhj3kYabATAB&v=APEucNVgYndRprl2QAFUf1Yx8JSbQpzqsux3U7W92uvQ5DRo9Iz-Wz_AOaFyKGIdLr5pYQ8tZ8Ct5XayrvvRKXsRvTYxxaU5B3US9DmKZKBmi5VBcTdqVwtcOTN7-ra8KYax5ZAn_ekzaNV5ytBFihh96F4jleAT3GCSx8YWR6pWKMC9yDj657o
Protocol
HTTP/1.1
Server
185.86.138.143 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:21 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESENZuzbXMw6bgYEbh0bB4QWo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 9DA0 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIPUjgIQw9WUAhj3kYabATAB&v=APEucNVgYndRprl2QAFUf1Yx8JSbQpzqsux3U7W92uvQ5DRo9Iz-Wz_AOaFyKGIdLr5pYQ8tZ8Ct5XayrvvRKXsRvTYxxaU5B3US9DmKZKBmi5VBcTdqVwtcOTN7-ra8KYax5ZAn_ekzaNV5ytBFihh96F4jleAT3GCSx8YWR6pWKMC9yDj657o
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.143 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:21 GMT
transfer-encoding
chunked
content-type
image/gif
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame B77C 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bjaek5PV3x2Csrnk-dRBbj02jroLVFuUkjqddHKew7LMVIpH53XkYtz4DdXMupQC6pus-JiLoFDK_UfZODppgyia03QP0hB0tKWYFWV9Pyj7ee-w1mGNIN1XUvpBZvt828PcOac2BxUts8l44eal6Ekn5YHQ&cry=1&dbm_d=AKAmf-AvLwxw7pHj-EWKIRikRMZbqIYQZopsypFufQF2f4grqmKLO3QW4dM4sAmy-ReCGQLnSgbJbo2l9YbvaUJHw3vsMcucIbD0gvmx27cePA9nObTB5rGmCyxHw3D9X6Im869Uhvkrs9wX2gV-iZdV9ZEtVOn3PxW9vH887v0TZNfhX0JUxTFVhH-p3P2fCEk9CEBgpiDUrD4AIrzjy42V4E5yKvcIqZUxuVlfEBulKqNY0ais-xo-bWuQ9WQuLX_RW6oE39prD1pO8u1VagdhltBtnmu-iY7YMtkyn8I7nXmnSapxTMMz9pYd_xukcdBbzi9bqIslxjF4WkEiLFleZZO_3QbwigBzkK2qongR9YWchff5NBanvBKS3CGFnN8TXAxFvy1m9mcWFldv2AAjWO_0tO-lOpfTVl4auwOgcRwK-nfRGkWbC8BsqBpgS3701_GClR7Sgpw520Vfbf6S2QfhiApzdWbuLjAkHgscR7_VInSMwHaTxEPZWgeb6Bqj9I9Z4X1mx2nOtAvxXU7ymEqtYKntfu8dTMAufTv79kMR0mtN-Uhs2YLS9SfPpEPLRxYSS0qn7utLM9jm9s4nmfwu_jvGBS43kYhubgTeFJOpEzgGjMa1M-NJzTRfEG5oX5ogNVdsQwt08XiKhPBzOpFvJaPWSbFba_UKSqYUao0bCQmfQsCa-shRlvBPVeET2dY3f8jSlECj-Z4hYj6CDvsoaFtWpe5olfEJIYL2P93QDFYIOMtJWaLkhEsI6FAZsq6fvAgtwLgMnEQSyH5pVcb8B_bpQNv08FQobNDefA9QlEF9PRX_XhLF8aDWFvdyGvMtrhny0v8d526mYgo3LTBAOGSOOCsJCg5vkfARmWlEm09uV90p9mFmgwO5PC8UH8to-k340SYJae6SkpFnYehzPmIhGTmHYBAhbfuMceCXeyRNx9xDhWGlf1hU7G8T6Upm3EarWR7t-h4NNw5Epwy4qr2tP9MhkM63N8OQbzYrNFCvYDOkdJYXxO7NHDf9fdljYqWqToJ3eznj4iRnV0Dc2wmDaJw2KLpKoUvku25Ct2c0Wzol08_PNv7D7FT8yL_xsuHbdwMIk-6S-QIPYAHpTMlW_Ob9dpf6HrMB7WRxFLm4ySh8EbbTcqazKnylcIC0Z0c814ddLLlSOa8mSmrNYd046jf5BYNSSPQ1K5eiPZIRj584eubVnccc4SRAxyVNgH0Sk3Ojd2SlbXEU80W53iP94bi2UKNHqXcsFCuCwjH7kmDoduy4iUuMUabFy1sFB82AzDRwRhPKkgCs5Q0lC8InR-BTHtSBFIENp33LKUmnfmuXi6kszJUZMCk1BFvhwXVdEBntz3_8bpitp6miwGQ2XIv4ZYiHNr-Chdo1kAnMno8X910QHA271pdpFG2MsG2dqTaBDCxyBe6WMastQqaEBCJd4eXTczTzhhAkM93ZqpD-kYMK1buW8cc8Uxf7G4RJSDPldZt_25hYpwSoUr3LjTcxYVncMQnng1nE4A_b5scw600J6yjDKh5sfgHMEjQfFvf5u9zIlB2E8sPjAk-BFC6Ea1SkqAFFjJ8Ecb8c5x54W4hHfP_GyxBOgFTHn9lNvt9P_3M5JV1W9wbnA5kMfotftkZbNlKxMHsoj6jJMsTNLccDrvs0-8J9ITFfabaLbKbNcJc5TjDeAH7HXCSc17CI3m9OtLWsIwlwjprNbWDkBT3RfmjPHR-gblcH-_2mfIsVHPPLrjLDXjTaN2vcL4ezX-lT5VhqDI5rYIqmgKkDgpbR43RNswoJx6grFBGucl1cMfgZWtqBEQ9dxyzoRRASJfDMLeHCdiIZKNAGfHtn8Ewtd_MJtJZ6pij0P7PiCgBfh8d_K6tDu2rNP1NAKXkAhiuv709-TC8k2CCK1P3SD4YUM6iJGtMq3Bj_ilaMOC2Goo16BfthzyDCjCtgrUKpPzySRuyJAHdnhFoFYo7SvtGeUxzQicOd4hySJ-ez2F1pjBQy8IJaBA2D3Tk3R-HHPAfCfynhAgYzYmHVKJcV5iL5UnoWUlVsLWjcdALTjktVotJalNLWAWZRZSYlDNqg6mpRkJfaPN5aWAyyca2Tj2cZHjLI5SBfKlOSgEaXIB_xGyUCDyPSXA0_OIDffqMMoBnC5ZrMsXiP24g7ORS2oEQHkfNTHwvrOXspL9R5j3Imil5sgt2azTPfu7uvGPIO9XtT8vgAuhRCgjYCX_nDkrkNUu9fms4V3Zu0OViV9YnFGLedCDJkUp324taPl1PFvj38zAEdCMlGfKo3hesvbkdBbRfCXLHZsFjB8z_gSCo4BVERNZnd0GWC-o09pYxSCD0psYZEan_ruNdmwMg_VITYl3aYpHSmBD5Dxdjg2A7FmQzFElkTtm7iMxTGz0O7V8SLWB-zRDK3jUBWGC3o4anXRH5572JKghO_DKRGpDUQIUnnj402jcGiwKm6wc1ddtnVTZycrAAHxRKN5qodc07PLui6Bq048d01LFmAhKpQXtZjj9cq0FnKXqaLthOe_T-STgIp26UW8uzhtR8G7LzMcTAJmTFpMz8FRv5ZolOeszFIR2UX191f26J91uoKE8nyiGul-sGW2DaRjR7Cn21Orozsa58ZFLPROOYlO32gtYtNYix7ujtHp4_tAP-UZQwt4QoPUitwJuaTcKNPF4KB7bpQlZuz9SyaFvIkJCchHJxdr19_lHNstN1eH1b_98b-OuiuBlXve4oLfB33r9AI-SOV_AibFZn7zrgrc3zCKExGWSGXLr0IZG2NPsjSZSp5ri-fPsVy5ZnlG_hQpeHogA1xF6jirn5z_PQPdIeX11GwGunvLcmbksFiftvLSBA7klZ3mRnsagUQdivbojU3H1NJSwqHvfzlKU3SddIV3TM7rQwaA3I14Ypl_724ceECPk1HO_6H3hQN5aG1QpMWSm8jex_h9b6Ie6r-huX7zRrzS_bnWY2oNGJfctAi9dnKxDprOpgdr8vryI7qDIr2RMsa--mWitMlI1UzpT0sDibkNgbskkHc0Je1HYGO6FE1O1qvFnOFoIJie1nHhRErnB9-a3uCOojzyUHmI6QBz_jNyK2HeTmIe8etCzOdFMFSXbWQrzqkWCAyc7pqohQIONsUavuDAqxo5Hw5-ySEbWpCrOiZTSnCd5iuzO0DapUSH91ybhfjWg6lOKy5nuyhrKyr77QD8iKNwOMn-acBgGjdI8FP3mZg8PD4LnnEA-CCNRQTZtDeSGUhwtaOTLK3RsayqjsWqIG9hDeocHY1y31f6hiqYRgHSyL2uS9hZOJlLPnpPUR_YGyzqRo8I7RW_dfnHsPa4yd3qx3zBxeY9S9h7stRfKS5hF0uAs3p2Oeh2TeGi1ys4Q3Dx6uEFO659xExnudBrTJqBkBxnm-0KZYWI_nDpuSsCETPVPA3TxxbJBdn5hqHjawhP_fdyBK3nvyrkLVljl7_k0_CQ6Mo8T8Y7PoEJaO79c3iS5akQhzrimx5Ao5bnUxQ_4i4y5AazvsKWZnrzFYzcjpDm4zK9xhHc1UjG_PS7D9bv6S9fgJgsfzUZWbecD0hKcPPbAI32iyHrfJISfWet3Fu&cid=CAASEuRoSbuWAMRYKB3oUVvgRxn5SQ&rfl=1%2Chttps%253A%252F%252Fwww.farfeshplus.online%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7c55617f84818daf4c70cc10ada26ddd5b582b1d1c2c2829b3220487a6db477
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:54:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
163
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
server
cafe
etag
6261108306223674270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 09:54:38 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B77C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bjaek5PV3x2Csrnk-dRBbj02jroLVFuUkjqddHKew7LMVIpH53XkYtz4DdXMupQC6pus-JiLoFDK_UfZODppgyia03QP0hB0tKWYFWV9Pyj7ee-w1mGNIN1XUvpBZvt828PcOac2BxUts8l44eal6Ekn5YHQ&cry=1&dbm_d=AKAmf-AvLwxw7pHj-EWKIRikRMZbqIYQZopsypFufQF2f4grqmKLO3QW4dM4sAmy-ReCGQLnSgbJbo2l9YbvaUJHw3vsMcucIbD0gvmx27cePA9nObTB5rGmCyxHw3D9X6Im869Uhvkrs9wX2gV-iZdV9ZEtVOn3PxW9vH887v0TZNfhX0JUxTFVhH-p3P2fCEk9CEBgpiDUrD4AIrzjy42V4E5yKvcIqZUxuVlfEBulKqNY0ais-xo-bWuQ9WQuLX_RW6oE39prD1pO8u1VagdhltBtnmu-iY7YMtkyn8I7nXmnSapxTMMz9pYd_xukcdBbzi9bqIslxjF4WkEiLFleZZO_3QbwigBzkK2qongR9YWchff5NBanvBKS3CGFnN8TXAxFvy1m9mcWFldv2AAjWO_0tO-lOpfTVl4auwOgcRwK-nfRGkWbC8BsqBpgS3701_GClR7Sgpw520Vfbf6S2QfhiApzdWbuLjAkHgscR7_VInSMwHaTxEPZWgeb6Bqj9I9Z4X1mx2nOtAvxXU7ymEqtYKntfu8dTMAufTv79kMR0mtN-Uhs2YLS9SfPpEPLRxYSS0qn7utLM9jm9s4nmfwu_jvGBS43kYhubgTeFJOpEzgGjMa1M-NJzTRfEG5oX5ogNVdsQwt08XiKhPBzOpFvJaPWSbFba_UKSqYUao0bCQmfQsCa-shRlvBPVeET2dY3f8jSlECj-Z4hYj6CDvsoaFtWpe5olfEJIYL2P93QDFYIOMtJWaLkhEsI6FAZsq6fvAgtwLgMnEQSyH5pVcb8B_bpQNv08FQobNDefA9QlEF9PRX_XhLF8aDWFvdyGvMtrhny0v8d526mYgo3LTBAOGSOOCsJCg5vkfARmWlEm09uV90p9mFmgwO5PC8UH8to-k340SYJae6SkpFnYehzPmIhGTmHYBAhbfuMceCXeyRNx9xDhWGlf1hU7G8T6Upm3EarWR7t-h4NNw5Epwy4qr2tP9MhkM63N8OQbzYrNFCvYDOkdJYXxO7NHDf9fdljYqWqToJ3eznj4iRnV0Dc2wmDaJw2KLpKoUvku25Ct2c0Wzol08_PNv7D7FT8yL_xsuHbdwMIk-6S-QIPYAHpTMlW_Ob9dpf6HrMB7WRxFLm4ySh8EbbTcqazKnylcIC0Z0c814ddLLlSOa8mSmrNYd046jf5BYNSSPQ1K5eiPZIRj584eubVnccc4SRAxyVNgH0Sk3Ojd2SlbXEU80W53iP94bi2UKNHqXcsFCuCwjH7kmDoduy4iUuMUabFy1sFB82AzDRwRhPKkgCs5Q0lC8InR-BTHtSBFIENp33LKUmnfmuXi6kszJUZMCk1BFvhwXVdEBntz3_8bpitp6miwGQ2XIv4ZYiHNr-Chdo1kAnMno8X910QHA271pdpFG2MsG2dqTaBDCxyBe6WMastQqaEBCJd4eXTczTzhhAkM93ZqpD-kYMK1buW8cc8Uxf7G4RJSDPldZt_25hYpwSoUr3LjTcxYVncMQnng1nE4A_b5scw600J6yjDKh5sfgHMEjQfFvf5u9zIlB2E8sPjAk-BFC6Ea1SkqAFFjJ8Ecb8c5x54W4hHfP_GyxBOgFTHn9lNvt9P_3M5JV1W9wbnA5kMfotftkZbNlKxMHsoj6jJMsTNLccDrvs0-8J9ITFfabaLbKbNcJc5TjDeAH7HXCSc17CI3m9OtLWsIwlwjprNbWDkBT3RfmjPHR-gblcH-_2mfIsVHPPLrjLDXjTaN2vcL4ezX-lT5VhqDI5rYIqmgKkDgpbR43RNswoJx6grFBGucl1cMfgZWtqBEQ9dxyzoRRASJfDMLeHCdiIZKNAGfHtn8Ewtd_MJtJZ6pij0P7PiCgBfh8d_K6tDu2rNP1NAKXkAhiuv709-TC8k2CCK1P3SD4YUM6iJGtMq3Bj_ilaMOC2Goo16BfthzyDCjCtgrUKpPzySRuyJAHdnhFoFYo7SvtGeUxzQicOd4hySJ-ez2F1pjBQy8IJaBA2D3Tk3R-HHPAfCfynhAgYzYmHVKJcV5iL5UnoWUlVsLWjcdALTjktVotJalNLWAWZRZSYlDNqg6mpRkJfaPN5aWAyyca2Tj2cZHjLI5SBfKlOSgEaXIB_xGyUCDyPSXA0_OIDffqMMoBnC5ZrMsXiP24g7ORS2oEQHkfNTHwvrOXspL9R5j3Imil5sgt2azTPfu7uvGPIO9XtT8vgAuhRCgjYCX_nDkrkNUu9fms4V3Zu0OViV9YnFGLedCDJkUp324taPl1PFvj38zAEdCMlGfKo3hesvbkdBbRfCXLHZsFjB8z_gSCo4BVERNZnd0GWC-o09pYxSCD0psYZEan_ruNdmwMg_VITYl3aYpHSmBD5Dxdjg2A7FmQzFElkTtm7iMxTGz0O7V8SLWB-zRDK3jUBWGC3o4anXRH5572JKghO_DKRGpDUQIUnnj402jcGiwKm6wc1ddtnVTZycrAAHxRKN5qodc07PLui6Bq048d01LFmAhKpQXtZjj9cq0FnKXqaLthOe_T-STgIp26UW8uzhtR8G7LzMcTAJmTFpMz8FRv5ZolOeszFIR2UX191f26J91uoKE8nyiGul-sGW2DaRjR7Cn21Orozsa58ZFLPROOYlO32gtYtNYix7ujtHp4_tAP-UZQwt4QoPUitwJuaTcKNPF4KB7bpQlZuz9SyaFvIkJCchHJxdr19_lHNstN1eH1b_98b-OuiuBlXve4oLfB33r9AI-SOV_AibFZn7zrgrc3zCKExGWSGXLr0IZG2NPsjSZSp5ri-fPsVy5ZnlG_hQpeHogA1xF6jirn5z_PQPdIeX11GwGunvLcmbksFiftvLSBA7klZ3mRnsagUQdivbojU3H1NJSwqHvfzlKU3SddIV3TM7rQwaA3I14Ypl_724ceECPk1HO_6H3hQN5aG1QpMWSm8jex_h9b6Ie6r-huX7zRrzS_bnWY2oNGJfctAi9dnKxDprOpgdr8vryI7qDIr2RMsa--mWitMlI1UzpT0sDibkNgbskkHc0Je1HYGO6FE1O1qvFnOFoIJie1nHhRErnB9-a3uCOojzyUHmI6QBz_jNyK2HeTmIe8etCzOdFMFSXbWQrzqkWCAyc7pqohQIONsUavuDAqxo5Hw5-ySEbWpCrOiZTSnCd5iuzO0DapUSH91ybhfjWg6lOKy5nuyhrKyr77QD8iKNwOMn-acBgGjdI8FP3mZg8PD4LnnEA-CCNRQTZtDeSGUhwtaOTLK3RsayqjsWqIG9hDeocHY1y31f6hiqYRgHSyL2uS9hZOJlLPnpPUR_YGyzqRo8I7RW_dfnHsPa4yd3qx3zBxeY9S9h7stRfKS5hF0uAs3p2Oeh2TeGi1ys4Q3Dx6uEFO659xExnudBrTJqBkBxnm-0KZYWI_nDpuSsCETPVPA3TxxbJBdn5hqHjawhP_fdyBK3nvyrkLVljl7_k0_CQ6Mo8T8Y7PoEJaO79c3iS5akQhzrimx5Ao5bnUxQ_4i4y5AazvsKWZnrzFYzcjpDm4zK9xhHc1UjG_PS7D9bv6S9fgJgsfzUZWbecD0hKcPPbAI32iyHrfJISfWet3Fu&cid=CAASEuRoSbuWAMRYKB3oUVvgRxn5SQ&rfl=1%2Chttps%253A%252F%252Fwww.farfeshplus.online%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:31:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69943
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Jan 2023 14:31:38 GMT
multitracking
hb.aplhb.adipolo.com/adunit/ 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aplhb.adipolo.com/adunit/multitracking
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/456249/wrapper_hb_323303_12961.es6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.farfeshplus.online/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.farfeshplus.online
Date
Tue, 18 Jan 2022 09:57:21 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B8FD 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 17 Jan 2022 14:31:40 GMT
expires
Tue, 17 Jan 2023 14:31:40 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
69941
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame B77C 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=43265175;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=Cq5-GAY_mYdYo2IDv9Q-xnKFApfPwt2fdr_L0iA23wLSykiUQASCosoV8YP2CkYToEaABmdvh4ALIAQmpAmWHOrSMHrM-qAMBqgSbAk_Q2H4CFSny47EsDMDCGNOPHM0OBq7GMZhy4kUsle0tzdzz6GVBGrgrPTpdecR6f4e8ukVDO_q-soHvkU0VE8e59FIJtCCIhL_yKvtRumxolfded1gzJD4F0dsWZZZe1hjujnSflpSs6g6HwaavLhZNzfxN2XWOz0uMLjm84hO3CSEmh3DNn3qebaOVHTsrL68M5dAzkmgKIjSefKxrbYZnaDBwDC3PKIvNtsxKPYX4RGJqlwLmsoDM0sBa0sR0ICGxD1RpqeF6OphP-AHDd9SIo-qfSDYyIgNHitYeaD_L_KZn-MyiuqjYcomt0L78Le-eVB7bvXS46U4umdmlMcvJ6-5lj9TqbxBbhYpMAciQD028bDKe5FuG-UvABMfTjpatA-AEA5AGAaAGTYAHz6SenwGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTUxNDY5OTkzNTIzNzk0NjeACgOYCwHICwGADAGwE-rI9g3QEwDYEwPYFAHQFQGAFwE&ae=1&num=1&cid=CAASEuRoSbuWAMRYKB3oUVvgRxn5SQ&sig=AOD64_1ZYPAUaZhPCRHiweR1SanLpPEj1w&client=ca-pub-2930805104418204&dbm_c=AKAmf-CTKWGd17uXItK0C-hvhiVOwUUT6SnyBP9P1wMf6FUQKYtfzuHDDaukIWuvZYzVWrBwQXq3dxaNCdQqxpuIZrOp8G1VJnnHZKLYSdvGObwI5ZD69qUyjLWdxpl99lZxk9Lf99Q9SqBoQjxiktAsNq1FrJVifQ&cry=1&dbm_d=AKAmf-Ah-csJZLXPNXx5ZayZTCwR0Rndyb0NVXTeGd-mNKs2xf6CWKLUPWj-BiPbfmr3tROEzTzYXe3hu3_aurFllA3K25qsFIlsrDhMlPJ2ku790FD3AtMoAll6pU9rJACoomVJAXWoZMTp3d-SfvG8z9KNie2K0rGa25p4voxOcvtQ5MBx8QVRtJUPfaHIJ5IgXpxSO6ffcW8ma6kaVkUf3eY8YdrZbaokpvLQAQdixoWQzdOyhebo1xLCJLgUv-DM1w9DOL0dXeY4UgSBS26QRNNHH1hZmF0WGADexmczQl8WdNJDcxor8Gs9FwnxK1JGSaX8PezEkIcZZt8FUexP1OWGzhICCSwyDjhSHzRfnmB1JwReW8yg6XTeeE6Z6-OxWQaO7BkM6wbCUM6z4DFt0ocIdxxPVYDP28JisXqUzsBki7cLzxtVEC1y0DQEl-rBIuGkVvy2CRgk3cPDsDzZrUu1gSA5rA&adurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
18191afabdd55f31f8da7876213eb471318fcbff80cd186aba13bbe8d7461585

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:21 GMT
content-encoding
gzip
last-modified
Wed, 05 Jan 2022 15:01:11 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 19 Jan 2022 13:27:01 GMT
u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
pagead2.googlesyndication.com/bg/ Frame B8FD 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb5358c6c980f19540bb6b15ccf641878aa3d8530e3e225df2e59eab005c3dd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 00:52:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
32719
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13653
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Jan 2023 00:52:02 GMT
/
track.adform.net/adfserve/ Frame B77C 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=43265175;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=Cq5-GAY_mYdYo2IDv9Q-xnKFApfPwt2fdr_L0iA23wLSykiUQASCosoV8YP2CkYToEaABmdvh4ALIAQmpAmWHOrSMHrM-qAMBqgSbAk_Q2H4CFSny47EsDMDCGNOPHM0OBq7GMZhy4kUsle0tzdzz6GVBGrgrPTpdecR6f4e8ukVDO_q-soHvkU0VE8e59FIJtCCIhL_yKvtRumxolfded1gzJD4F0dsWZZZe1hjujnSflpSs6g6HwaavLhZNzfxN2XWOz0uMLjm84hO3CSEmh3DNn3qebaOVHTsrL68M5dAzkmgKIjSefKxrbYZnaDBwDC3PKIvNtsxKPYX4RGJqlwLmsoDM0sBa0sR0ICGxD1RpqeF6OphP-AHDd9SIo-qfSDYyIgNHitYeaD_L_KZn-MyiuqjYcomt0L78Le-eVB7bvXS46U4umdmlMcvJ6-5lj9TqbxBbhYpMAciQD028bDKe5FuG-UvABMfTjpatA-AEA5AGAaAGTYAHz6SenwGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTUxNDY5OTkzNTIzNzk0NjeACgOYCwHICwGADAGwE-rI9g3QEwDYEwPYFAHQFQGAFwE&ae=1&num=1&cid=CAASEuRoSbuWAMRYKB3oUVvgRxn5SQ&sig=AOD64_1ZYPAUaZhPCRHiweR1SanLpPEj1w&client=ca-pub-2930805104418204&dbm_c=AKAmf-CTKWGd17uXItK0C-hvhiVOwUUT6SnyBP9P1wMf6FUQKYtfzuHDDaukIWuvZYzVWrBwQXq3dxaNCdQqxpuIZrOp8G1VJnnHZKLYSdvGObwI5ZD69qUyjLWdxpl99lZxk9Lf99Q9SqBoQjxiktAsNq1FrJVifQ&cry=1&dbm_d=AKAmf-Ah-csJZLXPNXx5ZayZTCwR0Rndyb0NVXTeGd-mNKs2xf6CWKLUPWj-BiPbfmr3tROEzTzYXe3hu3_aurFllA3K25qsFIlsrDhMlPJ2ku790FD3AtMoAll6pU9rJACoomVJAXWoZMTp3d-SfvG8z9KNie2K0rGa25p4voxOcvtQ5MBx8QVRtJUPfaHIJ5IgXpxSO6ffcW8ma6kaVkUf3eY8YdrZbaokpvLQAQdixoWQzdOyhebo1xLCJLgUv-DM1w9DOL0dXeY4UgSBS26QRNNHH1hZmF0WGADexmczQl8WdNJDcxor8Gs9FwnxK1JGSaX8PezEkIcZZt8FUexP1OWGzhICCSwyDjhSHzRfnmB1JwReW8yg6XTeeE6Z6-OxWQaO7BkM6wbCUM6z4DFt0ocIdxxPVYDP28JisXqUzsBki7cLzxtVEC1y0DQEl-rBIuGkVvy2CRgk3cPDsDzZrUu1gSA5rA&adurl=;js=1;adfxid=2x;6111;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fwww.farfeshplus.online
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
d4942ed496b0ea1a2526c0c58fc1d04003bea0e8737328d08afa1f3ae1fd6dab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:21 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
3591
expires
-1
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 44D8 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 17 Jan 2022 13:26:12 GMT
expires
Tue, 18 Jan 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
73869
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame B77C 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2367116676eb13be00f1c2e1d346fe159764ce9f7330f9fdcd439e2308dfce4c

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.215/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame B77C 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.215/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
1f647589f081c26a24954bf8f32fb7ea1b828fe3a41cebc760154191a167efea

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:21 GMT
content-encoding
gzip
last-modified
Wed, 05 Jan 2022 15:01:11 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 19 Jan 2022 13:21:50 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 44D8 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEB_B1l5fjqeRliErGwbTbMg&google_cver=1&google_push=AYg5qPIUY-iva-BTi_egHJ3kMms7SX7gaOgOjAxuJWdP_jqZ1p8NuNrXT0FJlPdaahhizYlhdXMZ5Kqan7fH4c-oF1DSwj_eZ0E
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:21 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 44D8
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEJdbv-3tVAPXzjw7ASyadrc&google_cver=1&google_push=AYg5qPLYhfkPyvncV9yKf5oyrzxDDrYBW3vpQCDhGS1DCJPiyIVpe0m4KFSaEBoTosHWQHrPhDNvLKM-0YDDFw...
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPLYhfkPyvncV9yKf5oyrzxDDrYBW3vpQCDhGS1DCJPiyIVpe0m4KFSaEBoTosHWQHrPhDNvLKM-0YDDFwKmonz1Cxgt74U&google_hm=hmHmjv_KZ9QonQa0xQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPLYhfkPyvncV9yKf5oyrzxDDrYBW3vpQCDhGS1DCJPiyIVpe0m4KFSaEBoTosHWQHrPhDNvLKM-0YDDFwKmonz1Cxgt74U&google_hm=hmHmjv_KZ9QonQa0xQ&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D61E68EFFCA67D4289D06B4C5BLIS
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPLYhfkPyvncV9yKf5oyrzxDDrYBW3vpQCDhGS1DCJPiyIVpe0m4KFSaEBoTosHWQHrPhDNvLKM-0YDDFwKmonz1Cxgt74U&google_hm=hmHmjv_KZ9QonQa0xQ&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D61E68EFFCA67D4289D06B4C5BLIS
date
Tue, 18 Jan 2022 09:57:21 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 44D8 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KZUPGZgJ7AiHvMmZQAnSbUjb2blZG4teBrizU
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:21 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
/
track.adform.net/csimpr/ Frame B77C 		35 B
502 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=43265175&csi=22w76kiuOyGbnKEhvb5lwWwXW2y5wSYYeo6_77kDymgJDwKV3Zer3HeVl6hLcT5V-jYbdsad1Mx_EMdsLJT63N6vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:21 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
50769037.gif
s1.adform.net/Banners/50769037/ Frame B77C 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/50769037/50769037.gif?bv=2
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
36c9d925cab0545d48271ed477b0a9f34b0de6f375762d9e64f8885fcc03fe74
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:21 GMT
last-modified
Fri, 07 Jan 2022 09:21:41 GMT
server
nginx
etag
"61d80625-8542"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/gif
content-length
34114
gen_204
pagead2.googlesyndication.com/pagead/ Frame B8FD 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BUK3wAY_mYdXbG6Xa7_UP68uKkA8AAAAAOAHgBAI&bg=!ODulO3_NAAaocxMpqHM7ACkAdvg8Wj3czIGgE4NOGqBXk2CGM6LMtgbg4tXz0LMzyfUIXoN1FOgvawIAAACJUgAAAAVoAQcKAHAJLBJn6elcu-T6b19jdpEY6MAjCY6fPFncyTL8dFvv3DdXl6QJph_YlJulvxUHpPdYdhzIGdn2PlMT4a7ZD2glqWE95pIFyT6NEwhk2YeC-VKQ4SMlLIEqYMP1vE_SWNgtF6SZxxkFBQvhQkYdRS86mQMjx_qwyS6VRJnQwo-1Z9mENoYDcr8RC210LTqLC3Citg5L7_I_6ZheotLSH3qJQf_LhMnv9_1XEShe6CiIRYaC5CyJRTSY42nbh9rf9O5sj7KkuTTtZ6WLdmwvy1MfY-rx77x403L2T8i9GgSCHDlyFHX35aB2iPgK1fcKBvNFOGMR2N0ocLdDwZYWQ2G5crqEd2-ppZeedZ7QtEtE4J8FIkTjdt7UG8szaC3aeSYWaPYkGSYdcrUb1TzvNAgYHufoqlw7eurO4wmRG2VEtYNyAOh8nUxKkx6JTy233AKYiyWi8MAPjPZkswJbXaVeAsFsh9na2SvhxiTJhKY8aSAGQ0Mx7SXj5wSx5RdCXqjKewA1cv3GK1m7pmWnYYOLI1gFI5ORlQ1DffVzmSM_5zYy_0KouN1Kjl13X4shzlb5UngZ9q8eM1yQ5qIZZuNP_1dDa4sdTq6oi6LcfwYEE4RKOKBkWq1HMLNeeasPv9UjCoB9obscrRntLm9FSft9vg9dGCx7vDfPgOqTe0orU-fsl-WnaMTmCeLqiWED4XEKO8fvzBKFzOknqMuN6mOD7Tz5XniuZjpbjtyDK-trlr-cX8e5W9zEcD6W5_O0jq02sd7DeNAAN0FMa--j1a0Ovcf1HQHfTvY39_P0-R6OyennIyiKkVXO0Omi_C95pz3lh88zehogitSAxEXQPLnm4_ZI1EOVerMDCKPzL136BuyGgydK7LUFUDDqXHo2p2hpIhBJiCmZqpDIP-new2XqHkiYOh5xbGoPKwG2zuupV09gTAyitzuekWyCIGP45MyqITtgZVscxOzm211wRr4hQSijytX3mwlGfrCH7YLNKbyGMuALYmpsYkPg9zT1dI6DHmjxQyn3nXr_BOGVbuE519z58QVq9fTPRNwjWvWyF-3YqHVHbrJ_K0lx0WQtzzvzlAX5xUncjciOJVGw8lJynU5eDKh8dyFVhuiNhsuBtkUXi7KWZQ1xVvKO_B5JSBqgOgBw7TnG5tmtWH8puKaRUHxDdZSrMIgjA4ud9PcdKAJ87iPNAfLBASETey6ViFPjbEzZ9XQ
Requested by
Host: 58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
URL: https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19010/hb_323303_12961.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:22 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 19 Jan 2022 09:57:22 GMT
syncframe
gum.criteo.com/ Frame D7DB 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.farfeshplus.online
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
133be2ab152b1c9f408e9a597430361539cf3b8255a0a92f8a8a8a885e079702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2249
date
Tue, 18 Jan 2022 09:57:22 GMT
content-length
4161
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:57:22 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:43 GMT
server
nginx
etag
W/"61cc54f3-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 19 Jan 2022 09:57:22 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B77C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsviSrXOajQfGsUZJ7h4_KfpNzGaijWaxkmdJ-QfRL-dTndlxRZ9QBHBRh9UHR10FaQVFpeLAunIdHWPnuNmoj-Yw65OA0NdVjrXyCyxgR-Y5wjx1vM6vw&sai=AMfl-YSGme0og5EDsuOLxx8hJuLXTul-7lR8EmDw6buZjTdKH8yVPDblD_33DU7SMZ5HprwR4Bad_HbJYOmLcFQr_PfdbF_hIdAYgcwL4yUgN3Bl75_F2FM7CHIA7UD0&sig=Cg0ArKJSzIzpkhJ0DdV5EAE&cid=CAASEuRoSbuWAMRYKB3oUVvgRxn5SQ&id=lidar2&mcvt=1002&p=1116,0,1370,300&mtos=0,915,1002,1035,1035&tos=0,915,87,33,0&v=20220112&bin=7&avms=nio&bs=0,0&mc=0.78&if=1&app=0&itpl=20&adk=270484219&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1642499842540&rpt=287&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame D7DB
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=farfeshplus.online&sn=ChromeSyncframe&so=0&topUrl=www.farfeshplus.online&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=4iiK0HxhVkdBelV5N2hJWWt1eDN4M1lVbFdBNWxuc2tsVG5tK0drMFVMVUJSTHU4K1lFcytmRzgzY05vOWdQZTFiNmMzVWRBcG53WTZEcVg1L0RXSll6M0NCTm9XdE81T2FZSC8rN1Y2dHJNNTAxRXZ4YUFrNUNjeHZjSE...
471 B
653 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=4iiK0HxhVkdBelV5N2hJWWt1eDN4M1lVbFdBNWxuc2tsVG5tK0drMFVMVUJSTHU4K1lFcytmRzgzY05vOWdQZTFiNmMzVWRBcG53WTZEcVg1L0RXSll6M0NCTm9XdE81T2FZSC8rN1Y2dHJNNTAxRXZ4YUFrNUNjeHZjSEgwYjNubml4ZXBWNUpOaHFiQ0t4ZDNXd0lmZ2xEc2FJVHR1K0lwOHoranhKSlJxYjVyMTQ5Lytta1J1K3FEby9LUmgxdVo2bDc5MWtualdyaVpnSDhoVjRhVjAvR2V6Q095YzVXVXJKV0xZRjZVdXZ4eVpkSWFEeTBqZmtja2FsT3VZd0N4eEVsTVZUZTlTNmw4N2FrYmNDQ2M3SnBPZz09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e8e2782a312ca1e0a5e176ebbb8b5a0ff586dc11504ceffc1f2f63b0aba22057
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:22 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3740
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:22 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=4iiK0HxhVkdBelV5N2hJWWt1eDN4M1lVbFdBNWxuc2tsVG5tK0drMFVMVUJSTHU4K1lFcytmRzgzY05vOWdQZTFiNmMzVWRBcG53WTZEcVg1L0RXSll6M0NCTm9XdE81T2FZSC8rN1Y2dHJNNTAxRXZ4YUFrNUNjeHZjSEgwYjNubml4ZXBWNUpOaHFiQ0t4ZDNXd0lmZ2xEc2FJVHR1K0lwOHoranhKSlJxYjVyMTQ5Lytta1J1K3FEby9LUmgxdVo2bDc5MWtualdyaVpnSDhoVjRhVjAvR2V6Q095YzVXVXJKV0xZRjZVdXZ4eVpkSWFEeTBqZmtja2FsT3VZd0N4eEVsTVZUZTlTNmw4N2FrYmNDQ2M3SnBPZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1897
content-length
541
expires
0
/
track.adform.net/serving/unload/ Frame B77C 		35 B
502 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=8202257781967814228@@43265175,5042962535972020586,99|1086|0|0|0|0|0|0|0||42|1|||||1|0|0|vSMzDHxn3y3xBx_RTJEBJ6b4sRV7ZGZ-6BETNTzl2bKsaUurso0_RIm3nyX34Xgm0|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:22 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.farfeshplus.online%2F&domain=www.farfeshplus.online&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.farfeshplus.online
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
https://www.farfeshplus.online
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1699
date
Tue, 18 Jan 2022 09:57:23 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.farfeshplus.online%2F&domain=www.farfeshplus.online&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=mPBuVXxDZ1IzbWpDR09jRG5KZ1VxdDExdnJ4VFRXbTVLMXhMTXVjcVh2QmpkUk1JcEtJVGZTVjVtRVBFRHNUREp2WE5sTWZjQjhNVjVjMXk0N1N2RWtJc2hPcXZQdlRDT0N0SG9pWmRMeGJKMmMvZSs2OEpxS2pJdWR0NW...
456 B
693 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=mPBuVXxDZ1IzbWpDR09jRG5KZ1VxdDExdnJ4VFRXbTVLMXhMTXVjcVh2QmpkUk1JcEtJVGZTVjVtRVBFRHNUREp2WE5sTWZjQjhNVjVjMXk0N1N2RWtJc2hPcXZQdlRDT0N0SG9pWmRMeGJKMmMvZSs2OEpxS2pJdWR0NW1LQlFWQVZIRkdIQ3Q4OVFtcCttWXlhQUJjS1VsRVdyOTg1VXI4c1NjY3JRRDZQc2RnZzZ6N1grNVZiRk96TXlnZ3VnbzBqRHB5SHVLY2I5ZWt2bVV3RzNWV0lSMFRWbXpVUy8yM0pOUFhnaWk5KzVudEpTN0svcWF2TlRTRWZRTnBWbDNrc0h4LzZ0VkdkeG9CZDFkbmZzMmxFZjl4eWlRZGFRUDMzMnBWZFlwVmxjNXppQT18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
f7796bbccd30db62cc74ad65dfa1491d6ca8829b92efea5bb4998f13a7661887
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.farfeshplus.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:23 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3015
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:23 GMT
location
https://mug.criteo.com/sid?cpp=mPBuVXxDZ1IzbWpDR09jRG5KZ1VxdDExdnJ4VFRXbTVLMXhMTXVjcVh2QmpkUk1JcEtJVGZTVjVtRVBFRHNUREp2WE5sTWZjQjhNVjVjMXk0N1N2RWtJc2hPcXZQdlRDT0N0SG9pWmRMeGJKMmMvZSs2OEpxS2pJdWR0NW1LQlFWQVZIRkdIQ3Q4OVFtcCttWXlhQUJjS1VsRVdyOTg1VXI4c1NjY3JRRDZQc2RnZzZ6N1grNVZiRk96TXlnZ3VnbzBqRHB5SHVLY2I5ZWt2bVV3RzNWV0lSMFRWbXpVUy8yM0pOUFhnaWk5KzVudEpTN0svcWF2TlRTRWZRTnBWbDNrc0h4LzZ0VkdkeG9CZDFkbmZzMmxFZjl4eWlRZGFRUDMzMnBWZFlwVmxjNXppQT18&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.farfeshplus.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1877
content-length
567
expires
0
692.json
id5-sync.com/g/v2/ 		213 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19010/hb_323303_12961.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.195.5.40 , France, ASN16276 (OVH, FR),
Reverse DNS
p17.id5-sync.com
Software
/
Resource Hash
d87570ecd6d1b6d03285eb7d1c2d1835ac3bcb163c621c9bbd2bbb40663ce63a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.farfeshplus.online/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.farfeshplus.online
Date
Tue, 18 Jan 2022 09:57:23 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
dt
dt.adsafeprotected.com/ Frame 4E33 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=913323&asId=ed04b975-1387-be09-c711-eea4dfa77ae9&tv=%7Bc:1DPkWp,time:5721,type:e,env:%7Bnr_p:5%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:5721,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.41.40,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B5713~0%5D,as:%5B5713~41.40%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:137,fm:sURrW8d+11%7C12%7C131%7C132%7C14%7C151%7C16%7C17%7C18%7C191%7C192%7C1a1%7C1a2%7C1b.919015-59742583%7C1b1%7C1b2%7C1b3%7C1c.925113%7C1c1%7C1c2%7C1c3%7C1d1%7C1e11%7C1f1%7C1g1%7C1h11%7C1i11%7C1j1%7C1k*.913323-59535428%7C1k1%7C1l%7C1m,idMap:1k*,rmeas:1,rend:0,renddet:svg.us%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.27.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-27-110.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:24 GMT
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=mPBuVXxDZ1IzbWpDR09jRG5KZ1VxdDExdnJ4VFRXbTVLMXhMTXVjcVh2QmpkUk1JcEtJVGZTVjVtRVBFRHNUREp2WE5sTWZjQjhNVjVjMXk0N1N2RWtJc2hPcXZQdlRDT0N0SG9pWmRMeGJKMmMvZSs2OEpxS2pJdWR0NW1LQlFWQVZIRkdIQ3Q4OVFtcCttWXlhQUJjS1VsRVdyOTg1VXI4c1NjY3JRRDZQc2RnZzZ6N1grNVZiRk96TXlnZ3VnbzBqRHB5SHVLY2I5ZWt2bVV3RzNWV0lSMFRWbXpVUy8yM0pOUFhnaWk5KzVudEpTN0svcWF2TlRTRWZRTnBWbDNrc0h4LzZ0VkdkeG9CZDFkbmZzMmxFZjl4eWlRZGFRUDMzMnBWZFlwVmxjNXppQT18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1046
date
Tue, 18 Jan 2022 09:57:23 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
/
track.adform.net/serving/unload/ Frame 5F35 		35 B
493 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=8202257781967814228@@44454688,6157690812065322531,0|0|0|0|0|0|0|0|0||0|1|||||1|0|0|toEvUd1fhuNcPlakbYq96ab4sRV7ZGZ-yVInGkpym26teZhWrGLop4m3nyX34Xgm0|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:24 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
dt
dt.adsafeprotected.com/ Frame 0C38 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=919015&asId=eaba1760-563e-c9d1-4df5-9123dc4ce96a&tv=%7Bc:1DPlbS,pingTime:5,time:7055,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:674%7D,%7Bpiv:100,vs:i,r:,t:2054%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:2054,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:674,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1405~0,0~100%5D,as:%5B1405~728.90%5D%7D%7D,%7Bsl:i,t:2054,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:125,fm:sURrW8d+11%7C12%7C131%7C132%7C14%7C151%7C16%7C17%7C18%7C191%7C192%7C1a1%7C1a2%7C1a3%7C1b*.919015-59742583%7C1b1%7C1b2%7C1b3%7C1b4%7C1c.925113%7C1c1%7C1c2%7C1c3%7C1d1%7C1e11%7C1e12%7C1f11%7C1g1%7C1h11%7C1i11%7C1i12%7C1j1%7C1j2%7C1k.913323-59535428%7C1k1%7C1k2%7C1k3%7C1l%7C1m,idMap:1b*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.27.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-27-110.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:25 GMT
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 0C38 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=919015&asId=eaba1760-563e-c9d1-4df5-9123dc4ce96a&tv=%7Bc:1DPlbS,pingTime:5,time:7055,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:674%7D,%7Bpiv:100,vs:i,r:,t:2054%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:2054,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:674,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1405~0,0~100%5D,as:%5B1405~728.90%5D%7D%7D,%7Bsl:i,t:2054,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:125,fm:sURrW8d+11%7C12%7C131%7C132%7C14%7C151%7C16%7C17%7C18%7C191%7C192%7C1a1%7C1a2%7C1a3%7C1b*.919015-59742583%7C1b1%7C1b2%7C1b3%7C1b4%7C1c.925113%7C1c1%7C1c2%7C1c3%7C1d1%7C1e11%7C1e12%7C1f11%7C1g1%7C1h11%7C1i11%7C1i12%7C1j1%7C1j2%7C1k.913323-59535428%7C1k1%7C1k2%7C1k3%7C1l%7C1m,idMap:1b*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.27.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-27-110.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:25 GMT
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
/
track.adform.net/serving/unload/ Frame B77C 		35 B
502 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=8202257781967814228@@43265175,5042962535972020586,99|4896|0|0|0|0|0|0|0||189|1|||||1|0|0|vSMzDHxn3y3xBx_RTJEBJ6b4sRV7ZGZ-6BETNTzl2bKsaUurso0_RIm3nyX34Xgm0|||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 18 Jan 2022 09:57:26 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2XNHwXtzuP2-t_eIo5PuokixDQSIHNQnRPaLRy0kLvnNDuQBO-vUtibgh4iyX6w
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4j9tgFAyXt9&google_gid=CAESEMb4L-SDRg6RMhw1cyFIVVU&google_cver=1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ26z8yU1Rf4&google_gid=CAESEDKDrsbuClS9rb1mUetD314&google_cver=1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq8OiIUzIYKw7NQZY7v0k9vPrkb_XsWMisUTNxBkhs4UEFcoELNH2t1DZwjzW_-i5
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=N41tSatMStam4SBWwOMwKw&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0X0sI9GVSnsvxv

Verdicts & Comments Add Verdict or Comment

150 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| googletag function| $ function| jQuery object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async string| google_user_agent_client_hint function| autoScroller function| ExpandCard function| ChgImg function| CgMainBG function| ChgImgBG function| ChgImgBGSrc function| chg_location function| OpenWindow function| ChgBgColor function| OpenLink function| PrintDocument function| SendDocument function| SendSong function| ChkFields function| MusicPlayer function| MainMusicPlayer function| MainMusicPlayer_tst function| ChkFields2 function| PostComment function| PostWish function| ShowWish number| CommentCounter function| ExpandComment function| PostEvent function| PostQuestion function| resizes function| AdhaCards function| FitrCards function| ChristmasCards function| GreetingCards function| getScrollingPosition function| HideFooter function| resize_box string| demandSupplySc string| demandSupplyCr number| demandSupplySr object| houseAdCampaigns string| demandSupplyTi number| demandSupplyAp object| demandSupplyTc object| demandSupply object| dspbjs object| _app object| jQuery111308303479429323475 function| gtag object| dataLayer object| _atrk_opts function| sticky_relocate number| dir number| MIN_TOP number| MAX_TOP function| autoscroll object| gptAdSlots string| url function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc function| openCity function| mouseOver function| mouseOut number| tot_GradCounter number| grad_current_counter object| OutsidePics object| subject object| sID object| category object| html_links function| grad_func function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| interstitialSlot undefined| staticSlot object| adipolo object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| FB function| atrk boolean| _atrk_fired object| jQuery111106496978277373509 function| onYouTubeIframeAPIReady object| google_llp object| vpb object| gaplugins object| gaData function| vmpbjsChunk object| vmpbjs object| _pbjsGlobals string| nobidVersion object| nobid object| GoogleGcLKhOms object| Criteo object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117

81 Cookies

Domain/Path Name / Value
live.demand.supply/ Name: demandSupplyTi
Value: a7e4857e-529a-44b4-a670-64e0af725a26
.farfeshplus.online/ Name: _ga_DNX5KLEBSB
Value: GS1.1.1642499837.1.0.1642499837.0
.farfeshplus.online/ Name: __asc
Value: cffe014117e6c9e8e1777eec7cf
.farfeshplus.online/ Name: __auc
Value: cffe014117e6c9e8e1777eec7cf
.farfeshplus.online/ Name: _ga
Value: GA1.2.321309147.1642499837
.farfeshplus.online/ Name: _gid
Value: GA1.2.1584411792.1642499838
.farfeshplus.online/ Name: _gat_gtag_UA_192956646_1
Value: 1
.adtelligent.com/ Name: vmuid
Value: d13c6ca0430f3af5
.doubleclick.net/ Name: IDE
Value: AHWqTUkTwQiiJiLePHTUnfw4j2ysIUg4x_BPhGg-tADo8gY3oNYmXrUgIzfLGWofmzY
.casalemedia.com/ Name: CMID
Value: YeaO-dp9OUtgjeqPLoebGgAA
.casalemedia.com/ Name: CMPS
Value: 239
.adnxs.com/ Name: uuid2
Value: 5419818236787933706
.adform.net/ Name: C
Value: 1
.doubleclick.net/ Name: DSID
Value: NO_DATA
.casalemedia.com/ Name: CMPRO
Value: 687
.casalemedia.com/ Name: CMRUM3
Value: 2d61e68efe2760CAESEAxIdgXNDGi4hBZXgYlVjZI
.krxd.net/ Name: _kuid_
Value: Om9ddk56
.myvisualiq.net/ Name: tuuid
Value: 464e82a6-46d1-4911-9215-b9ec84ca5123
.myvisualiq.net/ Name: c
Value: 1642499838
.myvisualiq.net/ Name: tuuid_lu
Value: 1642499838
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2IlhuUl*j!]tbp8i_iqf!oN/@E'zz<*Z0Q*W?HyTgdoAw2?:tpN9K[/%4/3<q*#kJ*g3T<QG=%9sk@3@'s>T<H.gY
.spotxchange.com/ Name: audience
Value: 05a564b5-7845-11ec-8529-1a3233820306
.advertising.com/ Name: APID
Value: UP05ab1ff6-7845-11ec-9b4c-0648c8367d06
.yahoo.com/ Name: A3
Value: d=AQABBP6O5mECEKeSqN_oesp2skvWcMSso6QFEgEBAQHg52HwYQAAAAAA_eMAAA&S=AQAAAgEXUEkl7WwYk6uTbqiJ75o
.adform.net/ Name: uid
Value: 8202257781967814228
.adform.net/ Name: TPC
Value: 1642499838660
.yahoo.com/ Name: APID
Value: UP05ab1ff6-7845-11ec-9b4c-0648c8367d06
.yahoo.com/ Name: APIDTS
Value: 1642499838
.quantserve.com/ Name: d
Value: ECABCQGdJYEA
.quantserve.com/ Name: mc
Value: 61e68eff-02490-15779-7e9c5
.casalemedia.com/ Name: CMST
Value: YeaO-WHmjv8A
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.agkn.com/ Name: ab
Value: 0001%3AAgE%2FkTOa94LpSVYMs6s6GsFApoWXMjZM
.agkn.com/ Name: u
Value: C|0CEApeUt_KXlLfwAAAAABAQ13AQEAAQpAAAAAAA
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 4CA43A41-B719-457A-B755-1D478800F20C
.rlcdn.com/ Name: rlas3
Value: rkhiWyyGfWsrbcaPKdxNAxvAIpSPKBQB2qK6UW6s/ls=
.rlcdn.com/ Name: pxrc
Value: CP+dmo8GEgUI6AcQABIGCOndKhAA
.analytics.yahoo.com/ Name: IDSYNC
Value: "1762~22q9:18yl~22q9:18yx~22q9"
.ctnsnet.com/ Name: cid_177cfcf1ac8344ee8234fded54ca2cf6
Value: 1
.3lift.com/ Name: tluid
Value: 13788568483307127060
.blismedia.com/ Name: b
Value: 61E68EFFCA67D4289D06B4C5BLIS
.sharethrough.com/ Name: stx_user_id
Value: abef7a6d-f129-422f-9968-b6263d5bb5e8
.innovid.com/ Name: uuid
Value: c82de801-1a43-47c7-99f8-11529b8e1275-20220118 04:57:19
.simpli.fi/ Name: suid
Value: FD9A76CC83284410BC4C128ABD676C35
.mathtag.com/ Name: uuid
Value: 997f61e6-8eff-4600-b734-a9568004f6e9
.mathtag.com/ Name: mt_mop
Value: 4:1642499839
.bidswitch.net/ Name: tuuid
Value: dbae90e2-ccb0-41ac-971d-b2f5e780a7d3
.bidswitch.net/ Name: c
Value: 1642499839
.bidswitch.net/ Name: tuuid_lu
Value: 1642499839
.media.net/ Name: visitor-id
Value: 2855014396092153000V10
.media.net/ Name: data-g
Value: CAESEGkTsNV0JDC1-KpBjpFwzac~~3
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-f3ff4f30-b29a-42b2-b2eb-415d4d5ec4c7-003%22%7D
.turn.com/ Name: uid
Value: 2665859478165917406
.360yield.com/ Name: tuuid
Value: 378d6d49-ab4c-4ad6-a6e1-2056c0e3302b
.360yield.com/ Name: tuuid_lu
Value: 1642499839
.bidswitch.net/ Name: google_push
Value: AYg5qPK3wowc710JFd6UxaBcjnDCW_9-VPP9-csZeknDKWA1AGjgLqzJsoENOmfmkyFo5ZF0hALp9nHmlthDHs0wd0IejSzBeBN8
.adhigh.net/ Name: gi_u
Value: u5pisehvU5UN.AikABlF-bJ6XiA
fksnk.com/ Name: AWSALBCORS
Value: SCvm1KMDx2UBEfnDNzsmbgSo24jVew1GHZyPQBpb+1zYsL+HPddfdip9WWmZlPH7MX5Q8HSmbYlZPcaCxDzFKVS9EOH11xbtT0k1AYUiSHWH9sECW255toavV7U3
.fksnk.com/ Name: f_001
Value: 980DEF75CFC97E33
.fksnk.com/ Name: g_001
Value: 1
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-f3ff4f30-b29a-42b2-b2eb-415d4d5ec4c7-003%22%7D
.youtube.com/ Name: YSC
Value: GrQ7KiSIifk
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: fc0LeWfXI1M
www.farfeshplus.online/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.farfeshplus.online/ Name: _pubcid
Value: 21af23e7-1873-4ee7-99d9-83f365bb03dd
pbjs.e-planning.net/ Name: CT
Value: 1
.lijit.com/ Name: ljtrtb
Value: eJyrrgUAAXUA%2BQ%3D%3D
.e-planning.net/ Name: E
Value: AKUuILOp4sIngMp4
.rubiconproject.com/ Name: khaos
Value: KYJXZW73-1B-M8GD
.rubiconproject.com/ Name: rsid
Value: 1|AIfsdBUO++vuGxiryvY1JiLvvLISe5vA13I9S/rzOw93ruqYUnHgQcTybLrliOGkHlnC2jLGXSf3RhKbDHmrK16v7gZTuQpFpUgVPvHWUU1KogWo
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpb2Le8YisRwVqbBgMWySGKaxJuuRhJfvdq+ZEyHU2KgsDMe9zR7+e/69bxGb5XRspt7XBm5zACih/nUO/sd+/wMfhabQi3+krmSq0Z8vA2Pw==
prebid.a-mo.net/ Name: __amc
Value: 1_1642499840_1642499840
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: 3541c132-6bc3-5312-ada2-d505cc445a05
.betweendigital.com/ Name: ut
Value: YeaPAAANB_Dd604lJLYmYmMzVG94oaYEBaeFWg==
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: unm
Value: 1
.farfeshplus.online/ Name: __gads
Value: ID=87207523970a3bf9:T=1642499836:S=ALNI_MYndACsExMYIR_r6LnMLikryImvWQ
.criteo.com/ Name: uid
Value: 6cc54ac4-4e2b-4448-bead-a823e0ea0e3a
.farfeshplus.online/ Name: cto_bundle
Value: AQY2lV9DMFdYa0RQWnVBV2EycVV1ZnlIaTVLbld1Rjh6SXZJN2ZjdEJaQVJEbnV4ejRITENVVjY1RDhvQTl4dVZDRG1YY25MJTJGb25NVEFYJTJCRnp2OE8xeDRlTUlETU1JVE5vYlUxS0JQMDlXSHloblJobzYlMkYlMkZ0a3lCQmxXaWVac0xrb3o4englMkJxbllDOU5LWE5CU0NnejA0cTNuNklpanJZMVZvV3BDbjYwbXVFbGRjJTNE
.farfeshplus.online/ Name: cto_bidid
Value: mvY2C18wJTJGSmZMSU81VGVkUmpZUzZmOEd4VjhnaVFSekc3V1NwbllrUUM3TW1tRGJLYm9FNFFpelZ4TEN3VkFXVUM3ZlZtMGFFV1RiY3l0REthalh6QUxJTzBleHd0T3NmUjlWSVVtZFV1VWFweUdFVjZQMFc3VUNjWUh2VzMzYUpoTTI0

11 Console Messages

Source Level URL
Text
network error URL: https://www.farfeshplus.online/fontsNew/thesansarabic-plain-webfont.woff2
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://www.farfeshplus.online/fontsNew/thesansarabic-plain-webfont.woff
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1738279810&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1642499837&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837136&bpp=5&bdt=596&idt=476&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=utUxa3igyK&p=https%3A//www.farfeshplus.online&dtd=480
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html".
security error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367749956917006&output=html&h=280&slotname=5661428205&adk=1067503192&adf=1738279810&pi=t.ma~as.5661428205&w=760&fwrn=4&fwrnh=100&lmt=1642499837&rafmt=1&psa=0&format=760x280&url=https%3A%2F%2Fwww.farfeshplus.online%2FFP45.asp&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642499837136&bpp=5&bdt=596&idt=476&shv=r20220112&mjsv=m202201100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C120x600%2C300x250%2C120x600%2C160x600%2C300x600&nras=1&correlator=3444761792216&frm=20&pv=1&ga_vid=321309147.1642499837&ga_sid=1642499837&ga_hid=2103662247&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=420&ady=121&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740%2C31064017%2C31064124&oid=2&pvsid=1708355280932279&pem=806&tmod=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=utUxa3igyK&p=https%3A//www.farfeshplus.online&dtd=480
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html".
javascript warning URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271802&client=ca-pub-1231661633440980&fa=2&ifi=47&uci=a!1b&btvi=6&xpc=YXtFIlUI89&p=https%3A//www.farfeshplus.online
Message:
The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPKvWvh1dvledUNP-478tr24spAPFnuZdNXrkZZGrjomCt5jvoo0wAih9_PYeGXHtl-cKb-jftmsbtgehyORn4j9tgFAyXt9&google_gid=CAESEMb4L-SDRg6RMhw1cyFIVVU&google_cver=1
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_cver=1&google_gid=CAESEA_b7D5mtwA0k6vzJslJ-fo&google_push=AYg5qPKoytHlZ-HiFv8CStXwQe8EZyVHU2M2XNHwXtzuP2-t_eIo5PuokixDQSIHNQnRPaLRy0kLvnNDuQBO-vUtibgh4iyX6w
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_push=AYg5qPLxDZxF2RnSiZrpvEXBXmQIj_foxtNZvRpELF0JWc4UmSqLa2SwDvtvl5BuDBbH3COHfI912_Wy9zByFkmzJ26z8yU1Rf4&google_gid=CAESEDKDrsbuClS9rb1mUetD314&google_cver=1
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YeaO_dp9OUtgjeqPLoebGgAAAq8AAAAB&google_gid=CAESEIaYUNi9I9ttgg6frOd-ccQ&google_cver=1&google_push=AYg5qPKtUGolrTsbEVw9HB1RnjP8wRC5_gXCq8OiIUzIYKw7NQZY7v0k9vPrkb_XsWMisUTNxBkhs4UEFcoELNH2t1DZwjzW_-i5
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=N41tSatMStam4SBWwOMwKw&google_push=AYg5qPIvwQIPcUGWeKBXPAJcrG4mOze6PQm6YPGvJDHBtWG7TBf0g-M5_HCh1EiSm32b4yYs1WcAAcw9D9SANd0X0sI9GVSnsvxv
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
javascript warning URL: https://www.farfeshplus.online/FP45.asp
Message:
The resource https://live.demand.supply/p4/v14-0-0/d3d3LmZhcmZlc2hwbHVzLm9ubGluZS8= was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

58ceb005c2dd6acfe0acdc05b74e4b23.safeframe.googlesyndication.com
ad.doubleclick.net
ad.turn.com
adipolo.com
ads.betweendigital.com
ads.yahoo.com
adservice.google.com
adservice.google.it
adtelligent-d.openx.net
ag.innovid.com
ajax.googleapis.com
ap.lijit.com
beacon.krxd.net
bidder.criteo.com
cc.adingo.jp
certify-js.alexametrics.com
certify.alexametrics.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
connect.facebook.net
cs.media.net
d.agkn.com
dm.hybrid.ai
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
fastlane.rubiconproject.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcm.ctnsnet.com
ghb.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
gum.criteo.com
hb.aplhb.adipolo.com
hbopenbid.pubmatic.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image6.pubmatic.com
images.farfeshplus.online
jscdn.greeter.me
live.demand.supply
m.exactag.com
match.sharethrough.com
mug.criteo.com
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbjs.e-planning.net
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pixel.advertising.com
pixel.everesttech.net
pixel.rubiconproject.com
player.adtelligent.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
px.adhigh.net
r.turn.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rtb-csync.smartadserver.com
rtb.openx.net
s0.2mdn.net
s1.adform.net
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssc.33across.com
ssp.adriver.ru
static.adsafeprotected.com
static.criteo.net
static.doubleclick.net
static.xx.fbcdn.net
sync.1rx.io
sync.adtelligent.com
sync.go.sonobi.com
sync.mathtag.com
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.myvisualiq.net
t.trafmag.com
tpc.googlesyndication.com
tr.blismedia.com
track.adform.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.farfeshplus.com
www.farfeshplus.online
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
cm.g.doubleclick.net
104.90.104.248
104.90.192.189
104.92.100.195
13.248.245.213
142.250.184.194
142.250.185.166
142.250.185.226
142.250.186.162
143.204.98.17
147.75.38.124
159.122.14.34
178.162.133.149
178.250.0.157
178.250.2.131
18.156.0.31
18.185.129.183
18.198.95.145
18.207.27.110
185.18.205.174
185.18.205.182
185.184.8.65
185.29.132.241
185.33.221.13
185.64.189.112
185.86.137.122
185.86.138.143
185.94.180.125
193.200.65.5
193.232.148.142
198.47.127.19
2001:4de0:ac18::1:a:1a
2001:678:cb4:bbbb::11
205.185.216.10
213.19.147.45
213.202.235.8
217.182.200.29
2600:1f16:bc:1200:78ca:598c:4091:a825
2600:9000:224a:200:8:48e:53c0:93a1
2602:803:c003:200::31
2606:4700:3037::ac43:81bf
2606:4700::6810:8616
2620:116:800d:21:3175:5196:e3fd:8c1d
2a00:1288:80:800::7001
2a00:1450:4001:801::2002
2a00:1450:4001:801::2006
2a00:1450:4001:803::2002
2a00:1450:4001:803::200e
2a00:1450:4001:808::2002
2a00:1450:4001:808::200e
2a00:1450:4001:810::200a
2a00:1450:4001:812::2003
2a00:1450:4001:812::2004
2a00:1450:4001:812::2006
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2001
2a02:2638:1::3
2a02:2638::1c
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:d018:d29:3602:5ce0:1e2e:863d:4da1
2a05:d01c:1d8:8102:6f46:d53f:d0c7:668b
2a06:8640:454::2
2a0c:5c81:5142::2
3.122.111.84
3.122.144.9
34.149.20.76
34.96.105.8
34.98.67.61
35.157.102.105
35.186.193.173
35.227.252.103
35.244.159.8
35.244.174.68
35.73.165.177
37.157.6.234
37.157.6.252
37.18.16.21
44.194.225.67
45.133.44.4
46.249.52.248
51.195.5.40
51.38.120.206
52.210.94.59
52.51.91.250
54.76.87.218
62.149.0.72
66.155.71.149
69.173.144.139
72.251.249.13
81.222.128.213
96.46.183.20
99.86.3.67
021b10ec12fc199e0936ee3b640688b7cf444f343a3e33cfd1094934fbd02042
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
0691a3d6a406d8f14c14387b0fd5bf921163a3dbeae61e7e83ad62248aa46371
077a211d557875f05e0feee60851c43982d77859e8fb536744544f21c39a8b3f
0875985f354cf3729f6fbbc5c3d16b5066655d5b96677c065232c05517b14293
0a39b3b2a8430a65a37ce70a72039526532d0f1afd977d0b65daa4607ccd0680
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be9bbf0ac87ba87d67fed318b09ec4408501d7690ae34ec1256f738625025ab
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c8c4b0d3bb87e9f0294631b6c6ebbadf553717441ea9483d51df7d93029be32
0caeb305f0c5065571d643ac4b6982d1d9f09c00f45b9e333270a73ca63c6d9d
0df7b613c8bcdccbedf96d807423147482aefb96123d33b143d94612e409c5f4
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12afc405919393c03a74d8df97652f158b92bad448cb9717b6c308342c2e2505
133be2ab152b1c9f408e9a597430361539cf3b8255a0a92f8a8a8a885e079702
13b3d907e5f12196acef4a97be670c4c1f23b8167d03e85d25a8493f0311ee5b
13eb588eaec75b2f262d8a9a759fdc3eecc6278aa22da71e9261475eba8e20a5
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
14f4c963a73cf7a10e5fe33f0caa692070cebfe5ea58ea8e1448b2b6913b3cef
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18191afabdd55f31f8da7876213eb471318fcbff80cd186aba13bbe8d7461585
18a8f89bf953e9404baabdd6c9e5c8e0bb356f99d4c7e7259bf5c55affbef4cc
19ff70e284646d02fc1e21d6fc9f1bb2586cf2153807480af67b46b389c76ed6
1c0342e7c965d0c5d6c86ac23f9b181c35e40b78503459e55748d41d17a3e81c
1f647589f081c26a24954bf8f32fb7ea1b828fe3a41cebc760154191a167efea
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
2367116676eb13be00f1c2e1d346fe159764ce9f7330f9fdcd439e2308dfce4c
2477982826e457fcb72cc64fe53fa2eb9f014278af1493bf0f5aea3b62a37cdc
252436489d0d36c8f27388f7d3fd82be85f644a93f32c5eaa04fa372a09252bb
2604c7d05696a4cd255d4826f1cc4bc582679189352836001c9cd041457029d2
2608fa4b646b29b649bc0672de6f53580f22b8b52daadbd5a4a5bc1f5d0a3d18
26f517dbd0424d16a86e7a9aa94611d5d95c9f036a0db15df89218a16e41208f
27925065d33095653c2bc9040eb529f106f0eb6236263a15915ee3c75c33fb11
28302dc4a1d47dd0441896a2deb5d9061dcaf52f1d776179ecf494d6635e3816
28548f5be0493acd11bb3e08ad171effd70e8cbd4a5584c72302b40f11bb22ac
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
29284b45a7fc45684d9643d2da72c9010f383f7cb63a82c783913719b266e0d2
2961d6e64a2259862bbde21c985b1e6878e2b3788388aaa52c31ab2e2a84aa1e
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2afe976ced6a000e8cd514366f3bafa2cf06f39e3015fc4917e113b248e60571
2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c
2c4f0bcb699b110d5cb89f843d624dda1bc7a5af9e41d26d1b67259f152f7a17
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e0443a7e7ea5ebd4d76f314449485fa0514629fe7f82af6978178ded9946fdc
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc
316c626585650b118dc2ca02a311b72962a5d160f89a3b686a942548cea022d2
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
342cc4e23d1403b6e3ab5bcadaca7d87380633edee71f9d90f7ecc453e091c58
36c9d925cab0545d48271ed477b0a9f34b0de6f375762d9e64f8885fcc03fe74
36d5b8b4e2559cb87d5df3c451a4e4d29e4591e4f5af48ffc49e12934a6f1ffc
385bf183c49c72e59b6b62de581a6584fe814abf7f5daf63576e25bd55fb6c09
39ed0d80ffd0bfcf9190be3f48b59dfbf4b21d25bbabc1fbe721d74043f38083
3a2d9cbe8b064e127245b7b16fa32baf1b1512aa3a3c8bdb3e499a4af1eea2f4
3a4fc14180ae118f278fef24fed0c73cb65bb14049d68f0f43b7041090965aa8
3af52eb9f2f15dab677b998d3330f6748bf8ffa76fba5cd85e43934a353d5f04
414065eb8bccfeced9386a863dba180b1ab3153b18395b3bd4e855e0ee860f4e
416cb38e2040045349ac29b4bc162a17a28fa89ec4bc0f8ab59d2ef3ff29c580
4215971a33e7d7983cc8897a90a8cfa353fd54b9b71232957224ac1ae3253e4f
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
438daab5377de93d93617bb1149793ab1b804b7871b32e9b36e89b2baa43bcbe
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
457258926822413faa01d180f312a139fbfad483bac7091d633a6357c5a60c41
460ff0b1da5bacd95df6905ad1c8df05bdda30aa4189e2fef38b53b6318e42ff
46449fb91b592a9cda8ec7896ed14031883d0f40a6cfa413684ae28304a9053b
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
47a00c205ac23427984e572961850c21efd9d16502680c3876904f4a9840e61d
47daa94889ea5783bc3af536a7caf0b98bd9321c26bd0b21cde2ea1cef1846be
47f49c78eb66400d67991eae5c4487d4e65779cf9ccd04c0d12776773ca33f06
4816475814c327a6834f5100a712a2d605233c202443850a1387270c8dd9df43
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48aeb882805125c1e0ba6175b3406d70e4eee52f19a9b0f87235a621bd998fc8
4aee86878e086a5b8dccb4244af0536f33042fb6548718b82495645a6ac73185
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4deb70016de6e591c7f8c17402ab50c1cb8ee5b3f2e02da1bb0fd90ba3189494
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50e73b9f587cd1bf6fbe917157bdce177fb178ceaba7231ed433394a8e2bffbf
5132d372cb173a8a03581054f07b694cf11fbdce25ca75e0b9676abeecd101f0
540241053a5a54a861f421856a3f8ff0ba02f62caf95b8d2863b98ba1fccbf5c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565222ab9fc79b51b743f6ca00c2aeb34816cf9d61795797baf40297a060f269
56b85b53790f989fcc3f306d74f634fcde57471c61af5c61e451deffe8df554e
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
58de3f552e2f8fc2ebb95bab95acf0e5c01752069b82bb3e0d5117f8ea426061
590c9c8a499bf5bd52784c2bbbe0c69bc4f2f8c2ed0cc0e44c3cdaa62e1d672b
5b5c74784e6184c900073e30be3e3b9bf7181be1b584e6940c4a02cff3fc356e
5c0454751b67d2cb1181486a5987ba0d3aecda39cca53bf51d23705fdb20c6bb
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d5c22d6cca0019a77dd48a97d30eed602726fdeaa50402286eb918133da5269
5d7412b3654cfb35cac728b96d2c5fe92c7b01368023b75958ba5562f3ec7d33
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5ee5b9c1a8c9ac9363f1471448a43ace67091f63d91d7c3e2cb0a0706bbb7062
5efb10b5be7a1a6dc3aed09b2816f3f3435dcda3b7d2d7a02f300c8a22b82a7f
618ebcd125b549da2e07106c29e898b42017bff3c9664e7169647ad950e14b34
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
62f2796e6b6d08fe158da147e14d704783027bafe912d9d30dd28b3480380a9b
63b3f5793de3e4f3d18a91472d737e2f1344c9e34a33972fd65ab77d1d06e9b9
63f765390b644643c89da0c07b382b3a0897ff2a33dcae4da86bff0bf9cfbd81
6445368957b4fd4503fa1b75e85ab626dc589032d5456139c98fcf19913d6197
659aba74af795768d9d8d2ed688e49cd5f47d9425d5a1630329a845759b4591d
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
665a3b745b738f0485d71bbda25733c5f762d1405acb1851b3f7ea65e4689a8b
66bdbc6f334ad5094c875459d3a9b88c52f2f065759d45f0d5c8d0262d327ddf
66e297666478a42641876d8bb516ab60b321373124fc1c0439222da446b245e7
66efedac4b5a4bbb9912fe11037164b0f975f444263aab6f7e6fe89ca75819e6
684a1b03dd8acea7f3800bf1238d5e0183c8060a60c4db2bb086317bf935e7df
68515faff3ba3010c5e3f5e384fbcfddbdea453f9702afd289ee2d700a42599a
699ed434469e8797c3723af206749f89a7f46e714fdde74efd329b7d27f7f969
69b0026d350ed5375d10fd19eba6b6a9953bde0b3c0ca2895dbef43c3047ae40
6a5154bc76054450e38b7c60d0137cb161b53b726bb696b0fbd356a63b26db8b
6a7b3c6dd66c88e7db6eeb6ca64342e2256a61bcd96889b2f6337aca61a0237a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c4a0e0f904f05949387a622da12999ca9451e4fe248bc3cc33d611466f94981
6cb13cab2b0f024fef0f4604fc58761383645dce17a443b16a37b151f8eb9b95
6d860e4284f8f00d3566fbc2a83a2071fd144196c8f72583389e662c101e450f
6edfad1d5d6275fc7ade68ffb1f07d480fdbb39579fa359bc9c7ea1d4649fce9
6f98af97ab538ebaab17fccbde794232b5042e8573004280172759c00ad17a8e
70e62c171d4a01b1c49ebdd59fc85b5700e2c2fe37b6ec27c67affb6a2eb2277
71d1e8fb8ca448a380401b306f451d64efd8d4318d0204ffc5ca6db3c22fa611
7273a28495a4bc6feaba27e5a03b6e5489a72620b3180a764fd3d3f6a9dc6781
794d61e219331f90223f84b6f7806082dd2fb5388d3c74af6bab63ad2ce022bb
7a9bd5e35a62f5749877795ff4430de2f4543e3a9bf60fc4368b1e34569226e4
7b770f7ca4e0add0192ef0e6b3af06258a99453263ec73bb08d8f57bdcd2a138
7cb23a8c81d8e04f278b4ebbcc8c169c2f602398e4fb0f336dbf71e4752470c8
7cfab19e4ab0accce469e72412d8c36114eaedb97831e8067869bf4bf2720fb8
809555be35c4964c0f7cd249d9d7cd6d435cba5a3a96f38efb73582f9fa25a3c
813e08a0b6c28a3370c1b31ff8ca993a9655288f107b63425a898fe59fe4b806
8154f84a10e1a5f21583b78b262763c36ed1f1ab1041461fc25f74d8fe6c99f1
815ed75b1fd07d77dbbf39f705b0a8660e67aea1948118aec056a974230e869b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
8514676e0ebf7301f842b4c5b74e88f266ae1926b9acca83b188e9720253fefd
855ec27b2d920d20d9f118c67e5c71600cf3e3417a6095dda4df7be33648c4cb
871afd8d5c5f4581c90eb7ef7eb79ff7b6210cd3a78996782be0e589da682ec0
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
881318b50b31857584f265f26b56b224e9113357d438ef7ad68e62ec1d39374f
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a4ff76232f9c5b9a8829282a44f96a88ad7c45f64ac597228805b1e8e6074ef
8d96e62d2100dbc3307dfc120ccae358500c4f2075315684fd703e35838e24d9
8f19d8e2c2eec8941e3fb606ef52ad505d1de3b9681dd9c2ddc3d73abf4ef1b5
8f53d966fde824d81737373d60fd0edc349ac72f6b26fe8c5874a8e0aaeb3aeb
8faaa0bd8a359200fb81f78b1e56852ddb70f27640479206a95dbee00d1c4cc8
90acdec7799a0f5d492c728dace212a1a401dbcc19aa8ac89fb9af5e3fdb094c
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
93b59e3083f08014a87cc98506a35aaa18ea78568dd127294c3c25ab4a971aaf
9557f56f3619f28850559dec8f9a05189b3d6f00f209f45be3de4d5f77dfeddc
96bdef9ebb22ad09a36b0ac5ac22188269495e5178f76ab7d8ec1cc0fe5d9181
984bf139d47c34ecb84a5ab9e3c9dacca8e4aa0217a73a2a5e4dece072eeebf8
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
9961ff8ce61a82e625d8237184b98fed1f2717647e567fab38ea32a49cf42f6e
99c026411e53cdfc3db357c45c4fec902c3c03d4af9feb36965090b42d3cc403
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9afc605ef0248073b332a3583d096ca17866d9dff1eaef4b532c49062f905926
9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff
9bc336c091f378cd8d5a2433af885015c5f03b8283b2314ba6703de713bcd91a
9cfc03182741e04ceb03550259f7a8fe11705b541be29f199523b64b886a49fa
9d6feebd450355c99036bde7f128dbe3b49a5381e1530be357a585106a83e372
9e4f18dd88edfd7bc0c5f57778cffec1c70edf8c67976cb9ad0c0f66119d87cb
9edd827965a6e1332c3aac5d7d0cc16269f4536a33817f25cb92703f5953c836
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0bec107dc5e1169feb956927f5aa851ce5aa0231f38c0c99ac23cfe7c37a770
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a2c094dd25178dde30b030e1f7a97ea5fc23bbdcdacd2dca77b40118e2ca068c
a2eb35d97f748830a2e6bc35a93799148e6162958a2c5c62671b8e3b2fba6b9a
a34e85e5de50f707ed9b55b8c7752fa7e964b3e169dca41b90bc2075ff7d0555
a4362e8863812121758b54f3759e338a0bde5ff8a6ce818a267101d9c43c5ed9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5c90f78086301527a04b5596ea3c56b816d1173b97d3f646510df3d2bf9846e
a5d958be76e970124b20b9d17b84962fae1ad78a436652cf10194ac5fb3ab27f
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a77f5e8ead93d41e798ecc9111aad04e015b784a8cb7844284ab6e70d9ca67cd
a87a1c72b2e889b01c62c7093236a5996d011ffef5a5db018a7e4ee78f04cf9f
a8b1c8f5f8eeb524adc3fe80ae5e0a87169907a2940cfcad7febd891faec673d
a9efb9e3326654fe345c3bd11401a314ee5c9882d83ab0af9389a8e5323a2e67
aac9552f07e57bcbfa55fd1ecf3a698bfaf85fcba44fd1abeaf75e2ec9bc0caf
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ac7b85c89057a31981b2af0d754be1b67ab4af30d0d0b99e3088ea38562e2f38
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ade31d429c070a04f15347f118e3cd02cc3d21c909d05a5d3271052a6680edb3
ae306870188973eeb4b9ecaef7e901a5f49c6aa35e4ff2aa3c7a42187633b313
ae5096784eed9338131cbece007f7d2b03efbd2eb411e59eaf783b2a28a0b2f8
ae81bba4a601383cc83ebb5b97fd3a5aa2e6916f2470cd106d46e51edf6376a3
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
afcefd979b86557dad008a31968440b63811f0a984e174fac363075e753e9735
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b036201259949ca453154b8aef567ba49b5a61f6585af607cc1322b4f35baeb6
b0eeb29a3c4344f0230f42cb86d58715f59f3ed6d9c93290ab567889a75e8188
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b24f23895469c10cb956b5b39e91a00ced96cf644b2071c8e075f1f3982edadf
b2aacc8fcb4e2a4803c92e5697bff78f91193ff22c2072850b5ffc786cc4b6fa
b481f4a23d62b818cf3746a4d93cbe88bcea3cbf4cba34fc284a23b657c3e0ae
b52e43c691df209e7f701f4ea6437b2c373a6467726efed99791eb4ef5187af7
b5e241c05ef97504f1e6d36729038b053b55e3ff79306ad72d9e65cfa9e25082
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
b6b3afd4f4b9c35753012b5563ef16922a6ae7d25590cc164d3519ee4bb54bd5
b7c55617f84818daf4c70cc10ada26ddd5b582b1d1c2c2829b3220487a6db477
b9297514caaa39a77283db64c751a9c85268fc06e51a082c10058f9b0cf3d2ac
ba1b0d40f6d45aafed9707d8dbc41c7b13307fbc7675cfeabcf03d3b61f1bf17
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb5358c6c980f19540bb6b15ccf641878aa3d8530e3e225df2e59eab005c3dd1
bb820666b483dac59f85def4ea49edac67954b4359b1183a5e6bd6ee031fa048
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bcc5de0f53784c98bf4b3345b43f7d95736bd096e7ce0b8132a0555624adc13a
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bdfa8fc670ea901a70e89fefe2353a557a8c0e75c281a347558015526e5563e0
beac31356467096ae60ed5f7ef8233c223dd5d3ae34291e873f9ee16c6b476ed
c292d53af686283619f5e0a2397f38b21bc9991460bf0ef77dbed460fed14b70
c2944a9cc87b80c4ad8aaaa657319cdbc404bc52a99ed8b96bab556bbb6cadd5
c360230e514279bc6deabf591a7ad22707d3821ca9a813f45731c2954c0f64da
c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036
c4270b933a1c32d89e9b162b6d2127564fa98ab9d46bdcd67c0c7424d7f46a34
c48c9da6c3f37d6bca75a6538a6a0f9552983f2d7a8ae7926d558f73fbd75d49
c4eb35e3dedcefb00cdeec4d928382ec2c202a86da1f3274e2bec7073f4de919
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c58d6b461529fe14761217179c05d3ac5d287c0aa59560c4e618bbba33e97864
c6bd8267aa81f385d77710551f3cee1dc443d4123353c01e978788711221bddc
c6e35365aaada99d091e66776c0273918b9aaa44ec7a0204de1ea0ab64034c0b
c6e96965ed77b26547d2629ba2fee0898d31b4f2dac33ea90004f37f32ac1c25
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
c97af9cb064cb57627d2a2ca3ca22d933f29e9fd7e0a28837c196d2fafd26615
cb1ce97f608c307c9abf3fc4c75247e36b5edd34f7434ee0dad04d62285a47ac
cb90ab4573159ed4cc7aa7264546a68f93a2b9e2809b2090f38a8e84b13996a9
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc821cb54ae0f13f9a67b5775abe0c0dbdc56acad4cdc0b4d9c91d45c7cbb7e1
ccbf3d6c0e7f14cb9db065aa01fa77191af473859bc389040fe3d9321342c726
cce45bed757c6288dd85428e91a2bb91927ce0f1a6cec010ac9f5db184670a7e
ce969297349c7fcfcaf16fb5e8596ce2043baa3ff29d72067b1e2ab41eaffe53
ceb701e729008b5a1681b8ec7fea428995f9899582071c22fec2557d35814896
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1ef159a3c7919706a816c72674ad02c22a367af94e73901eb6f591bc8cfd2ae
d2296921744bce34e43e8755508824d0aa2a3962b560df75d92368181707300d
d4942ed496b0ea1a2526c0c58fc1d04003bea0e8737328d08afa1f3ae1fd6dab
d49e447ea7189c83a39404fab2b4c9323ecf38b36c0b78996376f2c5d9125b0c
d56e4a7af37794743c0341c8a0f7d7562ffafe9ca89b4189cc25228b75e5dc9a
d6407d8034c3640f0287e815a40ff888cf9f8018650b48685db12f7c18221579
d74bee7fd7f696f1d12267064500896b813520e0eba8b058c9895e9f13d12130
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d87570ecd6d1b6d03285eb7d1c2d1835ac3bcb163c621c9bbd2bbb40663ce63a
d8ab03093bda2ecb8dab8d03a8f1709d03f8a658f45f76071c3356b551df6aa3
d93f4f764048996df486e96b2c68f15f4f3b1c110eaff398b681c15b43aa9772
d9f5159bdce22970954434465e61b0bbcaaef31dd427d8d6baf1233b5575b5ee
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
dc9403a1bb6d0f6543447bd56c6ac2bab81b6207d2c460f7727cf42c697da790
dc9b9b710d984c7d3a1e6dfa70e03d31ce299040beb02b0ad6608d2eac9eda01
df1cc3f2c21e29e1bc1a8ecd02688dd597adc32d696ddc92804447527ae71922
dfaf3a28db4a56b9cdb47dd0207869e71f5f16ef55f6bf7c4b950bd964efe1ad
e09639315704980552b92eaae21f66af00a6e8a371f757f76b0b12420c2ed2a7
e14487be0d0baa80ccbf25b0bf11eefba6b6f7bb9e66198e144f9f70e6ad65e4
e1d78f1041f477db1e9bbaca5838b5fc44189f5bbd1b4ffd94a941a28a1cbad6
e1ef7800360b198e12835c27f1b5c5f7c331f6110c9488266b9d3a138943f37b
e2234da9376314bd908edebca14c05c0487e2db54235abdaacc5b7f9515a7162
e2c5aae989ebecc48aa3e455d9e066b4f90add7ecafef55cef8fce5a5823a735
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e2f43f6b7ddbd421caa2f283b114e810e158b5ed13d7fd35884b299303f3b464
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e385929e2dacf4f185f2a6d6655c51aab46d7762b9919743fdb0c59460982b2c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d63915de619799c1e90327bc337166fa793b0b81edd8643b5c9dd48e6522b9
e4082bc229f7bb07422c69a1e02214aa740fcf467378f2a4215d1ebf476e779e
e4e51ad380478c9873d5ea61348986d0874c2cbe4406fd46b43b0f107f5150b9
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e686e88e93d4e7e87d3dc4536f4f63174391a0afd095abacb2859cc59b54637d
e76eb54933180fb19b04705667782dd16c475c3f6a992dbaf9cfa3136ff0915d
e8255667795edb2bb27ff597ffec1ef9ff8dee1b2a27a5d4f616d2d5c9d6a8f4
e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
e8e2782a312ca1e0a5e176ebbb8b5a0ff586dc11504ceffc1f2f63b0aba22057
ea6883243d3b8bc4d5890f404e6aacd73e92f75ff9e5d1031ba35d355877dfa5
eb38fd5cfed2db747df531bac74ce8df6180c8bb165b4eda87c493d81983d3ba
ed86f30660934bec16c81c41e25474ec7ddbb6a2255b27cb121c2b87370b8a5a
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
eda74f2a09e6a4c00d46c091ccf74ffcb7edea989be21f1216602941bceccfb4
edd8c18fdeda20fa4a770ace77af7d67b08ca26ca1788558f30d3afc9a80ff5b
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
eee8c321f319b7b32e9fd853304905527c5edff02acd1528a4d7b5e9aa2c304d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef845b10315a6f2250ef0056cd0bea9b4f044673b6807456731ae25ae84cea4d
effad215e1d5940720e49f2653f1e7201330f9877b65293ae14fee6a90efe91b
f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1
f21e2eda0b3bd79ca2a89a0c5e7ff2332e1eeb73f11f5ae4381660e1f6e40ccb
f21f8f605aaa3aed08a3e4123e1056db63b4a41f4f98adc6a2f253d81c71e11c
f33e058bad7eec4711a93716614b88bd8126b8316320108966e1561d1a1ad941
f44fc673df1581cce8e297b59ef738336d5abc66c0f9c269db42da0cb69afc65
f48e4f636180b9124424ff286073e8508e11594ff65141aa3e454e457052e436
f5b92ca86bc0cbf1aed51d9dc96f80eaa2eccfec08083c8f316ae643f0c13a95
f6a1cf3b26935400970c16bb9eb2cc746c3cc73a702e53e4f1632e5508d5de53
f712c1e362606bf8f7528095249363adb2cdb156b6fd3dbee7814909f3d27774
f7363c13fce13f695220dd53da24faa5091ed845e683bffe775d4acc639d6df9
f7796bbccd30db62cc74ad65dfa1491d6ca8829b92efea5bb4998f13a7661887
f83b839f6524bc7127a8cb06221e035e6c068a3e5dc53c76b19becab24f37232
f9676c052d48afbfc8e6e7e8c5031392a8e8a403e84e3574d8bdfab5b699ebb8
fa40f4a8ee08b163e5c78cd66b81799e23cb9a95ee661c1218a11fc6f3d02431
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
fd65d0f03c5b9464fbed4c23d6e90c442fae0114276ad4b2e858eb97dc800868
fe1f4cbef8809eee7f73028e9a4fadbad6099740842dee943c2fae27eee09852